A security incident at TrustedVolumes has drained $6.7 million from the platform, prompting the decentralized finance data provider to halt operations. Meanwhile, 1inch, a popular DeFi aggregator that had partnered with TrustedVolumes, moved quickly to distance itself from the breach.
The exploit and its target
TrustedVolumes, which supplies pricing and liquidity data to several decentralized applications, confirmed the attack late this week. The company did not specify how the attacker gained access or which assets were taken. The $6.7 million figure represents the total value lost from the platform’s smart contracts, according to on-chain data.
The platform has not yet announced a timeline for resuming services or recovering funds. Users have been advised to avoid interacting with TrustedVolumes’ contracts until further notice.
1inch’s response
1inch, which used TrustedVolumes as a data provider for some of its price feeds, issued a statement denying any compromise of its own infrastructure. “No 1inch protocols, infrastructure or user funds were affected,” the company said. The statement stressed that the exploit was isolated to TrustedVolumes and did not impact 1inch’s smart contracts or liquidity pools.
The denial came after some users on social media speculated that the attack could have broader implications for DeFi platforms that rely on TrustedVolumes’ data. 1inch’s clarification appeared aimed at containing that concern.
What this means for users
For those holding funds on 1inch, the company’s assurance offers some relief. The aggregator routes trades across multiple decentralized exchanges and does not custody user assets. Still, the incident raises questions about the security of third-party data providers that many DeFi protocols depend on.
TrustedVolumes has not yet published a post-mortem or disclosed whether law enforcement has been notified. The exploit is the latest in a string of attacks targeting DeFi infrastructure this year, though the total losses have varied widely.
Users who interacted directly with TrustedVolumes’ contracts are the most exposed. The platform has not indicated whether it will attempt to reimburse affected parties.
