On April 16, 2026, Rhea Finance (formerly Burrow Finance on NEAR) lost approximately $18.4 million after an attacker chained swaps through self-deployed liquidity pools and drained borrowed funds out of the margin trading feature. The protocol paused the affected lending contracts within hours, and about $9 million — roughly half of the stolen value — has since been returned or frozen, much of it USDT intercepted by Tether.
There was no signature bypass or reentrancy trick. The contracts did what they were written to do. The exploit lived inside the slippage protection itself.
How the exploit worked
Margin trading on Rhea routes a sequence of swaps through liquidity pools. To guard against adverse price moves, each swap step declares a min_amount_out — the minimum number of tokens the trader will accept from that step. The protocol's slippage check summed those minimums across all steps and compared the total to what actually came back.
The flaw: when the output token of one step is immediately the input of the next, the sum double-counts it. A contrived 1,000 USDC round trip through an attacker-controlled pool — 1,000 USDC → 999 fake tokens → 1 USDC — produces a declared minimum of 999 + 1 = 1,000 USDC, and the check passes. In reality, 999 USDC is sitting in the attacker's pool, and only 1 USDC came home.
At scale, this turns a borrowed position into an extraction route. The swap chain looks compliant to the protocol; the reserve pool loses value on every cycle.
The setup
The attacker spent several days building the infrastructure. They deployed purpose-built fake token contracts on implicit NEAR accounts — no metadata, no upstream usage, synthetic assets that existed only to be swapped — and created multiple new liquidity pools on Ref Finance pairing those fake tokens against USDC and USDT at prices they controlled.
With the custom router in place, they opened dozens of margin positions on Burrow Protocol and funneled the borrowed debt tokens through their own pools. The positions were immediately underwater against real-market prices, triggering forced liquidations that drained the reserve pool. During the exploit window, intermediary NEAR accounts were deleted rapidly to complicate tracing.
Recovery so far
Pausing the lending contracts stopped further draws. Tether froze USDT held at attacker-linked addresses, and on-chain data shows roughly $9 million returned or locked inside protocol contracts and custodial freezes. The remaining flows have moved toward centralized exchanges, where Rhea is coordinating on identification. Compensation mechanics are still being defined and will depend on what is eventually recovered.
The real lesson
The code ran as written. The vulnerability was in the arithmetic assumption behind it: that summed minimums across a swap chain are a meaningful lower bound on the final output. When an intermediary token appears as both output and input inside the same transaction, that assumption breaks — and audits reading the check line-by-line don't tend to catch it, because each line looks fine on its own.
For on-chain analysis, this is also where the forensic picture gets easier to read, not harder. Once you stop treating a multi-step swap as an aggregate and start tracing the same intermediary token appearing twice inside one transaction, the rest of the flow — fake pools, puppet accounts, liquidations against the reserve — falls into place.