Original author: 1912212.eth, Foresight News
The bull market in the crypto market has quietly arrived, but the sudden and short-term plunge of project protocol tokens is still common. On July 10, against the backdrop of the overall positive trend in the cryptocurrency market, the native token K of the Kinto project suddenly collapsed violently, with the price plummeting from about US$8 to around US$0.7, a drop of more than 90%, and the market value evaporated to less than US$2 million.
The incident quickly caused an uproar on social media and the crypto community, with investors accusing the project of rug pull.
K token plummeted by more than 80% in 2 hours
Kinto is a Layer 2 solution based on Ethereum, focusing on the development of smart wallets and DeFi infrastructure. Its token K was officially launched for trading at the end of March 2025, and once rose to around US$7, and was regarded as a potential stock in the Arbitrum ecosystem. However, everything took a sharp turn for the worse on July 10. At around 4 pm Beijing time, the price of K began to fluctuate abnormally, first falling slightly, and then plummeting by more than 80% in just 2 hours. Trading data showed that a large number of K tokens suddenly poured into the liquidity pool, causing a surge in supply, and panic selling broke out in the market.
Social platform X user @waleswoosh posted: Someone minted fake K tokens and sold them all. The market value of Kinto fell from 80 million US dollars to 7 million US dollars. It was an incredible technical error.
Faced with market doubts, Kinto officials quickly responded and announced that they had discovered a vulnerability outside the Kinto network.
It is worth noting that on June 30, the Kinto project just completed a round of early investor token unlocking, involving about 2.25 million Kinto tokens, worth about $15 million. This made some community members wonder whether the plunge was related to internal selling rather than a simple technical loophole.
Kinto CEO releases survey results and responds to questions
Kinto officially announced the follow-up action plan, including
Raising funds to restore $1.4 million in lost Uniswap liquidity and Morpho vault balances;
Take a snapshot of K balance blocks before the hack;
Use these balances to create a new K token on Arbitrum;
Kinto’s statement emphasized that the vulnerability did not occur in the Kinto core network, but in the peripheral contracts on the Arbitrum chain, and was not intentional on the part of the project. The team said that it had suspended the relevant contract functions and initiated an emergency audit. At the same time, they denied the community’s rug pull accusation, pointing out that the team’s tokens are locked until April 2026 and cannot be sold in advance.
Kinto CEO Ramon Recuero added in a follow-up post: This was an unexpected technical error. Our team is working hard to fix it and will compensate affected users. He also sorted out the cause and effect of the incident.
The hacker minted an unlimited amount of K tokens on the Arbitrum network and stole $1.55 million worth of ETH and USDC from the Uniswap and Morpho platforms (in addition to causing losses in the price of the K token). Previously, a serious backdoor was found in thousands of contracts using ERC 1967 Proxy (a common standard provided by OpenZeppelin, or OZ). Hackers were able to exploit vulnerabilities in blockchain browsers (such as Etherscan, Arbiscan, etc.) to implant hacker proxies in the middle without being noticed. Ramon Recuero said that many teams received notifications and plugged the loopholes, but Kinto did not receive notifications, and hackers quickly took control of their tokens on Arb and used proxies to attack before the patch was released. At 4:34 pm Beijing time, the hacker minted 110,000 K tokens and began the attack to drain the Morpho Vault and Uniswap v4 pools.
Ramon apologized to the community and finally stated that he would raise funds from partners and existing investors to restore the token balance to the block before the hack or block 356168891.
He said that if the above approaches can be successful, the following tasks will be completed before July 31:
Restore all K token balances to the snapshot state before the hack.
Restore the Morpho pool to its pre-hacker state, including the Royco-related portion.
Restore liquidity on Uniswap.
Trading resumed on centralized exchanges (CEXs) at the same price of $7.48.
However, this response did not completely quell the community’s discontent. Similar opinions that the project party was dumping the market were everywhere on social platforms, and many investors shared screenshots of their holdings and complained about heavy losses.
This vulnerability incident is not an isolated case. There have been many similar contract vulnerability incidents in the crypto market. According to TheBlock, the crypto industry lost $92.5 million due to DeFi vulnerabilities in April this year alone, a year-on-year increase of 27.3%. Among them, UPCX and KiloEx suffered the largest losses, with losses of $70 million and $7.5 million respectively.
Analysts from blockchain security company PeckShield said: Kintos vulnerability may be a reentrancy attack caused by the minting function not being locked. This problem is common in contracts that have not undergone multiple rounds of audits. They recommend that investors prioritize reviewing audit reports and token unlocking schedules when participating in new projects.
The Kinto case once again highlights the security challenges that blockchain projects face when deploying Layer 2 solutions.
summary
The Kinto token crash is a microcosm of the crypto market in 2025: innovation and risk coexist. Yesterdays crash and todays official announcement not only tested the projects crisis response capabilities, but also reminded investors to act with caution. In the coming days, Kintos audit report and compensation plan will become the focus. If handled properly, this may only be a temporary trough; otherwise, it may greatly damage its reputation. In this fast-paced market, DYOR (Do Your Own Research) remains an eternal motto.
