//TrustedVolumes
D+

TrustedVolumes

Risk Score 58/100·DValue
Compare
TVL·DEXWebsite →

TrustedVolumes represents a cautionary tale in DeFi security: a 2012-founded company with 100+ engineers deployed a smart contract with four simultaneous critical vulnerabilities and no prior audit. The $6.7M exploit in May 2026 — by the same attacker behind the 2025 1inch hack — reveals dangerous overconfidence in engineering capability over security process. Avoid any capital exposure to this platform until a clean third-party audit is published.

Risk Breakdown

Top Risks

1

May 2026: $6.7M drained via four compounding critical vulnerabilities in the RFQ proxy — unguarded signer registration, authorization-source mismatch, broken replay protection, and unlimited ERC-20 approvals

2

No public smart contract audits before the exploit — fundamental access control flaws would have been caught by any standard audit

3

Same attacker previously exploited the 1inch Fusion V1 in March 2025 ($5M); TrustedVolumes failed to apply lessons from that industry-wide incident

4

The unguarded registerAllowedOrderSigner() function was publicly callable with zero access restrictions — privileged function exposed as public by design

5

Recovery status uncertain: TrustedVolumes is in bounty negotiations with the attacker; full fund recovery not confirmed as of May 2026

Frequently Asked Questions

Is TrustedVolumes safe to use?
TrustedVolumes receives a D+ risk grade (58/100) from Hindenrank, where lower scores indicate lower risk. TrustedVolumes represents a cautionary tale in DeFi security: a 2012-founded company with 100+ engineers deployed a smart contract with four simultaneous critical vulnerabilities and no prior audit. The $6.7M exploit in May 2026 — by the same attacker behind the 2025 1inch hack — reveals dangerous overconfidence in engineering capability over security process. Avoid any capital exposure to this platform until a clean third-party audit is published. TrustedVolumes is a professional crypto market maker that fills swap orders for DeFi users through 1inch. In May 2026, it lost $6.7M after hackers found four critical bugs in its code — including a function that let anyone register themselves as an authorized signer, with no access control whatsoever. There was no security audit before deployment. Funds recovery through bounty negotiation is uncertain.
What are the main risks of using TrustedVolumes?
The key risks identified for TrustedVolumes are: (1) The protocol had no security audit before the $6.7M exploit — standard DeFi due diligence was absent (2) Four simultaneous critical vulnerabilities suggest systemic code review failures, not a single oversight (3) The same attacker also hit 1inch Fusion in March 2025 — TrustedVolumes had over a year to audit similar code and did not (4) Recovery of $6.7M in stolen funds depends on bounty negotiation with the attacker — no guaranteed outcome
What is TrustedVolumes's risk score breakdown?
TrustedVolumes scores 58/100 across eight risk dimensions: Mechanism Novelty: 7/15, Interaction Severity: 18/20, Oracle Surface: 3/10, Documentation Gaps: 8/10, Track Record: 12/15, Scale Exposure: 0/10, Regulatory Risk: 4/10, Vitality Risk: 6/10. The highest risk area is Interaction Severity at 18/20.
How does TrustedVolumes compare to other DEX protocols?
Among 112 rated DEX protocols on Hindenrank, TrustedVolumes ranks #111 by safety (lowest risk score = safest). Its 58/100 risk score and D+ grade place it among the riskier DEX protocols.
Has TrustedVolumes ever been hacked or exploited?
TrustedVolumes scores 12/15 on the Track Record risk dimension, indicating some history of security incidents or exploits. Higher scores reflect more severe or frequent incidents. Review the full risk report for details.
Last scanned 2026-05-22

Get risk alerts before it's too late

Weekly grade changes, downgrade alerts, and new protocol risk findings. Free.