In the first days of July 2026, an attacker drained about six million dollars from Summer.fi, the DeFi platform behind the Lazy Summer Protocol, and the protocol's guardians responded by pausing all of its vaults. The mechanism is worth slowing down for, because it is not exotic and it is not unique to Summer.fi. It is an attack on the way an ERC-4626 vault prices a share, the exact contract standard a large share of DeFi, this protocol included, is built on. So this is a careful read of what happened and what it teaches, not a victory lap. Summer.fi shipped a real product, was hit by a real and well-documented class of bug, and paused quickly. The useful thing to take from it is the check you can run on any vault you hold, and the honest limit of that check.
The single most important correction first, because a lot of fast commentary gets it backwards: reading the vault's accounting yourself would not have caught this attack in advance. It is still worth reading, and we built a free tool to do it. But the thing that catches this class in the act is not a reading. It is a watch. Here is why.
What happened, in figures
The numbers, as reported from July 6, 2026 by Blockaid, which flagged the incident first, and corroborated by PeckShield, CertiK and CoinDesk. The attacker used a flash loan of roughly sixty-five point four million dollars, sourced through Morpho, and in a single atomic transaction deposited about sixty-four point eight million dollars into Lazy Summer vaults and redeemed about seventy point nine million, walking away with the roughly six million dollar difference. Summer.fi's total value locked before the attack was about twenty-two million dollars, and its SUMR token fell more than eighteen percent on the news. Summer.fi said it was investigating and that its guardians had paused the affected vaults to prevent further loss. The platform is on Ethereum, and the affected vaults, including one named LazyVault_LowerRisk_USDC, are USDC FleetCommander vaults.
How a donation attack prices a share wrong
An ERC-4626 vault is a standard interface for a contract that takes deposits of one asset and issues shares against them. The price of a share is defined by one ratio: the vault's total assets divided by its total shares. Deposit into a healthy vault and you receive shares at that ratio; redeem and you get assets back at it. The whole design rests on totalAssets being an honest count of what the vault holds.
A donation attack breaks that honesty for a moment. In Summer's architecture a FleetCommander vault routes its assets into sub-strategies called Arks, each connecting the vault to an external lending market. Per the on-chain analysis, the attacker had accumulated positions in one such strategy in advance, then, mid-transaction, donated assets straight into the Ark. That donation inflated the FleetCommander's totalAssets without minting any new shares, so for an instant every share was priced far above what it was really worth. The attacker redeemed shares at the inflated price, took the difference, and unwound the flash loan, all inside one transaction. DeFi researchers described it in exactly those terms: a flaw that let the attacker inflate total assets and then redeem for a net profit.
This is a known class, not a novel one. The ERC-4626 standard has carried a documented share-inflation risk since it was written, and the standard mitigations, a virtual-shares or decimals offset, seeding the vault, and guarding how totalAssets is measured, are well understood. That it is known is exactly why it deserves teaching rather than mockery: the bug was not a mystery, and the next one will rhyme with it.
Why reading the vault would not have caught it
Here is the part to be precise about, because it is the difference between a tool that helps and a tool that quietly misleads you. You can read a vault's totalAssets, totalSupply and price-per-share yourself, live, any second, and we think you should. But a donation attack lives inside a single transaction: the assets are inflated, the shares are redeemed, and the loan is repaid before the transaction ends. A reading you took one block earlier shows a normal vault. A reading you take one block later shows a drained one. There is no block at which a snapshot shows you the attack in the act, because the manipulation does not persist across blocks. A one-time reading cannot catch it, and anyone selling you a snapshot as protection against this specific attack is selling you the wrong thing.
What does catch the class is watching that same price-per-share over time and alerting the moment it deviates. A share price that should move slowly and mostly upward, suddenly printing a spike or a collapse, is the signature. That is not a reading; it is a monitor, a standing process that re-reads on a schedule and pages you when a value crosses a threshold you set. The reading tells you the state now. The monitor tells you when the state moves. Only the second is a defense against an attack that lives in one transaction, and we would rather say that plainly than dress a snapshot up as a safety net it is not.
What you can actually do, today
Two concrete things, one free and one paid, and we are clear about which is which.
- Read any vault's accounting yourself, free. We built kerne.fi/verify-vault the same week: paste any Base or Ethereum ERC-4626 vault address and it reads the live totalAssets, totalSupply and price-per-share straight from public RPC, and hands you the one-line cast commands to reproduce every number. It loads with the exploited Summer.fi vault already in it, so you can see what a drained, paused vault reads as. As of this writing that vault's price-per-share sits well below one, the visible aftermath of the drain. Do not take our number on faith; reproduce it against any public node.
- Watch a vault you hold, from $99 a month. Because the reading is a snapshot and the monitor is the defense, the honest paid product here is the watch, not the read. kerne.fi/monitoring re-reads a vault's price-per-share, its reserve ratio, and a feed's freshness on a schedule, and pages your Discord or Telegram the moment any of them crosses a line you set. It tells you when something moves; it is not an audit and it does not certify a vault.
Where we sit, read the same way
A post that points at someone else's vault and quietly exempts its author is the exact thing this series exists to avoid, so, plainly, and read us the same way you would read anyone. Kerne's staked dollar, skUSD, is itself an ERC-4626 vault, and it is in the free tool above as the dogfood example. Two honest facts about it, and one open one.
First, skUSD is a single-asset vault: its asset is kUSD, and it is a staking wrapper rather than a multi-strategy allocator routing deposits into external Arks the way a FleetCommander does. The specific surface exploited here, donating into a sub-strategy to inflate a parent vault's totalAssets, is not present in the same shape, because there is no external sub-strategy to donate into. Second, skUSD uses the standard decimals-offset mitigation, its shares carry six more decimals than kUSD, which is the documented ERC-4626 defense that makes the classic share-inflation attack economically infeasible. Neither of those is a claim of immunity, and we will not make one: a donation directly into any vault still moves its ratio, and a decimals offset raises the cost of that, it does not abolish it.
The open fact, disclosed rather than discovered: separately from this event, we hardened a related share-accounting edge on our audit branch ahead of our July 13, 2026 external audit freeze with Hexens, and the live vault still runs the pre-patch code until that freeze ships. We are pre-audit, at Genesis scale, and we say so everywhere, including at /legible. The correct posture toward us is the same one this post recommends toward everyone: read the vault yourself at /verify-vault, and if you hold it, watch it. We are not affiliated with Summer.fi and are reactive-only toward them; nothing here is a criticism of a team that shipped, was hit by a known class, and paused fast.
The check to run on any vault you hold
Summer.fi leaves a short, portable checklist for the next ERC-4626 vault, and there will be a next one: there were roughly a dozen DeFi exploits in the two weeks around this one alone. One: can you read the vault's totalAssets, totalSupply and price-per-share yourself, and does the price-per-share sit where the design says it should. Two: how is totalAssets measured, and can anyone inflate it by donating assets in, which is the question this attack turned on. Three, and the one a reading cannot answer for you: is anyone watching that price-per-share over time, because that, not a snapshot, is what catches a one-transaction attack. Read the vault at /verify-vault, and the token version of the same check at /verify-anything. Being able to check a vault yourself is necessary. Being watched is what saves you.
Figures are as of July 6, 2026 and move intraday; nothing here is investment advice or an offer of any token, and nothing here is a claim that Summer.fi is under-backed or that its team acted improperly. The roughly six million dollar loss, the pause of the Lazy Summer vaults by Summer.fi's guardians, the flagging by Blockaid with corroboration from PeckShield and CertiK, the roughly twenty-two million dollar pre-attack total value locked, and the SUMR decline of more than eighteen percent are per CoinDesk and The Block. The roughly sixty-five point four million dollar Morpho flash loan, the about sixty-four point eight million dollars deposited and about seventy point nine million redeemed in one transaction, and the donation of assets into the Ark to inflate a FleetCommander's totalAssets are per on-chain analysis reported by crypto.news and Moneycheck, which places the drain on Ethereum. The affected vault LazyVault_LowerRisk_USDC and its live accounting were read directly on Ethereum on July 6, 2026 and are reproducible at /verify-vault. Kerne is not affiliated with Summer.fi, Morpho, Blockaid, PeckShield or CertiK. Kerne's own claims resolve to live endpoints: the hourly signed Proof of Reserves at /api/por/signed, its on-chain leg at /api/por, and the live risk surface at /api/risk-status. A price-per-share reading is a fact you can reproduce; it is not an audit and not a solvency opinion.
Verify it yourself
Run the same check on any reserve, or have it run for you.
Paste any issuer's signed attestation into the free verify tool and recover the signer, rehash the figures, and check freshness in your own browser. For a machine-signed, point-in-time read of an address you name, delivered on the page in about two minutes, the instant self-serve read is $29; a human-reviewed read is $149. A teardown like this one, commissioned on any target you name, is $499. An independent read of a counterparty you hold or allocate to is $2,500. Attestation tooling, not an audit, and not a solvency opinion.