Huma Finance Says Deprecated Polygon BaseCreditPool Contracts Were Exploited for About $101,000

According to Huma Finance, a logic bug in deprecated V1 Polygon credit pools allowed about $101,400 in USDC to be drained, while the Solana-based V2 PayFi system and PST token were structurally unaffected.

SOL

USDC

45d ago

Summary

Huma Finance said a logic bug in its deprecated V1 BaseCreditPool contracts on Polygon allowed an attacker to drain about $101,400 in USDC and USDC.e. The team stated that the incident was limited to legacy Polygon credit pools, while its rewritten Solana-based PayFi V2 system and PST token were structurally unaffected. Huma Finance also said all V1 contracts have now been fully paused, adding to its earlier statement that the exploit did not affect user funds or the protocol’s current Solana-based deployment.

Terms & Concepts

USDC.e: A bridged version of USD Coin, typically used to represent USDC on another blockchain network.
Polygon: A blockchain network designed to support faster and lower-cost transactions, often used for Ethereum-compatible applications.
Solana: A blockchain network built to support high-throughput applications and digital asset activity with relatively low transaction costs.