Ostium, a perpetual contract trading platform for RWA on Arbitrum, attacked with estimated losses of $18 million
Ostium, a perpetual contract trading platform for RWA on Arbitrum, was attacked, resulting in estimated losses of $18 million.
The attacker compromised the oracle signer’s private key, used a PriceUpkeep relayer to submit favorable prices at future times, and cyclically opened and closed positions to deplete the treasury funds. Ostium officials have not yet responded.
Market mechanisms indicate that the oracle attack is driving users to withdraw funds from the Arbitrum RWA derivatives protocol, with capital shifting to perpetual platforms with stronger multi-signature or insurance mechanisms. Liquidity providers and market makers are under pressure, while the attack method exposes vulnerabilities in on-chain price feeds.
Source: Public information
ABAB AI Insight
Ostium previously relied on an oracle system to support RWA perpetual trading, attracting liquidity during its growth phase. However, similar to multiple oracle manipulation attacks from 2023-2025, such as the Mango Markets case, it has exposed the risks associated with signer private keys.
In terms of capital flow, the attacker exploited price manipulation through circular trading to extract treasury funds, while protocol resources are now directed towards investigation and potential compensation, motivated by quick profits, with some user funds already migrating to competitors.
Like other DEXs that paused and repaired after oracle vulnerabilities, Ostium is currently in the impact phase of a security incident concerning the emerging RWA Perp protocol.
This essentially represents a technological shift, with oracle invasions accelerating capital movement from single-signature systems to decentralized verification protocols. The mechanism is driven by low attack costs and high returns, pushing the industry to upgrade security infrastructure and enhance the overall DeFi resistance to attacks and user trust thresholds.
ABAB News · Cognitive Laws
- Private key invasion equals treasury breach.
- Price manipulation tests protocol boundaries.
- The cost of security upgrades leads to the success of mature platforms.