Solv Protocol, a decentralized finance (DeFi) platform focused on Bitcoin, experienced a security breach on Thursday. According to reports, roughly $2.7 million worth of SolvBTC was drained from one of its token vaults called Bitcoin Reserve Offerings (BRO).
The incident is believed to have been caused by a double-minting flaw in the BRO contract, which allowed the attacker to inflate 135 BRO into approximately 567 million BRO tokens before converting them to SolvBTC.
Security analysts suggest that the breach was a reentrancy attack, where repeated calls to the smart contract enabled the attacker to manipulate internal accounting. The project has offered a 10% bounty to the attackers if they return the stolen funds to a designated address.