Aurellion Labs Loses $455K USDC in Diamond Proxy Re-Init Attack

An Aurellion Labs smart contract lost 455,003 USDC after an attacker found a gap in the protocol’s Diamond proxy setup and flipped ownership to themselves. The drain hit multiple approved wallets in a single coordinated sequence. Nobody stopped it in time.

The victim contract sits at address 0x0adc63e71b035d5c7fdb1b4593999fa1f296f1b2 on Arbitrum. Blockchain security firm SlowMist flagged the attack through its threat intelligence unit, identifying the exact flaw that made it possible.

The Flaw That Handed Over Ownership

The root problem was an unprotected initialize(address varg0) function sitting inside the protocol’s SafeOwnable Facet. When the Diamond contract was first set up, ownership went through a non-initialize path. That left the initialization version slot — specifically bytes 0-7 of storage slot 0xf0c57e... — still reading zero.

An attacker at address 0x9f49591a3bf95b49cd8d9477b4481ce9da68d5ca spotted this. Because the version slot never updated from zero, the initialize function could be called again. They called it. That single transaction handed them Diamond ownership.

Once in control, the attacker called diamondCut to inject a malicious facet carrying a pullERC20 function. From there, pulling approved USDC from victim wallets was straightforward.

Three Wallets Hit, $455K Gone

The vulnerable facet used in the attack is recorded at 0x3ca79c1cf29b8d19f7c643bb6e6bc9c49762e70f. Three wallet addresses were among those drained: 0x2e933518…, 0xa90714a1…, and 0xeced2d37…. Each had previously approved the contract to spend their USDC. That approval is what the attacker’s injected facet called.

According to SlowMist_Team on X, the total loss came to approximately $455,003.

“Unprotected initialize(address varg0) in SafeOwnable Facet. Diamond set owner via non-initialize path without updating _initialized version slot (bytes 0-7 of 0xf0c57e…) from 0, allowing re-init by attacker to overwrite owner, call diamondCut to inject malicious facet with pullERC20, and drain approved USDC.”

The on-chain transaction confirming the exploit is publicly traceable on Arbiscan.

Why Diamond Proxies Carry This Specific Risk

Diamond contracts — built on EIP-2535 — split protocol logic across multiple facets, each handling different functions. That architecture gives developers flexibility. It also adds complexity around initialization guards. If a contract’s initial setup bypasses the standard initialize() path, the version slot never increments. Any attacker who checks for that zero value gets a second chance to run initialization themselves.

This is different from the private-key compromises and oracle manipulation attacks that drove most of DeFi’s losses in 2025 and early 2026. It is a code-level gap. A quiet one. The kind that audits miss when they don’t trace every path leading to ownership assignment.

Aurellion Labs builds infrastructure for tokenized real-world assets, including on-chain compliance tools and DeFi trading rails. The protocol had positioned the victim contract as a component of that stack. Wallets that had granted token approvals to that address had no warning before the drain ran.

SlowMist confirmed the analysis through its SlowMist.AI system, which it uses for real-time threat intelligence across on-chain activity.

DeFi contracts that use Diamond patterns without locking their initialization paths after deployment remain exposed to this specific vector. A correct implementation updates the version slot during the ownership assignment, regardless of which function path handles that setup. Aurellion’s did not.