Ostium Left an Opening for Exploiters and $24m Went Out the Door
This article originally appeared in Galaxy Research's weekly newsletter. Subscribe to get the most timely insights delivered to your inbox every Friday morning.
Thieves made off with an estimated $23.75 million worth of the USDC stablecoin Wednesday after exploiting Ostium, a platform for synthetic trading of stocks, commodities, forex, and crypto onchain.
The exploit was carried out over a sequence of eight transactions in which funds left Ostium’s OLP vault:
Transaction 1 totaling 898 USDC
Transaction 2 totaling 11.86 million USDC
Transaction 3 totaling 13,480 USDC
Transaction 4 totaling 13,480 USDC
Transaction 5 totaling 4.49 million USDC
Transaction 6 totaling 3.59 million USDC
Transaction 7 totaling 2.7 million USDC
Transaction 8 totaling 1.08 million USDC
All eight transactions paid out to the same wallet, 0x321Df1...8bfD9. The largest single payout transaction was executed in a single atomic batch that looped through open-and-close cycles. Every transaction routed through the same contract pair (Ostium: Trading → Ostium: Private PriceUpKeep).
Ostium, which runs on Arbitrum, lets users trade leveraged synthetic positions on forex, commodities, indices, stocks, and crypto. All activity is settled onchain in USDC. Users trade synthetic perpetual contracts that track the prices of underlying assets, and there is no delivery of the underlying or fixed expiries on user trades. The Ostium Liquidity Pool (OLP) is the vault side of all this. Liquidity providers deposit USDC and receive OLP tokens representing their pro-rata share of the pool, which is used to back perpetual positions and to provide liquidity for trader profit and loss (PnL) settlement.
The issue arises from how Ostium's oracle system authorizes price data. The verifier takes a price report, derives the signer from the signature, and checks that the signer is on an authorized list. It simply validates the signer's identity, not whether the price itself is accurate. An attacker who held both an authorized oracle-signer key and a registered PriceUpKeep forwarder (the keeper role responsible for fulfilling pending orders) used that combination to submit a future-dated, correctly signed price report and then repeatedly opened and closed positions against it. This allowed them to appear to generate trading profits from the view of the system without any real market exposure. Both the signer and forwarder roles are meant to be granted only by Ostium governance/timelock and are not supposed to be self-assignable; the exploit worked because the attacker obtained legitimate credentials for each, not because of a flaw in Ostium’s trading logic itself.
OUR TAKE
The Ostium incident is one of a number of major application exploits that have happened this year, including at Drift and KelpDAO’s rsETH. A common theme has been that smart contracts and the logic they contain have held up, and the main targets for exploiters have been operational infrastructure and human trust (the compromised signer credentials in Ostium's case, the socially engineered pre-signed admin takeover in Drift's case, and the poisoned RPC infrastructure behind KelpDAO's rsETH bridge).
After each of these high-profile exploits, some have called for safeguards around user funds on applications, such as throttled withdrawals, to disincentivize nefarious actors and limit the loss of funds in the event an exploit occurs. These proposals should be resisted.
Throttling withdrawals introduces censorship risk directly at the application layer. The moment a protocol can unilaterally delay or cap what a user can deposit or withdraw, self-custody becomes conditional instead of absolute. In this case, the app, not the user, decides when funds are accessible and how they can be used. It also collapses the distinction between the exploiter and the average user in the sense that a safeguard designed to slow down an attacker necessarily applies to everyone using the app at that moment. By design, apps would start treating ordinary users as suspects, with no way to distinguish intent in real time.
The slippery slope risk compounds this. Once a protocol builds in the technical capability to throttle or freeze deposits and withdrawals, that capability becomes precedent. Regulators can point to it as evidence that these applications already have the tool to comply with freeze orders, KYC gating, or other requirements and should therefore be required too. A safeguard built to stop attackers can become a hook that pulls a protocol toward obligations they would otherwise be incapable of meeting.
Moreover, innocent market actors will become incentivized to route around the frictions introduced by such measures. In this case, risk can become displaced rather than contained. Users locked behind a throttle will look for a way to exit their economic exposure anyway, which typically means a tradeable claim on the delayed deposit emerges to fill the gap (such as a receipt token, an IOU, a wrapped stand-in for "your funds, pending release"). That claim becomes a new dependency with its own risk surface at both the market level (a peg that can break, a discount that widens under panic) and the technical level (a new contract, a new oracle, a new thing that can be exploited independently of the application it's supposed to represent). The safeguard meant to contain one point of failure ends up compounding the very fragility it was built to prevent.
None of this means protocols shouldn’t harden the parts of the stack that actually failed here (e.g. signer key management, verifier redundancy, admin timelocks, social-engineering awareness). But the fix for weaknesses in operational infrastructure and human trust is hardening those things, not adding new discretionary controls over user funds that undermine the core value proposition of the thing being protected.
Legal Disclosure:
This document, and the information contained herein, has been provided to you by Galaxy Digital Inc. and its affiliates (“Galaxy Digital”) solely for informational purposes. This document may not be reproduced or redistributed in whole or in part, in any format, without the express written approval of Galaxy Digital. Neither the information, nor any opinion contained in this document, constitutes an offer to buy or sell, or a solicitation of an offer to buy or sell, any advisory services, securities, futures, options or other financial instruments or to participate in any advisory services or trading strategy. Nothing contained in this document constitutes investment, legal or tax advice or is an endorsement of any of the stablecoins mentioned herein. You should make your own investigations and evaluations of the information herein. Any decisions based on information contained in this document are the sole responsibility of the reader. Readers should consult with their own advisors and rely on their independent judgement when making financial or investment decisions.
Participants, along with Galaxy Digital, may hold financial interests in certain assets referenced in this content. Galaxy Digital regularly engages in buying and selling financial instruments, including through hedging transactions, for its own proprietary accounts and on behalf of its counterparties. Galaxy Digital also provides services to vehicles that invest in various asset classes. If the value of such assets increases, those vehicles may benefit, and Galaxy Digital’s service fees may increase accordingly. The information and analysis in this communication are based on technical, fundamental, and market considerations and do not represent a formal valuation. For more information, please refer to Galaxy’s public filings and statements. Certain asset classes discussed, including digital assets, may be volatile and involve risk, and actual market outcomes may differ materially from perspectives expressed here.
For additional risks related to digital assets, please refer to the risk factors contained in filings Galaxy Digital Inc. makes with the Securities and Exchange Commission (the “SEC”) from time to time, including in its Quarterly Report on Form 10-Q for the quarter ended September 30, 2025, filed with the SEC on November 10, 2025, available at www.sec.gov.
Certain statements in this document reflect Galaxy Digital’s views, estimates, opinions or predictions (which may be based on proprietary models and assumptions, including, in particular, Galaxy Digital’s views on the current and future market for certain digital assets), and there is no guarantee that these views, estimates, opinions or predictions are currently accurate or that they will be ultimately realized. To the extent these assumptions or models are not correct or circumstances change, the actual performance may vary substantially from, and be less than, the estimates included herein. None of Galaxy Digital nor any of its affiliates, shareholders, partners, members, directors, officers, management, employees or representatives makes any representation or warranty, express or implied, as to the accuracy or completeness of any of the information or any other information (whether communicated in written or oral form) transmitted or made available to you. Each of the aforementioned parties expressly disclaims any and all liability relating to or resulting from the use of this information. Certain information contained herein (including financial information) has been obtained from published and non-published sources. Such information has not been independently verified by Galaxy Digital and, Galaxy Digital, does not assume responsibility for the accuracy of such information. Affiliates of Galaxy Digital may have owned, hedged and sold or may own, hedge and sell investments in some of the digital assets, protocols, equities, or other financial instruments discussed in this document. Affiliates of Galaxy Digital may also lend to some of the protocols discussed in this document, the underlying collateral of which could be the native token subject to liquidation in the event of a margin call or closeout. The economic result of closing out the protocol loan could directly conflict with other Galaxy affiliates that hold investments in, and support, such token. Except where otherwise indicated, the information in this document is based on matters as they exist as of the date of preparation and not as of any future date, and will not be updated or otherwise revised to reflect information that subsequently becomes available, or circumstances existing or changes occurring after the date hereof. This document provides links to other Websites that we think might be of interest to you. Please note that when you click on one of these links, you may be moving to a provider’s website that is not associated with Galaxy Digital. These linked sites and their providers are not controlled by us, and we are not responsible for the contents or the proper operation of any linked site. The inclusion of any link does not imply our endorsement or our adoption of the statements therein. We encourage you to read the terms of use and privacy statements of these linked sites as their policies may differ from ours. The foregoing does not constitute a “research report” as defined by FINRA Rule 2241 or a “debt research report” as defined by FINRA Rule 2242 and was not prepared by Galaxy Digital Partners LLC. Similarly, the foregoing does not constitute a “research report” as defined by CFTC Regulation 23.605(a)(9) and was not prepared by Galaxy Derivatives LLC. For all inquiries, please email [email protected].
©Copyright Galaxy Digital Inc. 2026. All rights reserved.