shield Business Logic Flaw

WXC Exploit: Business Logic Flaw Incident Explained (2025)

Q: When did the WXC hack happen?

The WXC exploit was recorded on August 11, 2025 — 246 days ago.

Q: What type of exploit hit WXC?

The WXC incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

Q: How common is the Business Logic Flaw pattern seen at WXC?

Our archive contains 144 documented business logic flaw incidents. The WXC incident is one of them.

Q: How does WXC compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is - EulerFinance (2023) at $200M. The WXC loss was not publicly disclosed.

On August 2025, WXC suffered a business logic flaw — the first of 144 documented business logic flaw incidents in our archive where the loss figure was not publicly disclosed but the exploit pattern is documented below.

Attack Mechanics: How the WXC Business Logic Flaw Played Out

Exploit Class Applied to WXC

The WXC incident on August 11, 2025 is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share. In the full archive, WXC is 1 of 144 documented business logic flaw incidents.

WXC in Context

The WXC incident joins a class whose largest loss to date is – EulerFinance (2023) at $200M.

Prior Business Logic Flaw Before WXC

The nearest business logic flaw incident before WXC was Stepp2p, 22 days earlier on July 20, 2025 ($43K lost). The same exploit class surfaced again within the business logic flaw attack surface.

WXC Vulnerability Signature

The primary source categorises the WXC exploit specifically as “Incorrect token burn mechanism”. This narrower label is entity-specific: it reflects how the WXC contract failed, rather than the broad business logic flaw pattern alone.

Impact & Recovery for WXC

WXC Loss Figure

The loss figure for WXC is not publicly disclosed. The primary source reports the exploit in non-USD terms, so no USD estimate is published here. For reference, the average loss across 144 business logic flaw incidents in our archive is $6.08M.

Timeline Since the WXC Incident

The WXC exploit occurred 8 months ago (246 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

Primary Reference for WXC

Public post-mortem / on-chain analysis for the WXC incident: view source.

FAQ

How much did WXC lose?

The WXC loss figure is not publicly disclosed. The primary source reports the exploit in non-USD token terms, so no USD estimate is published here.

When did the WXC hack happen?

The WXC exploit was recorded on August 11, 2025 — 246 days ago.

What type of exploit hit WXC?

The WXC incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

How common is the Business Logic Flaw pattern seen at WXC?

Our archive contains 144 documented business logic flaw incidents. The WXC incident is one of them.

How does WXC compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is – EulerFinance (2023) at $200M. The WXC loss was not publicly disclosed.

What framework is used to formalize the ideal functionality of SALRS?

The Universal Composability (UC) framework.

What is the significance of ESG scores and ratings in the context of the study?

The study aimed to overcome the lack of a reliable ESG index by using multiple ESG measures.