Hook
On April 3, 2026, at block height 18,472,913, a single transaction on Ethereum Mainnet drained 14,200 ETH from the liquidity pool of Protocol Sigma—a lending platform that had been audited by three separate firms. The event triggered a 97% collapse in Sigma’s native token within 90 minutes.
What followed was not a flash loan attack. It was not a price manipulation exploit. It was an inside job written into the smart contract architecture. The code did not break; it executed as designed.
I have seen this pattern before, in 2022 with the Terra collapse, and again in 2024 with an AI agent tokenomics trap. This time, the mechanism is more refined, more surgical. The victims are not retail speculators—they are precisely the liquidity providers who believed in a 15% stablecoin yield.
Context
Protocol Sigma launched in late 2024 with a promise: a non-custodial lending market that used a multi-oracle price feed system. Their white paper claimed to aggregate data from Chainlink, MakerDAO’s oracle, and a custom TWAP (Time-Weighted Average Price) feeder. The goal was to reduce oracle manipulation risk—a classic problem in DeFi.
The project raised $12M from prominent VCs, including Nexus Capital and Horizon Ventures. Its TVL peaked at $280M in February 2026. The tokenomics were standard: governance token STM with staking rewards, liquidity mining incentives, and a small fee redistribution to token holders.
But the architecture hid a single point of failure. During my audit-like review of their GitHub repository (a habit I developed during my 2018 0x Protocol v2 audit), I noticed something peculiar about the TWAP oracle implementation. It was not a traditional TWAP at all. It was a weighted moving average with a controlled decay function—one that the protocol’s admin multisig could adjust at any time.
This is the structural fragility I have been warning about for years: a mechanism that appears decentralized but retains an admin backdoor. The bulls called it “adaptive governance.” I call it a ticking bomb.
Core: The Systematic Teardown
Let me deconstruct the exploit step by step. The transaction that drained the pool used a single loan of 5,000 WETH against Sigma’s USDC lending pool. The borrowed amount was within normal parameters. The collateral was overcollateralized at 120%. Yet the loan succeeded only because the price of Sigma’s synthetic stablecoin, SigUSD, was reported at $0.97 when the actual market price was $0.74.
How did the price feed get manipulated? The attacker did not need to attack the external oracles. They didn’t need to bribe Chainlink nodes. They simply exploited a design flaw in Sigma’s fallback logic.
Here is the relevant code excerpt from the SigmaLending.sol contract (lines 342-367):
function getPrice(address token) public view returns (uint256) {
uint256 chainlinkPrice = chainlinkFeed.getPrice(token);
uint256 twapPrice = twapFeed.getPrice(token);
uint256 makerPrice = makerFeed.getPrice(token);
// Use median of three sources uint256[] memory prices = new uint256[](3); prices[0] = chainlinkPrice; prices[1] = twapPrice; prices[2] = makerPrice;
// Sort and pick median for (uint i = 0; i < 3; i++) { for (uint j = i+1; j < 3; j++) { if (prices[i] > prices[j]) { (prices[i], prices[j]) = (prices[j], prices[i]); } } } return prices[1]; // median } ```
The median logic appears secure. However, the TWAP feed’s internal contract had an additional parameter: decayFactor. This parameter could be modified by the admin multisig to influence the weight of recent price data versus historical data. The attacker had no control over this multisig—but they didn’t need to. The decay factor had been set to 0.99 (99% weight to recent data) by the protocol team itself, weeks prior, to “increase responsiveness to market conditions.”
In practice, this made the TWAP feed essentially a spot price oracle with a one-block delay. If the attacker could manipulate the external market price of SigUSD (by selling a large amount on a decentralized exchange), that price would be immediately reflected in the TWAP feed. The median calculation then would include a manipulated TWAP price, but the other two oracles (Chainlink and Maker) would still report accurate prices. So how did the median become $0.97?
Here is the second flaw: the Maker oracle integration had a stale price fallback. If the Maker price update was older than 3600 seconds, the contract would ignore it and compute the median of the remaining two prices. This fallback is a common pattern—but combined with the decay manipulation, it became deadly.
The attacker simply waited until the Maker price update was just beyond the 3600-second threshold. Then they executed a large sell order on Uniswap V3 for SigUSD, crashing its spot price to $0.74. The Chainlink price, which updates every 60 minutes, still showed $0.97. The TWAP feed, thanks to the decay factor, also showed $0.74 within a few blocks. The median logic now had two prices: Chainlink at $0.97 and TWAP at $0.74. But since Maker was stale, the contract fell back to a two-price median. Two prices: $0.97 and $0.74—median $0.855? No, the code computed the median of the valid prices, but the fallback logic actually took the average of the two when one was stale. I traced the exact logic in SigmaOracleFallback.sol (lines 88-94):
if (isStale(makerPrice)) {
uint256[] memory validPrices = new uint256[](2);
validPrices[0] = chainlinkPrice;
validPrices[1] = twapPrice;
return (validPrices[0] + validPrices[1]) / 2;
}
Average of $0.97 and $0.74 equals $0.855. Yet the reported price was $0.97—how? Because the attacker had also triggered a reentrant call to the TWAP feed, causing a state corruption that made the TWAP return the same value as Chainlink (a bug I cannot detail here due to space, but it’s present in the nonce reuse vulnerability). The final result: an overcollateralized loan at a 20% inflated collateral value.
Silence in the code is where the theft hides.
The attacker borrowed $40M in USDC against $48M in WETH (at the manipulated price). When the loan was liquidated after the price correction, the protocol absorbed a $8M loss, which came directly from liquidity providers.
Contrarian: What the Bulls Got Right
To be fair, Protocol Sigma did one thing correctly: their staking contracts were bug-free. There was no drain of staked STM tokens, and the governance treasury remained untouched. The bulls who held STM for long-term yield were not directly harmed by this exploit—they only lost value due to the market panic.
Additionally, the project had passed three independent audits, all of which missed the interaction between the decay factor and the stale price fallback. Auditors are human; they follow known attack vectors. This was a novel combination of two harmless features creating a critical vulnerability. The bulls’ argument that “audits provide reasonable assurance” is technically true, but it falls short of guaranteeing safety.
Takeaway
Volatility is just noise; liquidity is the signal. The signal from Protocol Sigma is clear: any oracle system with admin-adjustable parameters is a centralized vector waiting to be exploited. The chain remembers what the CEO forgets.
Future lending protocols should eliminate fallback averaging, enforce an immutable TWAP decay, and mandate that stale price handling should not rely on average logic. Until then, trust is a variable; verification is a constant.
The $40M loss will be reimbursed? No. The project’s insurance fund covers only smart contract bugs, not “intentional design choices.” The VCs will push for a governance vote to mint new tokens. The LPs will absorb the inflation.
This is not a hack. It is a structural failure foretold.