Summer.fi has released a detailed post-mortem on $6.04 million using that destroyed two of his Lazy Summer Protocol USDC vaults. It concludes that the attack was planned months in advance rather than simply taking advantage of credit.
The report says that the attacker spent about three months gathering the necessary resources to implement the protocol. The use was made in one atomic union on July 6.
It also says that the cause was a performance problem during the removal of the old method rather than a bug in the protocol’s smart contracts.
The attack used an incomplete exit method
According to the post-mortem, the attacker they manipulated the net asset value (NAV) of two USDC vaults. Silo’s precious tokens were awarded in a locked Ark during the passage. However, the Ark remained in the room’s NAV calculations.
This artificially inflated the company’s share price, which allowed the raider to buy back the stock at a higher price. The attacker left for approx $6.04 million in USDC from the liquid point of the protocol.
The losses were split between Lower Risk USDC Vault, which lost about $5.64 millionand High Risk USDC Vault, which lost about $400,000.
Summer.fi insisted that the exploit was not caused by compromised private keys, access control, or a bug. Instead, it said the contracts involved performed as designed.
However, the damaged Ark continued to operate as a cash register in the vault after its deposit cap was set to zero.
Preparations began months before the arrival
This report also refutes the original story that the use was just a loan.
Summer.fi said the blockchain evidence shows the attacker paid for several wallets about three months before this. The attacker then gradually acquired valuable Silo tokens, which were later used to upgrade NAV rooms.
Flash loans provide last-minute financing rather than creating a risk in itself.
The protocol also described a widely distributed graph showing the average annual yield 2.08 million. It explains that the figure was the result of a one block increase in the NAV reported in the room and did not represent the actual amount.
The protocol is suspended while the control tries the next steps
Following the ordeal, all Lazy Summer Protocol rooms were suspended, and reserve caps were reduced to zero while the incident was investigated.
The report said authorities must decide how to use the affected equipment, whether to charge users, and whether to restore unaffected glass to normal operation.
Brief Summary
- Summer.fi said the loss of $6.04 million was planned over several months and stemmed from an inadequate closing process.
- The policy has put all rooms on hold while the authorities consider compensation, rehabilitation, and the successful reopening of the markets that were not affected.





