Hedera Lending Protocol Bonzo Lend Hit for $9.05M After Zero-Signature Oracle Validation Flaw

AI Market Summary
Hedera-based lending protocol Bonzo Lend was exploited for about $9.05M after an oracle verifier accepted a proof with zero signatures/public keys, enabling extreme price manipulation and under-collateralized borrowing. Withdrawals and points remain suspended while recovery and reopening terms are determined, constraining liquidity providers. The incident highlights validator edge-case risk in DeFi oracle infrastructure and can pressure sentiment toward Hedera-adjacent DeFi and oracle integrations.
Impact level
● Medium
Affected assets
HBAR/USDT-2.02%
AI Insight · HBAR/USDTAI Insight
▼ Bearish
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
Bonzo Lend, a Hedera-based DeFi lending protocol, has suspended withdrawals after an oracle verifier accepted a price update that contained zero signatures and a zero public key, enabling a wallet to borrow $9.05 million with minimal collateral. According to the incident details, Wallet A deposited 250 SAUCE—worth only a few dollars—and at 00:51 UTC submitted a SAUCE/wHBAR price update that inflated SAUCE by roughly 12 orders of magnitude, even as the market price stayed near 0.2 HBAR. Eight seconds after the manipulated price was written to the oracle's on-chain storage, Wallet A borrowed 6.63 million USDC and then lent out 34.5 million wrapped HBAR, bringing the total value extracted to about $9.05 million using Bonzo's reference pricing. The root cause centers on a verification blind spot in oracle infrastructure. The submitted update did not include a valid oracle signature: its signature field was [0, 0], and the referenced committee public key was also zero—an identity element in elliptic-curve cryptography known as the point at infinity. Supra's validators passed these values to Hedera's paired precompiled contract; because both points are mathematical identities, the pairing check evaluates to true by design. The validator then treated the result as proof of an authorized committee signature because it failed to reject zero values, identity points, or non-subgroup inputs. In effect, the network correctly evaluated the equation presented, but the validator misinterpreted that outcome as authorization. Bonzo said its lending contract subsequently used the oracle-stored prices to execute as coded under its loan-to-value (LTV) rules, allowing the inflated collateral valuation to bypass intended risk controls. A second address, Wallet B, borrowed about $1 million while the abnormal price was still live. The wallet contacted Bonzo, identified itself as a white-hat responder, and said it intends to return the funds. Bonzo estimates roughly $1 million has been recovered, though the assets have not yet been returned and the final recovered amount remains uncertain. As of July 13, Bonzo Lend and Bonzo Points remain suspended, and the protocol's status page lists Bonzo Lend and affected asset markets as under maintenance. Bonzo Finance Labs and the Bonzo Finance Foundation are still determining a recovery path and reopening conditions, leaving liquidity providers unable to withdraw. Bonzo reported that Supra has patched the validator, but the lending pool remains closed. Outstanding questions include whether regression testing confirms validators now reject identity inputs, whether Bonzo will implement price-deviation checks or tighten collateral parameters, and how available assets will be handled during withdrawal recovery. The incident remains listed as unresolved, and Bonzo's latest official update, posted July 11, said the protocol would remain suspended. The team has not announced compensation, a reopening date, or user withdrawal terms.