When You Trade on 1inch, You're Trusting More Than 1inch
On May 7, 2026, a liquidity provider called TrustedVolumes was exploited on Ethereum. $5.87 million was drained in a single transaction across four assets, all of it gone before most security firms had finished typing their alerts.
The exploit itself matters less than what it reveals: modern DeFi systems often rely on layers of participants users never see.
TrustedVolumes is not a protocol you interact with directly. It operates as a Resolver inside the 1inch Fusion ecosystem, handling order matching and execution behind the scenes. When a user submits a transaction on 1inch, a Resolver like TrustedVolumes takes the order, provides the liquidity, and executes the fill. The user sees 1inch. The user feels the transaction complete. What the user does not see is the execution chain running underneath.
To play that role, TrustedVolumes built a custom Request for Quote contract, and granted that contract unlimited approval over its own inventory. The contract was never open-sourced. It was never publicly audited. The code was only readable from on-chain bytecode. The team had not posted publicly in over a year before the exploit.
The attacker found three problems inside that code and used them together.
One was a public function that anyone could call, allowing any address to register itself as a valid order signer with no access control of any kind. The attacker called it, registered their own address, and became a recognized participant in the system. Another was an authorization check that verified against the wrong address. The system confirmed the attacker could sign orders for their own receiver address, but never once asked whether the signer had any right to move the funds being transferred. The third was a fund transfer that used a field the attacker could fill in themselves. The attacker set the source address to TrustedVolumes' own inventory. The contract accepted it and executed.
TrustedVolumes had granted that RFQ contract unlimited approval over its assets, meaning the contract could move any amount of any token with no ceiling. When those three problems were chained together, the attacker needed no private key, no victim signature, nothing except the approval that was already in place. The entire drain happened in one transaction. Each of the four asset pulls required 1 wei of payment as a nominal buy amount. The contract accepted that as a completed trade and sent millions in the other direction.
The funds that were lost belonged to TrustedVolumes' own inventory as a liquidity provider, not to individual user wallets. The direct victim was the protocol itself.
CertiK identified the exploit first on-chain. Blockaid followed sixty seconds later. TrustedVolumes confirmed the attack more than two and a half hours after it happened, by which point the funds had already been moved. That confirmation was their first public post in well over a year.
What does this have to do with ordinary DeFi users?
When you complete a transaction on 1inch, you are not just trusting 1inch's contracts. You are trusting every Resolver it depends on, every liquidity source behind those Resolvers, and the custom contracts those participants have built and control. That trust chain can extend further than most users realize, and most of what sits along it is invisible and unverifiable from the outside.
TrustedVolumes had no public audit record, no open-source code, but it held unlimited approval over its own treasury. That combination existed on every day the protocol operated normally. It was only tested when an attacker decided to look.
This is not a statement about 1inch specifically. 1inch as an aggregator routes to the best available execution path. It is not responsible for auditing every Resolver in its ecosystem. That is the structural reality of how DeFi is built: protocols depend on protocols, approvals depend on approvals, and the boundary of what is actually secure often sits somewhere you cannot see.
Before entering any DeFi system, it is worth asking: which participants will this transaction actually pass through, and do I have any way to see what those participants have built? TrustedVolumes had been silent for over a year. Its contracts were unverified. Its audit history was nonexistent. None of that was hidden. All of it was observable before anything went wrong.
In Web3, understanding what you are entering matters more than any recovery that might follow. There is no regulator, no customer support line, no third party that can retrieve what has been lost.
Related Reading: