The TrustedVolumes DeFi resolver exploit isn't just another hack — it's a case study in how threat actors study their own prior work, and why third-party risk in decentralized finance remains the industry's most expensive unsolved problem.
Fourteen months ago, someone drained roughly $5 million from a cluster of 1inch Fusion V1 resolver contracts. The attacker negotiated a partial return, collected what looked like a bug bounty, and went quiet. On May 7, 2026, that same operator — or one using identical infrastructure — came back. This time, the target was TrustedVolumes, an independent market maker and resolver operating within 1inch Fusion's swap network. The final bill: approximately $6.7 million in WETH, WBTC, USDT, and USDC, split across three Ethereum wallets and confirmed in a terse post on X by the victim itself.
The DeFi resolver exploit did not affect 1inch directly. That distinction matters legally and reputationally. It does almost nothing to address the structural problem the attack exposes.
What Actually Happened Inside the Contract
Web3 security firm Blockaid caught the attack while it was still live — a meaningful detail that its exploit-detection system identified abnormal activity on TrustedVolumes' Ethereum-based custom Request-for-Quote (RFQ) swap infrastructure in real time. At the point of Blockaid's alert, approximately $5.87 million had already been extracted. The final number settled higher, at $6.7 million confirmed by TrustedVolumes.
The attack worked by abusing a public function in the resolver contract. Using this function, the attacker added themselves as an "Allowed Order Signer." Once they gained that permission, they could use old wallet approvals — previously granted by users — to move funds without requiring any new transaction from those users.
That last point deserves emphasis. Users did not need to approve anything. Existing, stale token approvals were sufficient. This is one of DeFi's most persistent attack surfaces — unlimited token approvals that remain active long after a user has stopped interacting with a protocol — and it is still producing eight-figure losses in 2026.
The stolen assets broke down as 1,291.16 WETH, 206,282 USDT, 16.939 WBTC, and 1,268,771 USDC, all drained from the TrustedVolumes resolver contract at address 0x9bA0CF1588E1DFA905eC948F7FE5104dD40EDa31, with the exploiter operating from 0xC3EBDdEa4f69df717a8f5c89e7cF20C1c0389100.
Blockaid was careful to note that the current exploit and the March 2025 incident are technically distinct. Both Blockaid and security researcher Vladimir Sobolev noted that the attack was carried out by the same operator responsible for the March 2025 1inch Fusion V1 resolver exploit — but the vulnerability this time was in TrustedVolumes' custom RFQ architecture, not a recycled flaw from 14 months ago. That distinction matters: this was not a case of an unpatched bug. The attacker found a new hole.
1inch's Reputational Problem It Didn't Create
1inch co-founder Sergej Kunz explained that TrustedVolumes operates independently and serves multiple protocols rather than functioning exclusively for 1inch. That is technically accurate. But it is also precisely the kind of accurate statement that does little to reassure users who route swaps through 1inch's aggregation layer without any awareness of which resolver fills their trade at any given moment.
Kunz said the framing of the exploit as a 1inch-related incident was "confusing and harmful," adding that 1inch is monitoring the situation with security partners and will assist where appropriate. The protocol issued a firm public statement: "We can confirm that neither 1inch nor any of the 1inch protocols are involved. There is no impact on 1inch systems, infrastructure or user funds."
None of that is false. And yet: the same threat actor previously targeted 1inch-adjacent infrastructure, negotiated a settlement, and returned. The category of target is clearly within this operator's active research scope. Whether 1inch has done enough to harden the resolver ecosystem it depends on — by requiring audits, enforcing security standards, or accelerating the transition of remaining V1 resolver contracts — is a question its team has not publicly answered.
Expert Perspective
"We lack security in general. Blockchains just tend to have an immediate payoff. We need to pay more attention to kill switches, monitoring, circuit breakers, and so on."
— Vladimir Sobolev (Officer's Notes), security researcher, speaking to Cointelegraph following the TrustedVolumes exploit
Sobolev's framing is blunt and structurally correct. The gap between how quickly DeFi loses funds — minutes, sometimes seconds — and how slowly the industry builds out real-time defensive infrastructure is not narrowing meaningfully. TrustedVolumes' response was to publish three wallet addresses and invite "constructive communication." That language echoes the approach that recovered a portion of the March 2025 losses. Whether the same attacker views a second negotiated settlement as attractive, having already demonstrated the willingness to return and exploit a second target, is a reasonable question the industry is not asking loudly enough.
Not an Isolated Incident: The Broader DeFi Security Collapse
The TrustedVolumes exploit landed on May 7 as at least the fifth major DeFi breach since the start of the month. During the first week of May alone, monitoring tools recorded five major breaches accumulating losses exceeding $8 million, with victims including Sharwa.Finance, which lost $32,850 due to oracle manipulation, Bisq, which reported an $858,000 breach on May 1, a flash loan attack on SmartCredit on May 4 for $72,000, and a vulnerability in Ekubo's router module on May 5 resulting in a $1.4 million loss.
But those figures are minor relative to what the preceding month produced. Crypto hack losses reached $630 million in April 2026, the highest monthly total since February 2025, when the Bybit exchange lost $1.47 billion. Security firms CertiK, PeckShield, and DefiLlama all confirmed the April figure.
KelpDAO and Drift Protocol were the two largest victims in April. KelpDAO, a DeFi protocol built on Ethereum, lost approximately $293 million after attackers exploited a vulnerability in the LayerZero cross-chain bridge on April 18. Drift Protocol, on the Solana blockchain, lost approximately $280 million after attackers compromised an administrator key. Together, the two incidents account for over 90% of April's total losses.
The KelpDAO exploit deserves particular attention in the context of the TrustedVolumes case, because it illustrates a pattern. LayerZero attributed the KelpDAO attack — with preliminary confidence — to North Korea's Lazarus Group, specifically the TraderTraitor subunit. The Drift Protocol attack from April 1 was also linked to the same state-sponsored actor. Two structurally different attack vectors, the same threat actor, 18 days apart, $575 million drained. Authorities suspect North Korean-affiliated hackers executed the Drift attack using a sophisticated, long-term social engineering campaign involving pre-signed hidden authorizations, draining assets in roughly 12 minutes.
The TrustedVolumes attacker does not appear to be Lazarus Group. The profile — targeting independent resolvers, negotiating settlements, exploiting approval mechanisms rather than bridge architecture — fits a different threat model. But the broader pattern across May and April is consistent: DeFi's attack surface is being actively, systematically mapped by sophisticated operators with long-time horizons who are willing to return to familiar territory when the conditions are right.
The Resolver Model's Structural Vulnerability
The TrustedVolumes case exposes something specific about how DEX aggregators like 1inch and CoW Protocol work. Resolvers — also called market makers or solvers — are third-party entities that compete to fill user swap orders off-chain, then settle on-chain. They hold or access liquidity to do so. That model is efficient. It also means aggregator users are, at any given moment, routing their capital through infrastructure they have not vetted, cannot inspect in real time, and have often granted standing token approvals to without realizing it.
1inch Fusion's resolver network makes this dependency explicit. Users opt in for potentially better prices. The tradeoff is counterparty exposure to independent operators with varying security postures. TrustedVolumes is a sophisticated market maker with infrastructure on Ethereum. That did not prevent it from shipping a resolver contract with a public function that allowed arbitrary order-signer assignment. The audit that would have caught that function is either absent from the public record or failed to flag it.
Globally, this matters particularly in markets where retail participation in DeFi has grown fastest — Southeast Asia, Latin America, and sub-Saharan Africa, where platforms like 1inch and CoW Protocol have seen user growth driven by dollar-cost-averaging into stablecoins and cross-border transfers. Users in Lagos, São Paulo, or Manila who granted token approvals to a resolver during a swap last year have no practical mechanism to know those approvals remain active, or that the resolver contract has since been exploited.
The EU's Markets in Crypto-Assets (MiCA) regulation, fully in effect since January 2025, requires cryptoasset service providers operating in the eurozone to meet specific operational resilience and disclosure standards. MiCA's scope does not cleanly cover decentralized protocols or their independent resolver networks — a gap regulators in Brussels and the UK's Financial Conduct Authority are known to be examining. The TrustedVolumes case adds another data point to that regulatory file.
Key Takeaways
$6.7 million drained from TrustedVolumes on May 7, 2026 — split across two wallets holding roughly $3 million each and a third holding approximately $700,000, all on Ethereum.
The exploit was enabled by stale token approvals and a public function in a custom RFQ swap proxy that allowed arbitrary order-signer assignment. No new user action was required for funds to be moved.
Blockaid's real-time detection system caught the exploit while active — flagging abnormal activity before TrustedVolumes' own team issued a public confirmation. That sequencing matters: real-time monitoring infrastructure is now demonstrably ahead of protocol-side incident response in the resolver space.
The same operator behind the March 2025 1inch Fusion V1 resolver exploit returned fourteen months later to target a different vulnerability in the same category of infrastructure. That is not opportunism — it is methodology.
TrustedVolumes has invited "constructive communication" and signaled openness to a bug bounty negotiation. The company had roughly $40 million in total funding before this round, and the $6.7 million figure represents a material loss.
What to Watch Next
Whether TrustedVolumes recovers any funds — The March 2025 precedent saw a partial return under negotiation. If the same attacker is involved and follows the same playbook, some recovery is possible. If not, this is a total loss and a potential solvency event for an independent market maker.
1inch's response to resolver security standards — The protocol has now been adjacent to two exploits involving the same threat actor. Watch for any public announcement around mandatory audits, resolver contract standards, or an accelerated sunset of legacy infrastructure across its Fusion network.
Token approval tooling adoption — Tools like Revoke.cash allow users to cancel stale token approvals across all wallets. Every major DeFi exploit involving approval exploitation has temporarily spiked usage of these tools. Whether that spike produces durable behavioral change — or just another round of post-hack awareness that fades within a week — is the recurring question.
Regulatory response to the May-April exploit wave — The combination of $630 million in April losses, state-sponsored attacks on Drift and KelpDAO, and now a recurring threat actor exploiting resolver infrastructure will not go unnoticed by the FCA, the European Securities and Markets Authority (ESMA), or the U.S. CFTC, which has been actively developing DeFi enforcement guidance. The window for self-regulation is narrowing.
Circuit breaker adoption across resolver networks — Sobolev's comment about kill switches is not rhetorical. The technical capability to pause resolver contracts exists. The commercial incentive to deploy always-on pausing infrastructure — which could interrupt profitable activity during false positives — has historically been weak. Expect that calculus to shift as losses accumulate and institutional participants raise the bar for the resolver networks they route through.
The DeFi resolver exploit targeting TrustedVolumes is, in isolation, a mid-sized security incident in a market that just absorbed $630 million in a single month. The reason it matters is the pattern it confirms: sophisticated threat actors are treating DeFi's resolver and bridge infrastructure as a recurring revenue source, returning to adjacent targets with improved techniques and long enough time horizons to let security attention dissipate between attacks. Until the resolver model ships with mandatory kill switches, real-time monitoring, and zero standing-approval architecture as defaults — not as optional best practices — the same story will keep repeating, with different names and slightly larger numbers.
Tips and corrections: publishing@startubnews.fyi
