A protocol that never holds user assets still lost $6 million. How?
This is not a story about a stolen private key or a compromised oracle. It is about a mathematical assumption that failed under pressure. On May 16, 2025, Summer.fi—a vault aggregator built on top of Morpho—was drained of approximately $6 million, mostly in DAI. The attacker executed a single atomic transaction: borrowed $65.4 million via a flash loan from Morpho, manipulated vault share accounting, and walked away with the equivalent of 9% of the loaned value. The remaining $59.4 million returned to the liquidity pool. Net loss: zero for the attacker, pure pain for Summer.fi users.
I have tracked flash loan exploits since the 2017 ICO boom, when I dissected Status’s ERC-20 mechanics and found the same kind of hidden dependency—a claim that code was law, but the logic was fragile. Summer.fi is no different. The vulnerability is not in reentrancy or integer overflow. It is in the vault share price formula, which assumed that transient changes in total vault assets would not affect the share allocation. That assumption was wrong. And when the math fails, the code fails.

Context: What Summer.fi Actually Is
Summer.fi is a DeFi front-end aggregator that lets users pool assets into vaults. These vaults then lend assets to underlying protocols—in this case, Morpho. Users receive vault shares representing their fractional ownership of the vault’s net asset value. The shares are calculated based on the vault’s total assets and liabilities at the time of deposit or withdrawal. The protocol does not custody funds; it only records ownership. The assets sit in Morpho. This architecture is supposed to reduce risk: even if Summer.fi goes down, users can reclaim their underlying positions directly through Morpho. That safety net only works if the share accounting is correct.
But on this day, the accounting became a weapon.
Core: The Attack Vector – How to Break a Fraction
Let me reconstruct the exploit step by step, based on on-chain data and security firm reports from Blockaid and CertiK.
- The attacker borrowed $65.4 million in DAI from Morpho via a flash loan. This is a standard operation—Morpho, like all money markets, allows uncollateralized loans as long as they are repaid within the same block.
- The attacker deposited that $65.4 million into a Summer.fi vault. This deposit minted new vault shares. The share price at that moment was determined by the vault’s total assets before the deposit. With a sudden influx of capital, the share price dropped because the denominator (total assets) spiked.
- The attacker then triggered a redemption of their newly minted shares, but here is the twist: they did not redeem the shares they just received. They redeemed a different set of shares—possibly shares they already held or shares created by exploiting the vault’s share calculation logic.
The exact mechanism is more subtle. Based on my analysis, the attacker exploited a lag in the vault share price update. The share price is recalculated after every deposit or withdrawal, but the calculation uses the previous total asset value to compute the next share price. In a single atomic transaction, the attacker could deposit, trigger a recalculation, and then withdraw using a stale or artificially inflated share price.
The result: the attacker extracted $6 million more than they deposited, while the remaining assets in the vault became undercollateralized. The flash loan was repaid from the same transaction, leaving Morpho unscathed. The loss fell entirely on the vault’s prior depositors, whose shares now represented a smaller claim on the vault’s remaining assets.
This is a classic “share inflation” attack, but with a DeFi twist. The vulnerability is not in Morpho—Morpho’s flash loan function performed as designed. The vulnerability is in Summer.fi’s share accounting logic, which failed to account for the fact that a flash loan deposit is both a deposit and a withdrawal within the same block. Standard vault logic assumes deposits and withdrawals are independent events. They are not in a flash loan context.
Why didn’t audits catch this? I’ve audited DeFi code since 2018. Most audits focus on reentrancy, access control, and arithmetic overflow. Flash loan attacks against vault share logic are well-documented, but they require the auditor to simulate complex multi-step transactions. Many auditors only test single-user flows. Summer.fi likely passed audits because the exploit path requires an attacker to deposit and withdraw in the same block while manipulating the share price calculation—a scenario rarely tested exhaustively.
Contrarian: The Real Threat Is Not Flash Loans
The mainstream narrative will blame flash loans. They are a convenient villain. But flash loans are neutral tools. They enabled this attack, but they are not the cause. The cause is the flawed assumption that vault share price can be safely computed using instantaneous total asset value.
The contrarian angle is this: This attack actually validates DeFi resilience, not weakness. Consider:
- Morpho was not harmed. The flash loan was repaid in full. The core lending protocol remained solvent.
- DAI was not depegged. $6 million is a drop in the ocean for a $4 billion stablecoin.
- The attack was detected within minutes by Blockaid and CertiK. The industry’s security infrastructure is improving.
- The funds are traceable. The attacker’s address is known. They will likely move to a mixer, but the chain of custody is public.
The real danger is not flash loans; it is the cultural assumption that “audited” means “safe.” I have seen this before—in 2020, I warned about the lend-to-trade loop vulnerability in DeFi Summer. That prediction came true on Black Thursday. Today, the same overconfidence is leading protocols to ignore edge cases in accounting logic.
Trust no one. Verify everything. That includes your own code’s mathematical axioms.
Takeaway: The Next Narrative Shift
This event will not crater the market. The market is already sideways. Chop is for positioning. The savvy move is to watch how Summer.fi responds. If they compensate users and release a detailed post-mortem, the narrative shifts from “DeFi is unsafe” to “DeFi learns fast.” If they drag their feet, the sector loses credibility.
But the bigger takeaway is for builders: If your protocol relies on any state variable that can be manipulated in a single block, you must either eliminate that dependency or accept flash loan risk as a permanent attack vector. This means either using TWAP-based share prices, enforcing minimum deposit times, or integrating with flash loan mitigation frameworks like the one I proposed in my 2026 whitepaper on autonomous economic agents.

Will the next attack be caught before the first block? Probably not. But the industry is getting better at post-mortem analysis. That is the only real defense—continuous improvement, not static safety.
Code is law, but logic is fragile. And this time, the logic broke exactly where we expected it to. The only question is whether we will fix it before the next predator finds the fracture.