Incident case
LI.FI 2022 approval-drain exploit
An unchecked external-call path in LI.FI's pre-bridge swap logic allowed an attacker to invoke token contracts and drain assets from wallets that had granted infinite approvals.
reviewedcurrent
Incident facts
- Incident title
- LI.FI 2022 approval-drain exploit
- Bridge
- LI.FI
- Incident date
- 2022-03-20
- Incident type
- Exploit
- Major incident
- Yes
- Affected chains
- Ethereum
- Affected assets
- USDC, USDT, DAI, MATIC, Unknown
- Attack category
- Cross Chain Contract Exploit
- Reported loss
- Approximately $600,000
- Recovery
- None
- Reimbursement
- Partial
- Restart
- Reopened
- Current outcome
- Active After Incident
- Resolution
- Unresolved
- Last reviewed
- 2026-06-15
- Last verified
- 2026-06-15
Timeline events
LI.FI approval-drain exploit occurred2022-03-20
An unchecked external call in pre-bridge swap logic drained tokens from 29 Ethereum wallets with infinite approvals.
Vulnerability patched and smaller wallets reimbursed2022-03-21
LI.FI patched and redeployed the affected logic and reimbursed 25 smaller affected wallets while proposing a separate arrangement for four larger claims.
Evidence records
- Knownsec Blockchain Lab | Li.Finance attack incidentKnownsec Blockchain Lab · Tier 1 · 2022-03-21
- Li Finance protocol loses $600,000 in latest DeFi exploitCointelegraph · Tier 2 · 2022-03-21
- LI.FI Attack: a Cross-chain Bridge Vulnerability? No, It’s Due to Unchecked External Call!BlockSec · Tier 1 · 2022-03-21
Known unknowns
- The acceptance and completion of the proposed angel-investment compensation for four larger wallets requires later review.