🚨 Haedal Vault (Sui) Loses ~$915K in Cross-Version Logic Flaw from 2025 Upgrade WHAT HAPPENED On June 9, 2026, Haedal Protocol detected an abnormal liquidity decline across several of its Vault pools on Sui. The team immediately paused the affected contracts as a precautionary measure. After investigation, the total direct loss was confirmed at approximately $915,179. The incident was isolated only to Haedal Vault. All other Haedal products, modules, and assets remain fully secure and unaffected. ATTACK METHOD The root cause was a hidden cross-version logic flaw introduced during a Vault upgrade deployed at the end of 2025. After the newer Vault package was released, the older package’s entrypoints remained callable (they were not fully deprecated via forced upgrade). The attacker exploited this gap to mint more Vault LP shares than expected through the legacy deposit path. They then redeemed the inflated shares against the Vault’s underlying assets. All individual package audits passed, but the cross-version interaction between old and new logic was not caught during review. CHAINBOUNTY ANALYSIS This is a classic case of “upgrade debt” in smart contract development. Even well-audited upgrades can create dangerous loopholes when legacy entrypoints are left active alongside newer versions. Yield and vault protocols are especially vulnerable because they directly handle user deposits and LP share calculations. Positive aspects: Haedal responded quickly and transparently. They are covering 100% of user losses in the original assets (no new HAEDAL token issuance or selling pressure). A patched version has already been completed and is currently under cross-party review. New Vault pools will replace the affected ones, with recovery expected soon. This incident highlights why forced upgrades and complete deprecation of old code paths should be standard practice in 2026. PROTECT YOURSELF Protocols/Teams: When upgrading contracts, treat it as a forced migration. Explicitly disable or remove old entrypoints instead of just leaving them callable. Users: Pay close attention to any “abnormal liquidity” or contract pause announcements on yield/vault protocols. Developers: Always test interactions between different contract versions thoroughly during upgrades. Source: Official Haedal Vault Post-Mortem (@HaedalProtocol) #ChainBounty #Haedal #Sui #DeFiHack #VaultExploit #SmartContract #UpgradeRisk