This article aims to provide developers within the Pharos ecosystem with a more practical and in-depth reference for RWA integration. We attempt to reconstruct the complex challenges and corresponding solutions faced when bringing real-world assets (RWA) on-chain from the perspectives of business logic and risk control architecture.

On January 13, 2026, Polycule officially confirmed that its Telegram trading bot was hacked, resulting in approximately $230,000 in user assets being compromised. As the bot went offline and compensation promises were announced, the incident quickly sparked industry-wide discussions on the security of Telegram Trading Bots. Examining Polycule's functional architecture and design logic reveals that this was not an isolated failure, but rather the concentrated eruption of long-standing yet underestimated security risks inherent in the trading bot model.

On January 8, 2026, the Truebit Protocol was hacked, resulting in a loss of 8,535.36 ETH (approximately $26.44 million). The Truebit Protocol team officially confirmed the incident in a post the following morning. The ExVul security team has conducted a detailed analysis of the vulnerability behind this attack.

On December 1, 2025, Yearn suffered a multi-stage combined attack, resulting in a loss of approximately $9 million. The attackers used flash loans as leverage, exploiting vulnerabilities in the protocol's extreme scenario validation, logical branching, and precision control to gradually manipulate the liquidity pool, ultimately achieving near-unlimited minting of yETH LP and emptying the pool. This incident highlights the professionalization of DeFi attacks and exposes systemic deficiencies in the protocol's edge parameters, critical computations, and monitoring systems.

Prediction markets are evolving from niche experiments into financial infrastructure, with Polymarket's trading volume exceeding $5 billion and Kalshi receiving over $100 million in investment from Sequoia Capital. As product complexity increases, security risks also amplify. This article will analyze these risks from a Web3 security perspective and introduce ExVul's protection solutions.

On November 3, 2025, the Balancer protocol suffered a hacker attack on multiple public chains, including Arbitrum and Ethereum, resulting in a loss of $120 million in assets. The core of the attack stemmed from a dual vulnerability: loss of precision and manipulation of invariants. The key issue in this attack lay in the protocol's logic for handling small transactions.

9月23日，UXLINK项目多签钱包因私钥泄露遭遇攻击，约1130万美元加密资产被盗，并被转移至多家CEX/DEX。事件发生后，ExVul第一时间介入，协同项目方展开调查分析并实时监控资金流向。

北京时间2025年9月7日，Sui链上的 Nemo 被攻击，黑客通过操作py_index以窃取约259万美元。此次Nemo被盗根本原因是PyState错误地设置为可变引用。