An ORE storage error has been detected, and users should migrate now

On June 17, ORE detected a bug in the storage software and quickly responded to fix the issue. However, a security incident in the smart contract located on the Solana blockchain allowed hackers to steal 25.5 SOL tokens from the protocol’s payout mechanism, worth about $2,215.

“All user deposits are safe,” guarantees the ORE team after a security incident

ORE, a proof-of-work-like mining protocol on Solana, revealed details regarding the security incident through a post on X. The team confirmed that they had identified “An attack on the quota program leading to an unfair distribution of returnsHowever, the damage was small compared to recent cyberattacks on DeFi platforms.

The team confirmed that “All user deposits are safe. There is no risk of losing money.”

Raw protocol He explained This security incident is related to an isolated smart contract flaw in the staking software, and did not affect the network or the main mining system. “The stake program isolates users’ funds. Each stake account has an independent token, which means the attacker could not steal deposits from other users. The stake program has sufficient reserves to cover all valid user deposits and return claims. “The impact was limited only to unfair distribution of revenue,” the official post shared on X said.

In the protocol, users share their SOL or ORE tokens Smart contracts Related to the protocol’s network-based mining game. In this mining space, miners work on a 5×5 grid to generate rewards. Apart from this, the staking mechanism on the protocol allows them to generate returns. However, like many other DeFi protocols, it carries some risks if smart contracts are not fully audited.

The ORE protocol asks users to migrate to the new smart contract

According to the official statement, the bug was found in the smart contract code of the staking software. Using this bug, hackers unfairly claimed 25.5 SOL tokens after inflating them. Register stake balance without actually depositing tokens. This is a very small amount compared to major hacks, and the ORE team was able to avoid further exploitation of the protocol through quick security measures.

The team stated that staking contracts for individual users were not affected by the cyber attack, and no significant funds were stolen from the user.

After noticing the problem, the ORE protocol administrators quickly froze everything Revenue transfers from mining program to staking program on June 15, 2026. During this time, pirates The quota balance swelled by about 6% of the total quota pool.

In order to avoid any further exploitation of funds, the team suggested that all users who have existing stakes in old smart contracts should withdraw their funds, and should move to a new stake contract to earn rewards.

Apart from this, the Storage of Raw Liquids (Store) Program It is also frozen and depends on the affected quota program. The ORE team also created a new contract for the store code as part of the migration. This means that users who have STORE tokens will also need to exchange them for new store mint as part of the process.

The post stated:Funds held in the stake program are secured by user wallets alone. Protocol maintainers do not have upgrade authority over staking or storage contracts, and therefore cannot migrate stake on behalf of users. A one-click migration process is provided a class Official ORE application page.

This cyberattack is a classic smart contract bug, most likely related to issues like account mishandling, replenishment attacks that reuse closed accounts, or validation gaps, which are common in Solana. In the past, ORE also encountered network congestion due to high user demand; However, it has been fixed on 2nd edition with better mechanics.

In the past few months, the DeFi sector has faced major cyberattacks, including Seaweed dao The attack in which users lost millions of dollars, affecting the overall DeFi system.