shield Access Control · $19.7K loss

SizeCredit Access Control postmortem (August 2025) — $19.7K drained

Q: How much did SizeCredit lose?

The SizeCredit exploit in August 2025 resulted in $19,700 in losses — the 55th largest of 96 DeFi incidents that year.

Q: When did the SizeCredit hack happen?

The SizeCredit exploit was recorded on August 15, 2025 — 242 days ago.

Q: What type of exploit hit SizeCredit?

The SizeCredit incident is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it.

Q: How common is the Access Control pattern seen at SizeCredit?

Our archive contains 77 documented access control incidents. The SizeCredit incident is one of them.

Q: How does SizeCredit compare to the largest Access Control attack?

The largest access control incident in our archive is Corkprotocol (2025) at $12M. The SizeCredit loss is $19.7K.

Q: What recommendation does the study provide for improving ESG practices in companies?

The study recommends improving information disclosure and providing policy support for sustainable practices.

On August 2025, SizeCredit was exploited in a access control, resulting in approximately $19.7K in losses. That makes the SizeCredit exploit the 334th largest DeFi incident out of 690 documented in our archive.

Attack Mechanics: How the SizeCredit Access Control Played Out

Exploit Class Applied to SizeCredit

The SizeCredit incident on August 15, 2025 is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it. In the full archive, SizeCredit is 1 of 77 documented access control incidents.

SizeCredit in Context

At $19.7K, the SizeCredit exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — Corkprotocol (2025) at $12M.

Prior Access Control Before SizeCredit

The nearest access control incident before SizeCredit was SuperRare, 18 days earlier on July 28, 2025 ($730K lost). The same exploit class surfaced again within the access control attack surface.

Impact & Recovery for SizeCredit

SizeCredit Loss Figure

The SizeCredit exploit caused $19,700 in losses — a minor (<$1M) incident and the 55th largest of 96 documented in 2025.

Where SizeCredit Sits Among Access Control Attacks

Ranked by loss size, SizeCredit is the 40th largest of 77 access control incidents documented. That puts the SizeCredit loss below the class average of $636K.

Timeline Since the SizeCredit Incident

The SizeCredit exploit occurred 8 months ago (242 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

Primary Reference for SizeCredit

Public post-mortem / on-chain analysis for the SizeCredit incident: view source.

FAQ

How much did SizeCredit lose?

The SizeCredit exploit in August 2025 resulted in $19,700 in losses — the 55th largest of 96 DeFi incidents that year.

When did the SizeCredit hack happen?

The SizeCredit exploit was recorded on August 15, 2025 — 242 days ago.

What type of exploit hit SizeCredit?

The SizeCredit incident is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it.

How common is the Access Control pattern seen at SizeCredit?

Our archive contains 77 documented access control incidents. The SizeCredit incident is one of them.

How does SizeCredit compare to the largest Access Control attack?

The largest access control incident in our archive is Corkprotocol (2025) at $12M. The SizeCredit loss is $19.7K.

What recommendation does the study provide for improving ESG practices in companies?

The study recommends improving information disclosure and providing policy support for sustainable practices.

What machine learning environment and language were primarily used for the project's development?

Python and Jupyter Notebook.