When crypto is innovating on one side, hackers are finding loopholes to exploit and steal millions from blockchain platforms. Recently, Solv Protocol, the operating layer of Bitcoin and a DeFi protocol, faced a security breach after attackers exploited a contract, resulting in a $2.7 million loss in BRO, the token minted by Solv Protocol.
Solv Protocol’s BitcoinReserveOffering exploited
As BlockSec Phalcon reported, the hackers compromised a vulnerability in the platform’s BitcoinReserveOffering smart contract. This led to a reentrancy attack via ERC-721 callbacks.
To put it in plain terms, the re-entrancy issue is a vulnerability or a bug in a smart contract, where bad actors can repeatedly call (withdraw) a function before the previous execution finishes. This allows the attacker to alter the smart contract’s state and steal funds.
Reentrancy is the core cause of the Solv Protocol hack
Basically, the attacker sends a transaction to the BitcoinReserveOffering smart contract, the transaction withdraws the function, and the contract processes the withdrawal.
However, the malicious smart contract keeps calling the function again before the first call finishes. Eventually, this results in draining extra funds.
For instance, if the attacker sends 10 BRO tokens and withdraws that number of BRO, the smart contract sends the BRO to the attacker. Importantly, before the contract updates the balance, the malicious contract designed by the hacker will call the contract to withdraw again.
And that’s how the term re-entrancy was coined — re-entering the same function before it ends.
Assets involved in Solv Protocol hack
There are three assets involved in the exploit: BRO, the token minted by Solv Protocol, SolvBTC, a token representing Bitcoin exposure in the protocol, and ERC-3525, a token standard used as collateral.
The hackers used a semi-fungible token called ERC-3525 SFT, which has a specific value locked in it. As the attacker tried to withdraw the full value of the ERC-3525 SFT token, the smart contract transferred the token, initiating a callback.
Based on the SFT value, BRO tokens were minted. When the original function resumed, the smart contract minted BRO tokens again for the same value, allowing the hacker to count the asset again.
Since the beginning of 2026, hackers have attacked several blockchain platforms and drained millions of dollars worth of funds. Notably, smart contract vulnerabilities are the core reason for such security breaches, including oracle manipulation and defects in token mining logic.
