How Does YieldBlox Work?
YieldBlox is Stellar's first DeFi lending protocol, built on the Blend permissionless lending framework and governed by the YBX token. In February 2026 the protocol's community-managed pool suffered a $10.2M oracle manipulation exploit when an attacker inflated the price of the illiquid USTRY collateral asset 100x via a single Stellar DEX trade, draining all pool reserves. Its D+ grade reflects a major exploit on the current codebase, a custom on-chain VWAP oracle with a proven vulnerability to thin-market manipulation, and a TVL collapse to under $100K following the incident.
TVL
$50,000
Sector
Lending
Risk Grade
D+
Value Grade
D
Core Mechanisms
4.1.1
Overcollateralized lending pools on Stellar via Blend framework
Standard Compound-style overcollateralized lending with interest-bearing deposit tokens; deployed on Stellar blockchain using Blend as the underlying lending primitive
4.2.1
Utilization-based interest rate model with kink point
Standard dynamic interest rate model where rates increase nonlinearly above target utilization; borrowed from Compound/Aave pattern deployed since 2019
4.1.3
NovelPermissionless Blend pool creation with YBX governance-approved collateral assets
Any entity can create a Blend lending pool; the YieldBlox DAO can vote to approve novel or illiquid collateral assets without centralized risk review; this permissionless model enabled the USTRY collateral approval that led to the February 2026 exploit
3.2.2
NovelReflector VWAP oracle — asset prices derived from volume-weighted average of Stellar DEX (SDEX) trades
Custom oracle sourcing prices entirely from on-chain Stellar DEX trading activity; proven manipulable via thin liquidity: in February 2026 a single 0.05 USTRY purchase at 501 USDC inflated USTRY price from $1.05 to ~$106, a 100x manipulation enabling the full pool drain
4.3.1
Threshold-based liquidation engine triggered at maintenance collateral ratio breach
Standard liquidation mechanic where positions falling below the maintenance collateral ratio can be seized by third-party keepers; vulnerable to oracle manipulation preventing valid liquidation triggers
4.5.2
NovelBlend backstop insurance module — a percentage of LP deposits committed as bad-debt insurance
Protocol-native insurance where a portion of deposits forms a backstop pool against bad debt; distinct from Aave Safety Module which uses separately staked tokens; backstop capacity is bounded by pool size and was insufficient to cover the February 2026 $10.2M exploit
7.1.2
YBX governance token with escrow voting for protocol parameter changes
Standard governance token; YBX can be escrowed to propose and vote on protocol changes including collateral asset approvals, interest rate parameters, and fee settings
7.3.1
YBX yield farming rewards distributed proportionally to lenders and borrowers
Standard liquidity mining incentive distributing governance tokens to protocol users; 15M YBX/year distributed over 10 years; creates mercenary capital dynamics as rewards decline
How the Pieces Interact
Governance-approved illiquid collateral assets create exploitable oracle surfaces: any asset with thin SDEX liquidity can have its Reflector VWAP price manipulated by a single large trade. In February 2026 this interaction drained $10.2M from the YieldBlox DAO Pool when USTRY was inflated 100x via a single manipulative purchase after the sole market maker withdrew.
VWAP oracle manipulation can both suppress valid liquidations (by inflating collateral values above liquidation threshold) and trigger unjust liquidations (by deflating them); in the February 2026 attack the oracle inflation prevented liquidation of the over-borrowed position until pool reserves were fully drained.
Backstop capacity is proportional to pool deposits; a rapid full-pool exploit drains reserves faster than the backstop can absorb, creating bad debt that exceeds the protocol's internal insurance capacity and requires external rescue. The February 2026 exploit demonstrated this failure mode at $10.2M scale.
Governance token holders bear responsibility for evaluating collateral risk including SDEX liquidity depth and oracle manipulation resistance; without dedicated risk-assessment tooling the governance process may approve illiquid assets without recognizing the specific VWAP oracle vulnerability.
YBX emission incentives attract mercenary capital that exits when rewards decline; post-exploit YBX price at -97% from ATH reduces the dollar value of incentives, potentially triggering a TVL exit cycle that shrinks the backstop module and makes remaining pools more vulnerable to manipulation.
What Could Go Wrong
- Custom VWAP oracle (Reflector) prices collateral assets based on recent Stellar DEX trading volume; in February 2026 an attacker placed a single manipulative trade in the illiquid USTRY/USDC pair to inflate the price 100x, enabling them to borrow the entire pool's reserves (~$10.2M) before any protective mechanism triggered.
- Permissionless pool creation allows governance to approve arbitrary collateral assets on Blend; the YieldBlox DAO's approval of USTRY — a low-liquidity Stellar asset with a single market maker — directly created the oracle manipulation surface that enabled the February 2026 exploit.
- Post-exploit TVL has collapsed from ~$10M to under $100K, creating severe exit liquidity risk and raising questions about whether the lending pools can attract meaningful capital without oracle infrastructure redesign and restored depositor confidence.
- Backstop module insurance was insufficient to cover the $10.2M bad debt from the exploit; full user compensation depends on Script3's organizational resources rather than a protocol-native recovery mechanism, creating an unresolved centralized dependency.
Reflector VWAP Oracle Manipulation via Illiquid Collateral Asset
ElevatedTrigger: A YieldBlox DAO Pool approves a collateral asset with less than $500K daily SDEX volume, and the asset's sole market maker withdraws all liquidity for 10+ minutes, leaving no valid recent trades for Reflector to aggregate
- 1.Market maker withdraws all liquidity from a YieldBlox-approved collateral asset's SDEX pair — Reflector VWAP oracle has no recent valid trades; stale pricing period begins where a single trade will define the oracle price
- 2.Attacker places a single large sell offer for the illiquid collateral asset at 100x normal price (matching the USTRY/USDC February 2026 pattern) — Reflector records this as the most recent volume-weighted price; collateral value displayed to YieldBlox contracts is now artificially inflated by up to 100x
- 3.Attacker deposits minimal inflated collateral into the YieldBlox Blend pool — Protocol accepts collateral at manipulated valuation, allowing overborrowing far exceeding the actual collateral value
- 4.Attacker borrows maximum available pool reserves (XLM, USDC, or other supported assets) against the inflated collateral — Pool reserves fully drained in a single transaction; liquidation cannot trigger during borrowing because oracle still shows collateral as overcollateralized
- 5.Oracle manipulation is identified; position marked as deeply undercollateralized retroactively — Bad debt equals the borrowed pool reserves; backstop module absorbs what it can (bounded by pool deposit percentage) but cannot cover the full deficit
- 6.Script3 or Stellar validators intervene — Depending on attacker's behavior, Stellar Tier-1 validators may be able to freeze accounts (froze $7.2M in the February 2026 incident); remaining losses require organizational compensation or become permanent bad debt
Risk Profile at a Glance
Overall: D+ (58/100)
Lower score = safer