Prism relaunches on new Ethereum contract after exploit diverted 40% of fees
An attacker created 2,500 phantom fee positions across most of July, draining trading fees meant for token holders and cratering the original token by 91%
Prism, a token designed to redistribute trading fees to its holders, is starting over with a fresh Ethereum contract after an attacker quietly siphoned off nearly 40% of those fees throughout most of July. The original PRISM token, which the project is now abandoning entirely, cratered about 91% on July 14, falling from roughly $1,145 to around $16.
How the exploit worked
Prism’s fee-sharing model was built using Uniswap v4 hooks, a mechanism that lets developers customize how liquidity pools behave. Prism used this to automatically distribute a cut of trading fees to anyone holding the token. The attacker figured out that the system lacked adequate checks on whether fee-claiming addresses actually held any PRISM tokens. The attacker created 2,500 unauthorized “phantom” positions, each one siphoning fees from the pool as if it were a legitimate holder.
Over most of July, this setup quietly diverted close to 40% of all trading fees away from actual token holders. The token’s market cap collapsed to roughly $82,000 after the price drop.
The relaunch and its new defenses
The team behind the current Prism effort are pseudonymous holders who bought in on the open market and have since taken on operational responsibility. The new Ethereum contract addresses the phantom position vulnerability with three specific changes. First, it enforces a hard cap of 5,000 fee positions, preventing the kind of mass-creation attack that characterized the exploit. Second, every fee position must now be backed by actual token holdings, closing the loophole that let non-holders claim rewards. Third, routing to unauthorized addresses, including the pool manager contract and the contract itself, is now blocked.
Spectrum, which creates index and basket tokens holding assets like Aave, Maple, Curve, Spark, Ondo, and Ethena, integrates Prism for fee-earning purposes across Ethereum and other chains. Following the exploit, these adjacent projects are reportedly taking a more cautious approach to how they interact with Prism’s fee-sharing mechanism.
What this means for investors
The attacker didn’t need a flash loan, an oracle manipulation, or a governance takeover. They just needed to notice that nobody checked whether fee claimants actually owned the token. Investors re-entering should watch for independent audit results on the new contract, trading volume recovery as a proxy for renewed confidence, and whether the fee distribution mechanism performs as advertised over a sustained period without intervention.