Yearn Finance yETH Pool Exploited

A significant vulnerability in Yearn Finance's yETH pool on Ethereum allowed an attacker to drain approximately $9 million in assets. The flaw in the pool's internal accounting enabled the perpetrator to mint an astronomical number of yETH tokens after depositing a negligible amount. The attacker exploited a desynchronization in the protocol's cached storage system, repeatedly cycling deposit and withdrawal transactions through flash loans to accumulate phantom balances. This sophisticated exploit underscores the risks associated with complex AMM mechanics and gas-saving optimizations in DeFi protocols.