You have idle and you’re getting ready to supply it into the Gauntlet USDC Core vault on Morpho to earn lending yield. You’re going through your usual routine: checking liquidity and utilization, vetting the vault parameters, ensuring the curator has a track record you’re comfortable with.

Then you see the news: a compromised key, $80M of the minted out of thin air, and the stablecoin is worthless in 17 minutes. But the wrapped version of the token is still sitting as collateral across 15 Morpho vaults that don't know this yet. The oracle price is incorrectly frozen at $1.13 and borrowers are supplying for cents on the dollar, borrowing against it at near max LTV, and pushing utilization toward 100%. The Gauntlet vault peaked at $44M supplied just hours before, and now liquidity is dumping block by block.

Crypto Twitter is arguing about whether curators could have responded to the exploit faster to protect lenders. You're watching lenders trying and failing to withdraw their capital in real-time and asking yourself whether you'd have had any agency in this situation. It starts to feel like lenders are just mercenaries to whatever the infrastructure and curators do or don't catch in time.

So you start reading every postmortem you can find to understand what happened and whether there's anything you can do to protect yourself when vault liquidity quietly starts draining.

The Defiant’s postmortem clarifies the chain of events. The oracle was a daily NAV push where Resolv’s own contracts had to sign and submit the price update every 24 hours. So when the key was compromised, no new price update was submitted: was trading at $0.025 on Curve Finance but the oracle said $1.13 and there was no mechanism to reconcile the two until the next scheduled update.

In the meantime, the exploiters bought depegged , posted it as collateral at the frozen price, and borrowed against it multiple times. The vault had no way to know the collateral had lost its value, so Morpho's Public Allocator continued routing into the vault while utilization approached 100% and lenders’ exit liquidity drained.

Re7 Labs, the fastest-responding curator among those with exposure, noticed 39 minutes later and moved to shut down new deposits across their markets. But delisting as collateral required a parameter change, and parameter changes on Morpho require a time-lock: a delay built into the protocol so depositors can review proposed changes before they take effect. While that clock ran, the Public Allocator kept routing fresh into the compromised market for exploiters to keep borrowing.

Gauntlet, the curator of the USDC Core vault, faced the same constraints. The Gauntlet USDC Core vault peaked at $44M before the exploit, held $40M when it began, and drained to $19M over the next 36 hours. The exit window was real and the liquidity was there for the people who were watching at the right moment: $21.8M was successfully withdrawn in time. But some of the vault's largest positions, wallets with 8-figure balances that had every reason to be watching, never exited at all.

The infrastructure worked as designed: the oracle, the time-lock, the allocator. But the design was the vulnerability, and once it was exploited, available liquidity drained faster than most lenders could respond. The people who got out were simply there at the right moment.

Notably, KPK, another vault curator with exposure to Resolv's collapsed token, had a very different outcome: zero losses to depositors.

KPK had automated monitoring running through Hypernative that flagged the price drop within minutes of the first unauthorized mint. Then KPK’s pre-authorized exit agent responded in the same block, reducing exposure and increasing withdrawable liquidity automatically, with no manual intervention or time-locks required for their operational change. Everything worked exactly as designed, but this time, funds were fully recovered.

Picking your vault and protecting your position are two different problems. KPK solved the second one, but their solution lives at the curator level. Change vaults, and protecting your position is yours to own, which means knowing exactly what to watch for and always being there when it matters.

KPK proved it at the curator level: when the signal came in, their system knew what to watch for and acted immediately. The question is how you have that for your own position, regardless of which curator you chose.

Your first instinct is to watch utilization or collateral health. But collateral health is only as reliable as the oracle reporting it, and the Resolv exploit showed exactly what happens when an oracle goes stale. Utilization tells you how stressed the pool is but not if there's enough liquidity for your withdrawal specifically: a vault at 90% utilization with $500M in assets is a very different exit than 90% in a $40M vault.

Available liquidity relative to your position size is what matters. Oracle freeze, bad debt, market stress, whatever the cause, the consequence for a lender is the same: liquidity drains and the exit window narrows. You don't need to know why it's happening, you just need to know whether there's enough liquidity to exit cleanly.

So if available liquidity in the vault is at or falls below a meaningful multiple of what you've supplied, you'll get out. Otherwise there won’t be enough runway to exit while others are competing for what’s left.

You can use Plug to set this simple constraint on your Aave V3 position today, and the same logic can be applied to Morpho or any other lending protocol to act as a withdrawal guard.

If available liquidity is less than or equal to 10x your balance, the plug withdraws everything.

This feels like a reasonable constraint. But the moment you set it, your position and the vault keep moving and the math changes with them. Someone else supplies a large amount and your 10% share of the vault becomes 5%, so now you’re running a tight threshold when you have plenty of headroom. And as more people supply or withdraw or you increase your position size, the math changes again.

The 10x you chose on day one was calculated for a position size and vault size that no longer exists. And in a drain event, a stale threshold is the difference between getting out with time to spare and missing the window entirely.

After exploring more of the reads, math actions, and branch logic, you know Plug supports sophisticated logic to react to live onchain data, so you revisit your constraint.

Now, instead of picking a static multiple upfront, you update the plug to calculate your target multiple on every run based on your position's live share of total supply. If your balance represents less than 1%, it uses a 10x multiple, between 1-5% uses 5x, and above 5% uses 2x.

On Aave V3, all suppliers draw from one shared pool deep enough that this almost never fires for any realistic position. But on Morpho, each vault is an isolated pool that allocates your across markets, each backed by a single collateral type. So when depositors withdraw or utilization rises in any one of those markets, available liquidity across the whole vault reduces and your share of it grows. That's why your share of total supply matters and why it needs to be recalculated constantly.

Take a $250K position in a $30M vault. That's less than 1% of the pool, so the plug sets a 10x threshold. You add another $500K and your share crosses 1%, so the plug shifts to 5x. A large depositor withdraws, then others follow, and the vault shrinks to $10M. Your share is now 7.5% of a much smaller pool and the plug tightens to 2x. And if available liquidity drops below 2x your balance, the plug withdraws everything.

What KPK accomplished required two systems: Hypernative for real-time detection and a custom-built exit agent to act on those signals. What you just built does the same thing in one intent, atomically, all onchain.

The crypto industry is still debating circuit breakers, oracle standards, and curator accountability. Those conversations matter and will eventually lead to better systems. KPK and Hypernative showed us what's possible when a curator builds the right stack: same blast radius as Gauntlet, zero losses to depositors, same-block recovery. That's the standard.

And now, as a lender, you have the same class of protection KPK deployed at the curator level, for your own position, running perpetually, regardless of who curates your vault. You're not waiting for the industry to catch up, and you're not dependent on your curator having built-in safeguards. The plug is running. Your position is protected.

Next time you open a lending position, you won't spend the next week wondering what you'd do if something went wrong at 2am on a Sunday. You'll set the constraint before you supply and move on. And when people ask what happened during the recent exploit, you won't just have an answer: you'll already have a plug running that you can share with them.