YO Protocol $3.7 million incident in-depth analysis: From configuration flaws to rebuilding the trading protection system

【CryptoWorld】YO Protocol’s Automated Harvesting System encountered a configuration flaw, triggering a “bad swap” event worth millions of dollars.

What exactly happened? The yield aggregator mistakenly input the entire stkGHO balance in the treasury (including principal and rewards) into the DEX aggregator for swapping during operation. The key issue is that stkGHO serves a dual role—it’s both the target for harvesting rewards and the core asset of the treasury. This dual identity triggered abnormal boundary conditions. The aggregator provided an extremely outrageous quote, and the Harvester failed to recognize the anomaly and reject the transaction in time. Although the system was set with slippage protection parameters, these safeguards only monitor price fluctuations during the transaction process and do not verify the initial quote itself—ultimately, $3.84 million worth of stkGHO was exchanged for only $112,000 USDC, with a $3.7 million difference eaten up by liquidity providers on Uniswap v4.

What’s the good news? The yoUSD treasury has resumed normal operation, and user balances and protocol solvency remain unaffected. The YO team has initiated systemic reforms, unifying risk control standards across the entire transaction process—from quote verification to slippage monitoring—eliminating blind spots in multi-layer protection. This incident also serves as a wake-up call for the entire DeFi ecosystem: relying solely on mid-transaction safeguards is far from enough; assessing the reasonableness of initial quotes is equally critical.