Superfluid Context Manipulation

On February 8, 2022, the money-streaming protocol Superfluid lost approximately $8.7 million when an attacker manipulated the "context" object Superfluid's host contract passes between its agreement contracts. By forging the context, the attacker spoofed the caller identity and executed privileged stream operations.

What happened

Superfluid's architecture passes a serialized ctx (context) struct through callAgreement between the host and agreement contracts, carrying caller identity and call metadata. The host did not sufficiently validate that a caller-supplied ctx was authentic.

The attacker constructed a malicious context that misrepresented msg.sender as a privileged/arbitrary account, then used it to call agreement functions that moved streamed funds as if authorised — extracting ~$8.7M in mixed assets on Polygon.

Aftermath

• Superfluid patched the context validation and paused affected operations.
• A meaningful portion was recovered through negotiation and the team's response.
• Superfluid published a detailed post-mortem on the context-forgery root cause.

Why it matters

Superfluid is a clean case for why any caller-supplied "who am I" metadata must be cryptographically or structurally validated, never trusted. The protocol's novel streaming architecture introduced a new trust object (ctx) — and the new abstraction reintroduced the oldest vulnerability (caller spoofing) in a new form. The recurring catalogue lesson: every new architectural primitive is a fresh opportunity to reintroduce caller-authentication and access-control bugs, because the primitive is unaudited by the collective experience of the ecosystem until incidents like this one teach it.