Raydium’s legacy AMM V3 program was exploited for approximately $1.34 million after an attacker abused a liquidity provider mint validation flaw in deprecated Solana pools, adding another incident to the growing list of decentralized exchange infrastructure failures. The Raydium team said the issue was isolated to an old AMM V3 contract that had been phased out in 2021 and did not affect the platform’s current liquidity programs or active users.
The exploit drained five deprecated liquidity pools tied to the legacy program. According to Raydium core contributor Infra, the root cause was a self-contained validation flaw involving LP mint checks. The attacker was able to manipulate pool logic by using invalid or fake LP token conditions, allowing funds to be withdrawn from pools that should no longer have carried meaningful user risk.
Raydium said it will compensate affected losses from its treasury. That response is important because the exploit involved obsolete infrastructure rather than current user-facing pools, but the loss still raises questions about how decentralized protocols manage retired contracts, residual liquidity and long-tail smart contract exposure. The team said current Raydium users were unaffected, limiting immediate contagion risk across Solana decentralized finance.
Legacy contracts create hidden risk
The incident highlights a recurring problem in decentralized finance: old contracts can remain financially relevant even after newer systems replace them. Protocols often deprecate earlier versions but cannot easily erase deployed smart contracts from public blockchains. If users, bots or forgotten liquidity remain connected to those programs, dormant infrastructure can become an attack surface years after active development has moved elsewhere.
That appears to be the central lesson from the Raydium exploit. The affected AMM V3 program had been superseded years earlier, but the remaining pools still held enough assets to make exploitation profitable. The attacker did not need to compromise Raydium’s current products. Instead, the exploit targeted a narrow validation weakness in an older liquidity design.
For DeFi protocols, deprecation is therefore not only a product-management task. It is a security process. Teams must identify inactive pools, warn users, remove front-end access, monitor residual balances and create clear migration paths. Where possible, they may also need emergency controls or incentives to drain obsolete pools before they become targets.
Laundering and compensation shape the aftermath
Blockchain security firms traced the attacker’s movements after the drain, with funds reportedly routed through KuCoin, a Solana-to-Ethereum bridge, Tornado Cash and FixedFloat. That laundering path shows how quickly even relatively small DeFi exploits can become difficult to recover once assets move across centralized exchanges, bridges and privacy tools.
Raydium’s commitment to treasury compensation may limit user fallout, but the reputational impact is harder to quantify. The protocol remains one of Solana’s most important decentralized exchanges, and its current products were not affected. Still, investors and liquidity providers are likely to focus on whether Raydium conducts a wider review of deprecated programs, abandoned pools and migration controls.
The broader market implication is that DeFi security risk is not confined to newly launched contracts. Mature protocols carry historical code, old liquidity structures and legacy integrations that may not receive the same level of monitoring as current systems. As DeFi becomes more institutional, auditors and investors will increasingly ask whether protocols have formal lifecycle processes for retiring contracts safely.
The Raydium incident is not a systemic Solana DeFi failure, but it is a reminder that unused infrastructure can still hold real value and real risk. The next test for Raydium will be how quickly it completes compensation, publishes a detailed post-mortem and demonstrates that other legacy contracts do not contain similar residual vulnerabilities.
