DeFi governance infrastructure platform INK Finance has confirmed a security incident on its Polygon deployment, with its Workspace Treasury Proxy exploited for roughly $140,000 in USDT earlier today.
The breach was first surfaced by Web3 security firm Blockaid at around 1:41 PM UTC on May 11, 2026, in a community alert that flagged the victim contract, attacker address, and the exploit transaction on Polygonscan.
The compromised contract sits at 0xa184Af4B1c01815A4B57422A3419E4FB78a96Ee4, identified on-chain as INK Finance’s Workspace Treasury Proxy. The proxy is an EIP-1967 beacon pattern contract that was originally deployed in December 2023, and routes calls through a shared implementation at 0x72225ccb…7AFc89890. The treasury sat dormant until the exploit transaction landed earlier today.
INK Finance has positioned itself for years as Web3’s “gold standard” for DAO financial infrastructure, offering treasury management, governance flows, and on-chain payment modules across Avalanche and Polygon. Today’s incident strikes directly at the treasury layer that the protocol’s entire pitch is built on.
How the exploit worked
According to Blockaid’s post-incident breakdown and on-chain forensics, the attacker did not break cryptography or steal a key. They exploited a logic flaw in INK’s Workspace controller, specifically in how the controller authenticates accounts permitted to call its claim() function.
The vector unfolded in three steps:
Step one. The attacker deployed a malicious contract at an address that matched, or was registered as, a whitelisted claimer entry inside INK Finance’s Workspace controller. Whitelisted-claimer logic is a common DeFi pattern that allows pre-approved addresses to claim or execute on behalf of users, often to enable atomic claim-and-stake or claim-and-forward flows.
The integrity of the pattern depends entirely on the whitelist being tightly bound to trusted entities, which, in this case, it was not.
Step two. Once the attacker controlled an address that passed the whitelist check, they invoked claim(claimId) on the controller. The function ran its eligibility check, found the caller in the allowed set, and signaled approval downstream.
The treasury proxy’s authorized transfer function trusted that approval implicitly and released funds without applying any additional ownership or balance-sanity gate.
Step three. To inflate the payout, the attacker pulled a roughly $25,000 flashloan from Balancer V2, used it inside the same transaction to satisfy whatever balance condition the claim path was checking, drained approximately $140K USDT from the Workspace Treasury Proxy, and repaid the flashloan in the same atomic call.
The flashloan piece turned a logic flaw into a profitable extraction, since it let the attacker temporarily appear to be a much larger eligible claimant than they actually were.
The malicious actor contract is logged at 0x90b147592191388e955401af43842e19faa87ee2, and the exploit transaction is publicly viewable on Polygonscan.
Funding trail points to railgun
Blockaid’s trace of the attacker’s wallet’s funding history reveals a textbook obfuscation chain. The wallet was funded via Railgun on Ethereum, the privacy-preserving smart-contract system that shields sender, receiver, and amount metadata, before the funds were bridged over to Polygon roughly 32 minutes before the exploit transaction landed.
The short delta between bridging and exploit suggests the attacker had the contract pre-staged and was simply waiting for gas and capital to be in position.
Railgun has become an increasingly recurrent footprint in post-exploit forensic write-ups over the past year, in many cases functioning as the modern successor to Tornado Cash for attackers who want privacy without the regulatory baggage of sanctioned mixers.
What it means
The $140K figure is small in dollar terms compared to the eight and nine-figure exploits that have defined recent DeFi quarters, but the class of vulnerability is the larger story. Whitelist-gated claim functions, paired with proxy-based treasuries, are deployed across a meaningful slice of DAO infrastructure today.
The exploit is essentially a textbook case of an authorization check that confirms who is calling without re-validating what they are entitled to receive, and it generalizes uncomfortably well to other treasury controllers built on the same pattern.
A few specific observations stand out for protocols running similar architectures:
The Workspace Treasury Proxy was an unverified contract on Polygonscan at the time of the exploit, which limited the ability of external auditors and white-hat researchers to spot the flaw pre-incident. The implementation it points to has been live since 2023 without further upgrades on this proxy, meaning the vulnerable logic has been on-chain and exploitable for an extended window.
The flashloan-assisted nature of the attack also reinforces a pattern that has played out repeatedly across DeFi exploits: as long as a contract’s authorization or accounting logic is sensitive to caller balances or token holdings at the moment of the call, attackers will rent that balance from Balancer, Aave, or Morpho for the length of a single transaction and walk away with the payout.
What’s next
INK Finance has not, at the time of this report, posted a formal public statement on its own channels detailing the scope, remediation timeline, or whether user funds beyond the drained Workspace are at risk. Blockaid has tagged the attacker address and the exploit transaction publicly, which typically precedes coordinated outreach with centralized exchanges and bridges to flag the funds if they attempt to move further.
For users with active INK Finance Workspaces or treasury setups on Polygon or Avalanche, the prudent stance until INK issues guidance is to revoke any outstanding approvals to the Workspace controller and treasury proxy contracts, audit current claimer whitelists for any unfamiliar entries, and avoid deploying fresh capital into INK-managed treasuries until a post-mortem and patch are confirmed on-chain.
The Crypto Times will continue to track the incident and update this report as INK Finance, Blockaid, and on-chain investigators publish further findings.
Also Read: 40+ DeFi Protocols Shut Down in 2026: Inside the $770M Hack Crisis Reshaping Crypto
