Root Cause
Summer Finance's Fleet Commander contract calculates the net asset value (NAV) of the Lazy Summer Protocol vaults by summing totalAssets() across all registered Arks (sub-vaults). The critical flaw: Arks that have been "capped for removal" — meaning they accept no new deposits — were still included in the NAV calculation. By donating assets to such a stale Ark (or inflating its balance via a flash loan), an attacker could increase the apparent totalAssets() without a corresponding increase in redeemable liquidity, causing the ERC-4626-style share price to be artificially inflated.
// Simplified Fleet Commander totalAssets() — vulnerable version
function totalAssets() public view override returns (uint256 total) {
uint256 len = arks.length;
for (uint256 i = 0; i < len; i++) {
// BUG: no exclusion for capped/removal-queued arks
// A capped Ark's balance still counts toward share price
total += IArk(arks[i]).totalAssets();
}
}
// ERC-4626 share price derived from totalAssets()
function convertToAssets(uint256 shares) public view override returns (uint256) {
return shares.mulDiv(
totalAssets() + 1, // inflated if capped ark has donated balance
totalSupply() + 1,
Math.Rounding.Floor
);
}
The protocol's post-incident analysis (Phylax Systems / Odysseas Lamtzidis) ruled out any private key compromise or admin action. The exploit was entirely driven by incorrect assumptions about Ark liquidity in the vault accounting layer.
Attack Steps
| # | Action |
|---|---|
| 1 | Attacker identifies the LazyVault_LowerRisk_$USDC pool and a "capped-for-removal" Ark still counted in totalAssets() |
| 2 | Takes a $65.4M flash loan |
| 3 | Deposits ~$64.8M into the Lazy Summer Protocol vault, inflating the capped Ark's perceived balance |
| 4 | totalAssets() now returns an inflated value; share price (assets-per-share) rises proportionally — APY display briefly spikes to ~2,000,000% |
| 5 | Redeems vault shares at the inflated share price, withdrawing $70.9M |
| 6 | Repays the $65.4M flash loan; keeps ~$6.04M profit |
| 7 | Swaps profit into DAI stablecoins to break the on-chain trail |
| 8 | Funds funneled to attacker-controlled wallet |
Impact
Approximately $6.04M drained from Lazy Summer Protocol depositors. Protocol guardians paused all vaults across the Lazy Summer Protocol. No private keys were compromised; the exploit required no privileged access. PeckShield and CertiK flagged the attack on July 6, 2026. The protocol confirmed the exploit and has been investigating the root cause.
From Blockaid's real-time detection: the vault's apparent yield briefly spiked to ~2,080,000% APY during the attack window — a canary signal that automated monitoring systems could have caught.
Lessons for Auditors
-
Exclude deprecated vaults from NAV immediately. When an Ark (or any sub-vault) is "capped" or queued for removal, it must be removed from
totalAssets()accounting at that moment, not after it is fully drained. Any gap creates an exploitable window. -
ERC-4626 inflation attacks via donation. The pattern of inflating share price by donating assets to a vault (or manipulating
totalAssets()via flash loan) is a well-known ERC-4626 vulnerability class. Auditors should verify thatconvertToAssets()remains consistent whether or not large flash-loan deposits are present. -
Sanity-check share-price movements. Implement a circuit breaker that reverts any redemption if the share price deviated by more than X% within the same block or recent blocks. The 2,000,000% APY spike was an observable anomaly.
-
Flash loan invariant testing. Write invariant fuzz tests asserting that
totalAssets() / totalSupply()cannot deviate by more than a bounded factor under any single-transaction deposit+withdraw sequence. -
Audit keeper/automation assumptions. Summer.fi's Lazy Summer uses AI-driven keeper bots for rebalancing. Automated strategies can interact with vault accounting in non-obvious ways; explicitly test the interaction between rebalancing logic and asset removal queues.