During a routine internal audit, we identified a high-severity risk affecting our liquidity vault system — one that could have directly impacted the protocol’s $35 million in total value locked (TVL).

The issue stemmed from how the protocol interacted with decentralized exchanges (AMMs) when executing swaps and removing liquidity. Without proper “slippage protection,” large-value transactions could have executed at unexpected prices, leading to silent capital losses over time.

In DeFi, slippage refers to the difference between the expected and actual execution price of a trade. When market conditions are volatile or liquidity is thin, this difference can become significant — especially for automated, large-volume transactions.

Our audit revealed that certain liquidity removal and swap operations in the vault contracts did not include any protection against extreme slippage. This meant that:

Market manipulators could frontrun protocol transactions, artificially moving prices just before execution.

The protocol could receive fewer tokens than expected during swaps.

Node delays could cause transactions to execute at worse prices due to expiring deadlines.

In short, without guardrails, the protocol’s treasury and users’ yields were at risk of erosion through price inefficiencies.

If exploited or left unresolved, the missing protection could have resulted in:

Capital leakage during large withdrawals or rebalancing events

Reduced user yields, lowering competitiveness

Reputational risk, as users lose trust in yield accuracy

Exposure to MEV and arbitrage attacks, where bots profit at the expense of the vault

With $35M in TVL at stake, even a 1–2% slippage impact could translate to hundreds of thousands of dollars in potential losses.

The team responded swiftly — implementing transaction-level slippage protection and introducing execution time buffers to prevent adverse fills.

Now, every swap or liquidity removal operation automatically verifies that:

The transaction executes within a safe price range, defined by slippage tolerance.

It expires automatically if not processed within a short window (typically five minutes).

This ensures trades only settle when market conditions are favorable, protecting both users and protocol reserves.

Issue: H-1 (High Severity — Slippage Protection)

Resolution: Fixed

Result:

Following the patch, no incidents were observed, and the vault system continued to operate smoothly with over $35M in TVL safeguarded.

Financial security = technical precision: A single missing safeguard in an AMM call can directly impact millions in TVL.

User trust grows with resilience: Transparent communication and quick remediation reinforce protocol credibility.

Operational excellence requires vigilance: Even well-audited systems benefit from periodic security reviews and internal red-team testing.