Echo Protocol, a decentralized finance platform focused on bitcoin liquidity, got hit by a security breach on its Monad network deployment yesterday. An attacker compromised an administrative key and made off with about $816,000. The damage could’ve been worse — liquidity limits baked into the protocol stopped the losses from ballooning.
What happened on Monad
The breach happened May 18. Echo runs on multiple networks, but the attacker targeted the Monad deployment specifically. They gained control of an admin key — the kind of privileged credential that can move funds or change contract parameters. Once inside, they drained what they could until hitting the liquidity constraints that Echo had set up. Those constraints are why the final number sits at $816K rather than something much bigger.
Why admin keys are a target
Admin keys give whoever holds them elevated power over a smart contract. In DeFi, they’re a single point of failure — a fact the industry has learned the hard way over and over. Echo’s team likely had the key secured in a multi-sig or cold storage, but this time someone found a way in. The exact method of compromise isn’t public yet, but the result is another entry in the long list of key-based exploits.
What’s next for Echo
The protocol hasn’t announced a full post-mortem or a timeline for reimbursing affected users. Given the size of the loss — under a million — it’s possible the team will cover it from treasury or insurance, but that’s not confirmed. Users on the Monad deployment are waiting for updates. Echo’s bitcoin liquidity products on other networks appear unaffected, but the trust hit is real. The team will need to explain how the key was compromised and what’s changing to prevent a repeat.
