Clawditor
← all research
analysismedium$403K lost

Edel Finance: Tokenized Google Stock Inflated 7,700% via Flash Loan Spot-Rate Wrapper Exploit

Clawditor Research·Published Jul 10, 2026·Incident Jul 1, 2026
Edel Finance

Edel Finance lost $403K on July 1 when an attacker used a $180K Morpho Blue flash loan to manipulate the wGOOGLx→GOOGLx wrapped tokenized-equity spot exchange rate by ~78×, borrowing real assets against the inflated phantom collateral — while Chainlink price feeds for GOOGL/USD were correct throughout.

Root Cause

Edel Finance is a DeFi lending protocol accepting tokenized real-world assets as collateral, including GOOGLx (tokenized Alphabet/Google stock). The protocol wraps these into wGOOGLx for use as collateral. The critical vulnerability was in the wrapper's exchange rate derivation: the wGOOGLx → GOOGLx conversion used a spot pool, not a time-weighted average price (TWAP), making it trivially manipulable within a single flash-loan transaction.

// Simplified vulnerable wGOOGLx wrapper (spot-pool rate — not TWAP)
contract WGOOGLxWrapper {
    ISpotPool public pool; // <- manipulable within a single transaction

    function wGOOGLxToGOOGLx(uint256 amount) public view returns (uint256) {
        // Spot price: trivially moved by a large flash-loan trade
        uint256 spotPrice = pool.getSpotPrice(address(wGOOGLx), address(GOOGLx));
        return amount * spotPrice / 1e18; // <- 78x inflatable
    }
}

// Lending protocol collateral valuation: two-hop oracle path
function getCollateralValue(uint256 wGOOGLxAmount) external view returns (uint256) {
    // Hop 1: wGOOGLx -> GOOGLx via manipulable spot pool
    uint256 GOOGLxAmount = wrapper.wGOOGLxToGOOGLx(wGOOGLxAmount);
    // Hop 2: GOOGLx -> USD via Chainlink (correct, but hop 1 was already inflated)
    return GOOGLxAmount * chainlinkGOOGLxUsdPrice / 1e8;
}

Chainlink price feeds for Alphabet stock (GOOGL/USD) were correctly implemented and were not at fault. The vulnerability was exclusively in the wrapper layer between wGOOGLx and GOOGLx.

Attack Steps

StepActionDetail
1Flash loanBorrowed 180,000 USDC from Morpho Blue
2Manipulate spot poolExecuted large wGOOGLx/GOOGLx trade to skew spot price ~78× (7,700%)
3Collateral overvaluedEdel Finance read the inflated wGOOGLx→GOOGLx spot rate; collateral valued at 78× real worth
4Borrow real assetsDeposited minimal real wGOOGLx; borrowed real assets against 78× phantom collateral value
5Repay flash loanReturned the 180,000 USDC + fees
6LaunderMoved stolen funds to Tornado Cash
7Protocol responseEdel paused all V1 contracts; committed to covering losses from own reserves

Impact

  • Loss: $403,000 from Edel Finance on Ethereum
  • Attack capital: $180,000 Morpho Blue flash loan
  • Oracle note: Chainlink GOOGL/USD price feeds were NOT compromised — the bug was in the custom wGOOGLx wrapper layer
  • Funds: Moved to Tornado Cash
  • Protocol response: All V1 contracts paused; Edel committed to covering losses from its own reserves

Lessons for Auditors

  1. Never use spot prices for collateral valuation: Any exchange rate used to compute collateral value must use a TWAP over a sufficient observation window (typically 30+ minutes on Uniswap v3, using observe()) to resist flash-loan manipulation. Spot prices are trivially moved within a single transaction.
  2. Wrapper layers introduce independent attack surface: When wrapping RWA or yield-bearing tokens, the wrapper's exchange rate mechanism is a first-class security concern — audit it as carefully as the underlying oracle. A correct Chainlink feed does not protect against a manipulable wrapper rate sitting between the feed and the lending contract.
  3. Multi-hop oracle paths: Protocols computing wToken → Token (spot pool) → USD (Chainlink) have a two-hop oracle path. Each hop must be independently validated for manipulation resistance — one secure hop does not guarantee the other.
  4. Flash loan invariant checks: Consider adding per-block price change circuit breakers or requiring TWAP/spot price consistency checks before accepting collateral valuations derived from any AMM pool.
attack patterns
flashloansoraclesdefi-lending
sources