Anthropic’s Claude Opus 4.6 blamed for Moonwell’s $1.78M loss in smart contract exploit
The post Anthropic’s Claude Opus 4.6 blamed for Moonwell’s $1.78M loss in smart contract exploit appeared on BitcoinEthereumNews.com.
DeFi lending protocol Moonwell lost $1.78 million after an oracle pricing error in what is being described as one of the first major exploits directly linked to AI-generated Solidity code. Apparently, the error was caused by some code that was partially written by Anthropic’s Claude Opus 4.6 model. Moonwell, a decentralized lending market operating on Base and Optimism, stated that it found a critical oracle configuration issue affecting its Coinbase Wrapped Ether (cbETH) Core Market on Base. This caused cbETH to be valued at approximately $1.12 per token instead of its actual market price near $2,200, which is a 2,000x undervaluation that triggered instant liquidations. 🚨Claude Opus 4.6 wrote vulnerable code, leading to a smart contract exploit with $1.78M loss cbETH asset’s price was set to $1.12 instead of ~$2,200. The PRs of the project show commits were co-authored by Claude – Is this the first hack of vibe-coded Solidity code? pic.twitter.com/4p78ZZvd67 — pashov (@pashov) February 17, 2026 Claude co-authored code set cbETH price at $1.12 instead of $2,200 The vulnerability appeared on February 15, just after Moonwell activated governance proposal MIP-X43, which integrated Chainlink’s Oracle Extractable Value (OEV) wrapper contracts across Base and Optimism markets. As such, instead of calculating the cbETH price in USD by multiplying the cbETH/ETH exchange rate by the ETH/USD price feed, the deployed code obtained only the cbETH/ETH exchange rate and treated that ratio as if it were already denominated in dollars. With cbETH trading at lower prices because of Moonwell’s oracle, liquidators could repay around $1 worth of debt and get collateral worth thousands in return. Moonwell’s risk manager was able to reduce the cbETH borrow cap to 0.01 within hours of the vulnerability, effectively freezing new borrowing activity and containing further damage. However, liquidations had already been processed, so users were left…
Filed under: News - @ February 18, 2026 12:28 pm