LlamaRisk post-mortem pins LlamaLend sDOLA exploit on unsmoothed vault oracle reads; $190K donation inflated PPS 13.79%, hard-liquidating 27 borrowers

On 2 March 2026, a market on Curve’s LlamaLend using sDOLA as collateral against crvUSD was exploited via a flash-loan–driven “donation attack” on its price oracle, according to a post‑mortem by risk analysis firm LlamaRisk. The attacker injected a one‑off $190,000 sDOLA donation into the sDOLA/crvUSD pool that the vault oracle read without smoothing, artificially inflating the vault’s price per share (PPS) by 13.79% and triggering hard liquidations of 27 borrowers with about $10.9 million total debt.

✨ AI-generated background, compiled from web sources — not editorial content.

More coverage

• SDOLA Price, Market Cap, Supply & Trading Volume - DefiLlama (defillama.com)
• We are investigating an attack targeting the sDOLA LlamaLend ... (panewslab.com)
• On March 2, 2026, an exploit on the sDOLA-long2 LlamaLend ... (x.com)
• DOLA Price Manipulation Causes $240K LlamaLend Users Loss (cryptorank.io)
• LlamaLend sDOLA-long2 Post-mortem | LlamaRisk Research (llamarisk.com)

Explore the topic

• Hacks
• LlamaLend
• Vaults
• Curve