Edel Finance loses $403K to a flash-loan oracle exploit. V1 remains paused as Edel pledges full 1:1 depositor restoration.
Edel Finance lost roughly $403,000 after an attacker manipulated an on-chain price oracle. Blockchain security firm Blockaid flagged the exploit as it unfolded.
The attacker used a flash loan to distort the exchange rate between two wrapped stock tokens. That distortion let the attacker borrow against collateral worth far more than it should have been.
Edel confirmed the incident hours later and moved to contain the damage.
Read also:
Humanity Protocol Confirms $36M Exploit After Employee Laptop Breach, H Token Crashes 90%
How the Oracle Manipulation Inflated Collateral Value
Blockaid traced the exploit to Edel’s xStock lending reserves.
The attacker manipulated the exchange rate between wGOOGLx and GOOGLx, two wrapped versions of a tokenized stock product. That manipulation pushed the reported value of wGOOGLx collateral to about 78 times its correct price.
With collateral appearing far more valuable than it actually was, the attacker borrowed heavily against it. The result was roughly $403,000 in bad debt left on the protocol’s books.
The attacker deployed new exploit contracts specifically for this attack, according to Blockaid. Funds drained from the reserves moved quickly through Tornado Cash, a mixing service often used to obscure the trail of stolen crypto.
Etherscan records show the exploit transaction and the wallet address linked to the attacker, giving researchers a starting point to track the funds further.
🚨Blockaid's exploit detection system has identified an ongoing exploit on @edeldotfinance.
~$403K drained from Edel xStock lending reserves after a flash-loan-assisted exchange-rate/oracle manipulation let the attacker borrow against inflated collateral.
More details in 🧵— Blockaid (@blockaid_) July 1, 2026
Edel Team Pauses V1 and Pledges Full Depositor Restoration
Edel Finance confirmed the exploit affected Edel Lending specifically. The team said it identified and contained the issue the same day it occurred.
All V1 contracts were paused immediately after detection, and the V1 deployment remains offline. Users are advised not to interact with V1 while the pause is in effect.
The team said it preserved relevant protocol records to determine which balances were affected. Edel stated that no depositor will lose funds as a result of the incident.
The team plans to absorb the bad debt directly and restore affected balances on a 1:1 basis once the process is complete.
An Update from the Edel Team
Earlier today, Edel identified and contained an exploit affecting Edel Lending.
The exploit involved manipulation of the wrapped xStocks exchange rate between wGOOGLx and GOOGLx, causing wGOOGLx collateral to be valued at approximately 78x its…
— Edel Finance (@edeldotfinance) July 1, 2026
Edel V2 Rollout and a Whitehat Settlement Offer
Edel is deploying a new version of the protocol, V2, with a redesigned oracle architecture. The team said the new design targets the specific type of exchange-rate manipulation used in this attack.
Restored balances will become available directly inside the Edel application once V2 deployment and the balance restoration process finish. The team has not yet shared a firm timeline for that rollout.
Edel said it has traced the attacker’s transactions and is coordinating with exchanges and ecosystem partners. The team also extended a formal whitehat settlement offer to the attacker, giving a defined window to return the remaining funds in exchange for an authorized security bounty.
Besides, a full technical post-mortem covering the exploit path and root cause is expected to follow.
Edel pointed to EIP-01 as a relevant next step, a proposal that would introduce governance over protocol risk parameters and supported collateral. The team said its immediate focus remains containment, depositor restoration, and continued transparency until affected balances are fully restored.





Leave a Reply
You must be logged in to post a comment.