Edel said it discovered and contained the exploit, then paused all its version-1 contracts, which remain frozen, and warned users not to interact with them.
The team added that it had tracked the attacker’s transactions and is coordinating with exchanges, and that it has offered the attacker a whitehat settlement, an agreement that lets a hacker return most of the funds in exchange for a fee and no legal prosecution within a set period of time.
No depositor will take a loss, Edel noted, with the team absorbing the bad debt and restoring balance one by one. It is rolling out a version two with redesigned pricing meant to block this kind of manipulation, and promised a full technical teardown to follow.
While the amount is small, the method is placed in one of DeFi’s most enduring categories of exploitation.
Manipulating the price that a protocol reads, rather than breaking into it, ranks as the second most common smart contract vulnerability in the OWASP Smart Contract Top 10 Vulnerabilities for 2025, and security researchers at CertiK describe oracle price manipulation as one of the field’s most common attack vectors.
Alongside cross-chain bridges, which produced the biggest single thefts of the year, including the $292 million drained from the Kelp DAO in April, price manipulation is where much of the money continues to go, and in most of these the code works as written.



