Raydium confirmed a $1.34 million exploit that targeted five inactive liquidity pools within its decentralized exchange (DEX) platform. The breach specifically hit a retired automated market maker (AMM) program, exposing vulnerabilities that had remained unpatched post-deprecation.
Despite these pools being inactive, the attacker exploited residual liquidity, draining funds that technically should have been off-limits. The compromised pools were no longer serving live trades, yet their wallets still held assets. This loophole was the key vector for the attack.
Raydium has pledged to cover user losses by tapping into its treasury, reassuring stakeholders that no funds will ultimately be lost by affected users. The team is actively identifying all impacted addresses and coordinating reimbursements, aiming to restore confidence in its governance and security protocols.
This incident underscores the risks inherent in operating legacy smart contracts on decentralized platforms. Even retired modules can harbor exploitable points if not fully decommissioned. It also raises questions about due diligence in post-deployment audits and the management of dormant contracts holding capital.
Over the past year, DEX platforms like Raydium have faced increased scrutiny over security gaps, especially as complex liquidity incentives and AMM strategies grow. While no new exploits have emerged on active Raydium pools, this event serves as a reminder that “ghost” contracts remain risk vectors.
Raydium’s native token, RAY, saw minor pressure following the announcement but has stabilized as the team’s swift response reassured the market. Traders will now watch closely for the official update detailing reimbursements and any upgrades planned to fully retire vulnerable pools.
The next key milestone will be Raydium’s forthcoming security audit results, expected within weeks, which should clarify how the project will prevent similar breaches. This episode may also push other DEXs to review their inactive contract exposure, spotlighting a systemic challenge in decentralized finance infrastructure.
Raydium Loses $1.34M in Exploit on Inactive AMM, Treasury Steps In
A $1.34 million exploit hit inactive Raydium liquidity pools. The affected users will be compensated by the protocol's treasury.