Wednesday, March 11, 2026

Counting the same Bitcoin twice wasn't enough. Now they're minting the same tokens twice too.

Solv Protocol's BitcoinReserveOffering contract shipped without an audit, without bug bounty coverage, and apparently without anyone asking what happens when a callback fires before the books are balanced.

On March 5th, someone asked. 135 BRO tokens went in. 567 million came out. 38 SolvBTC, roughly $2.73 million, walked out the door in a single transaction, looped 22 times over.

Solv called it a "limited exploit." Fewer than 10 users were affected. Funds will be covered. Security partners were notified.

All the right words, in all the right order, the same playbook they ran when their Twitter got hacked in January 2025, the same month Rekt documented their creative Bitcoin accounting.

Third incident in fourteen months, third time the response sounded like a press release drafted before the damage was counted.

The attacker didn't stick around to negotiate the 10% white hat bounty. The funds are in RailGun now.

When you call yourself the largest on-chain Bitcoin reserve, how does one unaudited contract become the crack that swallows $2.73 million?

Read more »

We provide an anonymous platform for whistleblowers and DeFi detectives to present their information to the community. All authors remain anonymous. 
We are all rekt.