Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 167Smart Contract Bug

Raft R Stablecoin Mint Bug

$3.3M of R stablecoin minted via a rounding/share-mint bug in Raft's collateral logic, but the attacker botched cash-out, burning ~1,570 ETH. R depegged.

Date
Victim
Raft
Chain(s)
Ethereum
Status
Funds Stolen

On November 10, 2023, the LSD-backed stablecoin protocol Raft suffered a $3.3 million exploit through a share-minting/rounding bug in its collateral logic. In an unusual twist, the attacker botched the cash-out — burning roughly 1,570 ETH (~$3.6M) to a null address — so the protocol lost ~$3.3M while the attacker netted comparatively little. Raft's R stablecoin depegged and the protocol effectively wound down.

What happened

Raft let users mint R, a USD-pegged stablecoin, against liquid-staking-token collateral (stETH/wstETH). The collateral-position accounting used a share-based system with rounding.

The exploit targeted a rounding/share-mint flaw that emerged when interacting with a newly-created collateral position (a familiar shape — the same family as ERC-4626 donation attacks and the Resupply and Hundred Finance incidents):

  1. The attacker manipulated a fresh position so that the share/balance accounting rounded in their favour.
  2. This let them mint far more R than their collateral justified — approximately $3.3M of unbacked R.
  3. They began converting the R to ETH through DEX liquidity.

But the cash-out went wrong. In the process of executing the attack, the attacker's contract sent roughly 1,570 ETH (~$3.6M) to a contract that burned it — either a coding error in the attacker's own exploit contract or a selfdestruct/transfer to an address with no recovery path. The net result: Raft lost ~$3.3M (R unbacked + depegged), and the attacker destroyed more ETH than they extracted.

Aftermath

  • Raft paused minting and acknowledged R could not maintain its peg.
  • The protocol effectively wound down — a stablecoin that has demonstrably lost its backing cannot credibly continue.
  • The destroyed ETH was unrecoverable; the incident is one of the few where the attacker's own loss exceeded their gain.

Why it matters

Raft is doubly instructive:

  1. It's another share-mint / rounding exploit on a freshly-created position — the same structural class as Hundred Finance, Sonne Finance, Resupply, and the ERC-4626 donation family. The recurring lesson: any share-based accounting system is dangerous in its low-supply / freshly-initialised state, and protective initial deposits / virtual shares are mandatory, not optional. Raft shipped without them.

  2. It's a rare case where the attacker's incompetence was the user's partial mercy — and a reminder that a protocol's loss is not bounded by the attacker's gain. Raft lost its stablecoin's backing and its viability regardless of whether the attacker profited. The headline "amount stolen" and the "damage done" are different numbers; for a stablecoin, an exploit that breaks the peg is often fatal even if the attacker walks away with nothing — the protocol's core promise is destroyed either way.

The broader theme — that stablecoin protocols are uniquely fragile to mint-side bugs, because the entire product is the credibility of the peg — runs through Cashio, MobiusDAO, Resolv, and Raft. A lending protocol can survive losing some reserves; a stablecoin rarely survives losing its backing.

Sources & on-chain evidence

  1. [01]halborn.comhttps://www.halborn.com/blog/post/explained-the-raft-hack-november-2023
  2. [02]banklesstimes.comhttps://www.banklesstimes.com/news/2023/11/11/raft-loses-dollar33m-in-hack-r-stablecoin-down-50percent/
  3. [03]coindesk.comhttps://www.coindesk.com/tech/2023/11/10/defi-platform-raft-suffers-33m-exploit-but-hacker-likely-takes-a-loss-on-the-attack

Related filings