Hack Explained - Sonne Finance

Hack Explained - Sonne Finance


1 min read

Sonne Finance, a decentralised lending protocol on the Optimism blockchain, fell victim to a flash loan attack, resulting in a loss of approximately $20 million. This attack exploited a known vulnerability in Compound v2 forks, particularly targeting the donation function logic.

Behind the Breach

The attacker exploited the protocol’s governance and collateral factors by manipulating a governance proposal and altering collateral factors to favour the exploit. This allowed them to donate borrowed funds, causing a significant shift in the protocol's financial state, leading to the theft of $20 million. The vulnerability mirrored an exploit that had previously impacted Hundred Finance, another Compound v2 fork​.

Rivanorth is a boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit rivanorth.com to find out more.

You build the future. We help you secure it.