
Ostium, a decentralized trading protocol for onchain perpetuals, has paused all trading after security firms reported an apparent exploit tied to its OLP liquidity vault. The pause comes alongside warnings that the incident may be linked to the protocol’s oracle system, which delivers external price data needed for trading.
Blockaid estimated the losses at roughly $18 million, while CertiK put the figure closer to $22 million. Both firms suggested the underlying issue involves a compromise of Ostium’s oracle layer, raising broader questions about the resilience of DeFi protocols whose critical components run outside their core smart contracts.
Key takeaways
Ostium paused all trading after a reported issue affecting its OLP liquidity vault. Security firms Blockaid and CertiK estimated losses at about $18 million and $22 million respectively. Both reports pointed to an apparent oracle compromise as the likely driver of the incident. Ostium asked users to temporarily revoke token approvals for its contracts while it investigates.Trading halted after security firms flagged an oracle-linked incident
According to reports from blockchain security companies Blockaid and CertiK, Ostium’s OLP liquidity vault appears to have been exploited. The figures cited by the two firms differ slightly—Blockaid estimated losses at approximately $18 million, while CertiK assessed the impact at roughly $22 million—illustrating the uncertainty that often follows fast-moving investigations.
Both firms attributed the apparent exploit to a compromise of Ostium’s oracle system. Oracles supply offchain or externally sourced price information to onchain markets, and a failure at this layer can undermine the pricing assumptions that perpetuals rely on for liquidations, settlement, and margin logic.
Ostium confirmed the operational response on X, stating that it paused all trading after identifying an issue related to the vault. The protocol later advised users to take an additional protective step: it recommended that users temporarily revoke approvals for its contracts until the team can complete its review of what happened.
“With user security being our first concern, we recommend that all users temporarily revoke approvals for our contracts until we can further investigate the recent incident.”
Why the pause and approvals warning matter for users
In DeFi incidents, the immediate risk is not always limited to the exploited vault itself. When a protocol suspects that permissions may be exposed—or that an attacker could interact with contracts in unintended ways—revoking approvals can reduce the chances of further unauthorized transfers or actions tied to existing allowances.
Ostium’s decision to halt trading suggests it wants to prevent new positions from opening or existing mechanisms from interacting with liquidity while the threat profile is unclear. Importantly, the protocol also said its team is still investigating and has not yet confirmed the root cause or validated the loss estimates provided by Blockaid and CertiK.
That gap—between an “apparent exploit” and an officially confirmed incident report—can be consequential. Traders typically need clarity on whether price data was manipulated, whether funds were drained from a single vault or multiple routes were used, and whether any remaining funds are still at risk. Until those questions are answered, the most practical step for users is to follow Ostium’s own mitigation guidance.
Ostium’s setup and the broader DeFi security problem
Ostium is built on Arbitrum and operates as an onchain perpetuals platform offering leveraged exposure to 75 trading pairs. Those pairs span stocks, ETFs, commodities, indices, foreign exchange, and cryptocurrencies.
The incident reinforces a pattern that security researchers have highlighted in recent months: DeFi attacks increasingly focus on offchain infrastructure—particularly oracle systems—rather than solely on vulnerabilities within base smart contracts. Even when onchain code is correct, the system can fail if the inputs it depends on can be altered, spoofed, or otherwise compromised.
This is not an isolated event. DeFi security reporting over the past year has repeatedly shown that oracle-related failures, privileged access compromises, and key-management issues can cause outsized damage. In April, Cointelegraph coverage cited DeFiLlama data indicating that crypto hacks produced nearly $630 million in losses during April—its highest monthly total since February 2025. DeFi protocols accounted for the majority of that number, with exploits at KelpDAO and Drift Protocol making up more than 80% of the month’s total.
With the Ostium pause, investors and market participants may want to think about how DeFi systems handle “trusted inputs.” When price feeds are a single point of failure, the operational integrity of decentralized markets can hinge on the security posture of components outside the core trading logic.
Institutional concerns: can DeFi scale if oracle risk remains central?
Beyond immediate losses, incidents like this renew an ongoing debate about whether DeFi is ready for institutional participation. Cointelegraph previously reported concerns about whether DeFi can meet the expectations of institutional risk frameworks, especially as bridge security and cross-layer dependencies continue to show weaknesses.
In an April research note, JPMorgan analysts described bridge security as a key challenge for the sector, calling into question how DeFi could scale for broader institutional involvement. Separately, Cointelegraph noted that shrinking DeFi yields can make security risks harder to justify, and that institutions may struggle to quantify hack risk even when interest in blockchain-based finance continues to grow.
Against that backdrop, the Ostium incident highlights a practical tension: perpetual trading platforms often offer sophisticated exposure, but they also rely on a chain of systems—especially oracles—that may introduce failure modes outside a typical smart-contract audit’s scope.
For builders and risk managers, the next phase will likely focus on operational transparency: what oracle data was used, whether the compromised component was identifiable, and how Ostium’s controls prevented wider contagion. For traders, the key question is whether the pause turns into a prolonged suspension until full verification, or whether the protocol can safely resume with updated safeguards.
Readers should watch for Ostium’s follow-up investigation findings, especially any confirmation of the oracle compromise hypothesis, plus further guidance on whether users must do anything beyond revoking approvals and waiting for resumption of trading.
This article was originally published as Ostium Halts Trading After Oracle Exploit Impacts OLP Vault on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.

2 hours ago
3

Bengali (Bangladesh) ·
English (United States) ·