Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 011Flash Loan Attack

Harvest Finance Flash Loan

Thirty Curve YPool price-manipulation loops funded by a $50M USDC flash loan extracted $24M from Harvest Finance; the exploit triggered a $570M bank run.

Date
Victim
Harvest Finance
Chain(s)
Ethereum
Status
Partially Recovered

On October 26, 2020, an attacker drained approximately $24 million from Harvest Finance by running 30 iterations of a Curve-YPool price-manipulation loop. The exploit also triggered an $570M bank run as depositors rushed to withdraw before the protocol was fully compromised — one of the first "DeFi run" events on record.

What happened

Harvest Finance was a yield aggregator. Its fUSDC and fUSDT vaults deposited user funds into the Curve YPool to earn yield, and Harvest priced its f-tokens using the spot exchange rate inside the YPool at deposit and withdraw time.

The attacker realised this read-time pricing could be manipulated by anyone who could move the YPool's internal balances in the same transaction. With a $50M USDC flash loan from Uniswap, they:

  1. Swapped USDC → USDT inside YPool, pushing USDT's effective price up sharply.
  2. Deposited USDC into Harvest's vault — Harvest used the manipulated YPool price to mint fUSDC, crediting the attacker with more fUSDC than the deposit's true value.
  3. Reversed the YPool manipulation by swapping USDT back to USDC.
  4. Withdrew the fUSDC for more USDC than they had originally deposited, netting roughly $600,000 per cycle.
  5. Repeated 17 times on the USDC vault and 13 times on the USDT vault, then walked.

Total profit: $24M. The attacker returned $2.4M voluntarily to the protocol after the fact — the funds were subsequently swept through Tornado Cash and converted to BTC.

Aftermath

  • News of the exploit triggered the $570M bank run: panicked depositors withdrew nearly two-thirds of Harvest's TVL within hours, far more than the actual loss.
  • Harvest characterised the incident as an "engineering error" rather than a true hack — though most observers viewed that framing as denial.
  • Harvest patched the pricing logic and reimbursed affected users from protocol revenue over the following months.

Why it matters

Harvest is one of the early canonical incidents in the DeFi flash-loan era. It demonstrated:

  • Reading prices from a manipulable pool in the same transaction is unsafe, full stop — the entire class of "use the current spot ratio inside the AMM you just touched" patterns is exploitable.
  • DeFi bank runs are real: once trust in a protocol's solvency is shaken, depositors will exit faster than any team can communicate, and the secondary loss to the protocol can dwarf the primary loss.

Time-weighted oracles and decoupled price feeds are the still-current answer; Harvest's incident is one of the reasons they exist.

Sources & on-chain evidence

  1. [01]slowmist.medium.comhttps://slowmist.medium.com/slow-mist-analysis-of-harvest-finances-hacked-event-63450b49e6a5
  2. [02]coindesk.comhttps://www.coindesk.com/tech/2020/10/26/harvest-finance-24m-attack-triggers-570m-bank-run-in-latest-defi-exploit
  3. [03]decrypt.cohttps://decrypt.co/46445/engineering-error-34-million-defi-hack-harvest-finance

Related filings