Raydium Core Contributor: Treasury Will Fully Reimburse Losses From Legacy AMM V3 Exploit

Raydium core contributor InfraRAY said on X on June 12 (UTC+8) that the team has confirmed an exploit targeting Raydium's legacy AMM V3 program, which was discontinued in 2021. The attacker withdrew a portion of liquidity from the old pools, but the team stressed the incident does not impact current Raydium users: the affected pools have been inaccessible through Raydium's official UI since deactivation, and neither the Raydium SDK nor supported DApps can interact with the mainnet's legacy AMM V3 pools. The five pools involved were Sollet USDTRAY, Sollet ETHRAY, SRMRAY, USDCRAY, and RAYSOL. Early estimates put the loss at about 150,177 RAY, 5,603 SOL, and 893,700 USDC, worth roughly $1.34 million. Raydium said the treasury will make users whole. According to the initial investigation, the issue came from inadequate validation of LP token mint addresses. The attacker minted new LP tokens and passed them off as legitimate to bypass proportional verification checks, enabling the funds to be drained. Raydium said the exploit was an isolated logic flaw rather than a private key compromise or unauthorized access, with no indication of broader contagion risk. All current Raydium programs on mainnet are unaffected. (Source: ODAILY)