Crypto auditor Sherlock to pay out $4.5 million to Euler Finance after exploit
Quick Take
- Audit provider Sherlock has agreed to pay out a $4.5 million claim to Euler Finance.
- Euler was hacked yesterday for $197 million.
We'd love your feedback.
Crypto audit provider Sherlock agreed to pay out $4.5 million to Euler Finance after the protocol, which it had examined, suffered a $197 million exploit.
"Unfortunately, the millions paid back by Sherlock pale in comparison to the size of the hack," Sherlock said on Twitter. "But, on a brighter note, today is the first time in crypto's history that an auditor has paid back millions of dollars for a missed vulnerability." Sherlock has already paid out $3.3 million of the claim.
The perpetrator used a flash loan to exploit Euler by effectively creating ways to liquidate their own positions in a way that paid them more money. They took millions in stETH, USDC, WBTC and dai, causing knock-on effects for various other protocols in the DeFi space.
While Euler had a coverage of up to $7 million with Sherlock, it hit one of its policy limits — namely that it was of a certain size in relation to the Sherlock staking pool.
Sherlock also noted that it had offered a $500,000 bug bounty for exposing critical vulnerabilities on Euler, which this hack would have clearly met. "But unfortunately, the hacker chose not to take this route," it said.
Omniscia, another audit provider that Euler used, said it hadn't checked the audited code. It had only audited the Chainlink integration.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
