Exploit

Unauthorized use of a smart contract vulnerability to drain funds or manipulate behavior.

An exploit is the practical execution of a vulnerability in a smart contract. Unlike a rug pull (where the team is the attacker), an exploit involves an external actor finding and using a flaw — re-entrancy bugs, flash loan manipulation, oracle manipulation, signature malleability, access control errors. Exploits can drain millions in minutes.

The distinction between exploit and rug pull is important: an exploit reflects on the protocol's code quality and audit posture; a rug pull reflects on the team's intent. Both result in loss of user funds, but they get different methodology treatment.