Yield Protocol suffers a $3.7 million loss due to an "unintentional" stablecoin swap transaction.

Yield Protocol (YO) recorded an estimated loss of $3.73 million USD on 1/13 following an unintended swap transaction within the vault, leaving approximately $122,000 USD in USDC from about $3.84 million USD worth of stkGHO — the staked version of Aave’s GHO. Blockchain security firms PeckShield and BlockSec stated that the cause was due to a severe slippage phenomenon during the transaction.

This transaction took place on the Ethereum network and was described as “unusual” by BlockSec. According to QuillAudits, the transaction may have been routed through the Uniswap v4 pool, where the enhanced “hooks” mechanism makes execution more complex and unpredictable.

Security experts emphasized that this was not a hack or smart contract exploit. However, the incident highlights a core risk of DeFi: large transactions passing through thin liquidity pools or high fees can still cause significant losses even without malicious attacks.

YO is believed to have called this an “unintended transaction” and proposed to retain 10% of the funds as a bug bounty, while quickly repurchasing GHO and refinancing the vault. As of the time of publication, the project has not yet issued an official detailed explanation.