Audit log

Every state-changing event for Gamma Strategies: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-06-01 17:47:56Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 423,640,252

   sig

   37XZQ1PgU4KY…PidM9VSocopyexplorer ↗

   hash

   9KZhVYGRPwBk…GrEX79Ttcopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (18296 B) ▸

   {"actor":"system:backfill","investigation_id":"e41425d7-bce5-42ed-8f02-b101756c6451","kind":"publish","page_slug":"gamma-strategies","published_at":"2026-06-01T17:47:56.515Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Gamma Strategies","sections":[{"content":"On January 4, 2024, Gamma Strategies was exploited via a flash loan-assisted price manipulation attack targeting its Hypervisor vault contracts on Arbitrum. The attacker, operating from address 0x5351536145610aa448a8bf85ba97c71caf31909c (funded via Tornado Cash approximately 2.5 hours before the attack), borrowed over 4 million DAI tokens from Uniswap V3 and Balancer pools. The attacker then purchased large quantities of gDAI to artificially inflate pool prices beyond the protocol's tick range boundaries, deposited at inflated prices to receive a disproportionately large number of LP shares, and withdrew those shares to extract underlying tokens. This cycle was repeated multiple times across multiple vaults. The root cause was an arithmetic error in Gamma's automation scripts that set price change thresholds to -50%/+100% on certain LST and stablecoin vaults, rather than the intended 2% limit. Four vaults were affected: gDAI-DAI on Uniswap ($2.74M), wstETH-WETH on Camelot ($771K), USDT-USDC.e on Camelot ($1.357M), and USDC-USDC.e on Ramses ($1.313M). Total losses have been reported between $3.4 million and $6.18 million across different security sources, with the discrepancy owing to the conversion rate of 1,535 ETH bridged to Ethereum and approximately $1.1 million in stablecoins remaining on Arbitrum.","heading":"January 2024 Exploit — Price Manipulation Attack","severity":"critical","sources":[{"credibility":1,"name":"Gamma Strategies Post-Mortem & Remediation Plan (Medium)","type":"official","url":"https://gammastrategies.medium.com/post-mortem-remediation-plan-9a62f10d90f3"},{"credibility":2,"name":"Gamma Strategies - REKT","type":"news","url":"https://rekt.news/gamma-strategies-rekt"},{"credibility":2,"name":"Verichains — Gamma Protocol Exploit Analysis","type":"news","url":"https://blog.verichains.io/p/gamma-protocol-exploit-analysis"},{"credibility":1,"name":"The Block — DeFi protocol Gamma Strategies suffers an estimated $3.4 million exploit","type":"news","url":"https://www.theblock.co/post/270338/defi-protocol-gamma-strategies-suffers-an-estimated-3-4-million-exploit"}]},{"content":"Gamma Strategies' Hypervisor contracts include four deposit safeguards: mandated token ratios, price change thresholds, per-deposit caps, and single-sided deposit restrictions. Only the price change threshold mechanism was misconfigured. An error in the protocol's off-chain automation scripts applied an incorrect configuration to certain LST and stablecoin vaults, permitting price swings of up to 50-200% rather than the intended approximately 2% limit. Because the Hypervisor calculates share allocation using real-time pool prices rather than a time-weighted average price (TWAP) oracle, an attacker able to move the price within the inflated threshold could receive shares priced at an artificially elevated rate, then withdraw at the corrected price to extract excess tokens. The attack did not require a smart contract vulnerability in the conventional sense; it exploited the gap between the contract's tolerance and its intended operational parameter. Security researchers at Verichains note that the contracts lacked adequate handling for out-of-range tick scenarios in Uniswap V3 integrations, compounding the misconfiguration risk.","heading":"Technical Root Cause","severity":"high","sources":[{"credibility":2,"name":"Verichains — Gamma Protocol Exploit Analysis","type":"news","url":"https://blog.verichains.io/p/gamma-protocol-exploit-analysis"},{"credibility":1,"name":"Gamma Strategies Post-Mortem & Remediation Plan (Medium)","type":"official","url":"https://gammastrategies.medium.com/post-mortem-remediation-plan-9a62f10d90f3"},{"credibility":2,"name":"Olympix — $6.2M Price Manipulation Attack on Gamma Strategies","type":"news","url":"https://olympix.substack.com/p/62m-price-manipulation-attack-on"}]},{"content":"Within hours of the attack, Gamma Strategies restricted all vault deposits at the smart contract level across all networks while leaving withdrawals active. The team notified partner AMMs (Camelot, Ramses, Uniswap) of the vulnerability and participated in stakeholder communications. On January 4, 2024 at 10:54 AM UTC, an on-chain outreach message was sent to the attacker proposing a bug bounty for the return of stolen funds. The negotiation was complicated when approximately 1,000 ETH was deposited into Tornado Cash, signaling the attacker did not intend to return funds. Gamma engaged OpenZeppelin for a comprehensive audit of its deposit proxy configurations before reopening deposits, with the estimated re-opening timeline set at one to three weeks post-audit. The protocol also announced a Recovery Pool funded by biweekly revenue splits (from annualized revenue then cited at $8.97 million) plus an initial 120,000 USDC contribution from company funds, with an estimated recovery timeline of approximately 1.73 years to make all affected users whole assuming stable revenue.","heading":"Protocol Response and Remediation","severity":"high","sources":[{"credibility":1,"name":"Gamma Strategies Post-Mortem & Remediation Plan (Medium)","type":"official","url":"https://gammastrategies.medium.com/post-mortem-remediation-plan-9a62f10d90f3"},{"credibility":2,"name":"Arbitrum's Gamma Protocol to Collaborate with OpenZeppelin for Security Audit (CoinLive)","type":"news","url":"https://www.coinlive.com/news-flash/416064"},{"credibility":2,"name":"CryptoPotato — DeFi Protocol Gamma Strategies Discloses Vulnerability After Preliminary Investigation","type":"news","url":"https://cryptopotato.com/defi-protocol-gamma-strategies-discloses-vulnerability-after-preliminary-investigation/"}]},{"content":"Prior to the January 2024 incident, Gamma Strategies operated under the name Visor Finance and suffered three separate security incidents in 2021. In June 2021, approximately $500,000 was lost via a privileged function call, which was publicly characterized by the team as 'not a rug.' In November 2021, a second incident occurred, with the team characterizing it as economic arbitrage rather than a hack. In December 2021, a critical infinite mint vulnerability led to approximately $8.2 million in losses. Two days after the December 2021 incident, the rebrand from Visor Finance to Gamma Strategies was announced. According to REKT News, by the time of the January 2024 exploit, reportedly no original developers or founders from the Visor Finance era remained with the project. These prior incidents demonstrate a pattern of repeated security failures across the protocol's operational history that preceded the January 2024 event.","heading":"History of Prior Exploits Under Visor Finance","severity":"critical","sources":[{"credibility":2,"name":"Gamma Strategies - REKT","type":"news","url":"https://rekt.news/gamma-strategies-rekt"},{"credibility":2,"name":"Visor merges with Gamma — Medium","type":"official","url":"https://medium.com/gamma-strategies/visor-merges-with-gamma-a-re-org-focusing-on-security-and-performance-b4deaf67e273"}]},{"content":"The attacker's wallet (0x5351536145610aa448a8bf85ba97c71caf31909c) was funded through Tornado Cash approximately 2.5 hours before the exploit was initiated, indicating premeditation. Following the attack, approximately 1,000 ETH (roughly $2.2 million at the time) was deposited into Tornado Cash, effectively obfuscating that portion of the stolen funds. The remaining assets, comprising approximately 1,535 ETH converted from USDT and approximately $1.1 million in stablecoins on Arbitrum, were bridged or held at identified addresses. Gamma's on-chain negotiation message to the attacker went unanswered in terms of fund returns, and no recovery of the stolen assets has been publicly confirmed.","heading":"Attacker Fund Flows and Tornado Cash Usage","severity":"high","sources":[{"credibility":2,"name":"Gamma Strategies - REKT","type":"news","url":"https://rekt.news/gamma-strategies-rekt"},{"credibility":2,"name":"CoinMarketCap — DeFi Protocol Gamma Strategies Hit With $3.4M Hack","type":"news","url":"https://coinmarketcap.com/academy/article/defi-protocol-gamma-strategies-hit-with-dollar34m-hack"},{"credibility":2,"name":"CoinPaper — Gamma Strategies lost over $3.4 million in a recent exploit","type":"news","url":"https://coinpaper.com/2962/turbulent-start-of-2024-gamma-strategies-radiant-capital-hacks-and-solana-drainers"}]},{"content":"Prior to the January 2024 exploit, Gamma Strategies had undergone audits by Consensys Diligence, Arbitrary Execution, and CertiK. The protocol's documentation page lists these audits as having covered its core smart contracts. However, the January 2024 vulnerability was rooted in an off-chain automation script misconfiguration rather than a flaw in the audited contract code itself, placing it outside the typical scope of a smart contract security audit. Following the incident, the protocol engaged OpenZeppelin for an additional audit specifically focused on deposit proxy configurations. A Sherlock audit contest covering Gamma's staking contracts was also listed on GitHub in May 2024 (sherlock-audit/2024-05-gamma-staking), indicating continued engagement with security review processes post-exploit.","heading":"Existing Audits and Scope Limitations","severity":"medium","sources":[{"credibility":1,"name":"Gamma Docs — Audits","type":"official","url":"https://docs.gamma.xyz/gamma/learn/audits"},{"credibility":3,"name":"Arbitrum's Gamma Protocol to Collaborate with OpenZeppelin (Binance Square)","type":"news","url":"https://www.binance.com/en/square/post/2024-01-09-arbitrum-s-gamma-protocol-to-collaborate-with-openzeppelin-for-security-audit-2498692062393"},{"credibility":2,"name":"Sherlock Audit — 2024-05-gamma-staking (GitHub)","type":"onchain","url":"https://github.com/sherlock-audit/2024-05-gamma-staking"}]},{"content":"As of the available evidence through 2025, Gamma Strategies resumed operations following the OpenZeppelin audit and the fixing of deposit proxy configurations. The protocol's official website (gamma.xyz) and documentation (docs.gamma.xyz) remained active, and the GitHub organization (github.com/GammaStrategies) showed repository activity as recently as mid-2024. Gamma continued to expand its product offerings, including Perpetual Vaults built on Hyperliquid and Uniswap V4 multi-position strategies. The recovery pool for affected January 2024 users was described as ongoing, funded by biweekly protocol revenue distributions, though the projected 1.73-year repayment timeline meant full compensation would extend into late 2025 at the earliest. DefiLlama tracks Gamma's TVL and fee revenue, though specific current figures could not be confirmed from available search results at the time of this investigation.","heading":"Current Operational Status","severity":"medium","sources":[{"credibility":1,"name":"Gamma Official Website","type":"official","url":"https://www.gamma.xyz/"},{"credibility":2,"name":"DefiLlama — Gamma TVL, Fees & Revenue","type":"onchain","url":"https://defillama.com/protocol/gamma"},{"credibility":2,"name":"DappRadar — Gamma Strategies DeFi Overview, TVL Analysis","type":"onchain","url":"https://dappradar.com/dapp/gamma-strategies"}]}],"sources_used":[{"name":"Gamma Strategies Post-Mortem & Remediation Plan","type":"official","url":"https://gammastrategies.medium.com/post-mortem-remediation-plan-9a62f10d90f3"},{"name":"Gamma Strategies - REKT News","type":"news","url":"https://rekt.news/gamma-strategies-rekt"},{"name":"The Block — Gamma Strategies $3.4M exploit","type":"news","url":"https://www.theblock.co/post/270338/defi-protocol-gamma-strategies-suffers-an-estimated-3-4-million-exploit"},{"name":"Verichains — Gamma Protocol Exploit Analysis","type":"news","url":"https://blog.verichains.io/p/gamma-protocol-exploit-analysis"},{"name":"Olympix — $6.2M Price Manipulation Attack on Gamma Strategies","type":"news","url":"https://olympix.substack.com/p/62m-price-manipulation-attack-on"},{"name":"Neptune Mutual — How Was Gamma Protocol Exploited?","type":"news","url":"https://neptunemutual.com/blog/how-was-gamma-protocol-exploited/"},{"name":"CoinMarketCap — DeFi Protocol Gamma Strategies Hit With $3.4M Hack","type":"news","url":"https://coinmarketcap.com/academy/article/defi-protocol-gamma-strategies-hit-with-dollar34m-hack"},{"name":"CryptoPotato — Gamma Strategies Discloses Vulnerability After Preliminary Investigation","type":"news","url":"https://cryptopotato.com/defi-protocol-gamma-strategies-discloses-vulnerability-after-preliminary-investigation/"},{"name":"CoinLive — Arbitrum's Gamma Protocol to Collaborate with OpenZeppelin for Security Audit","type":"news","url":"https://www.coinlive.com/news-flash/416064"},{"name":"CoinPaper — Gamma Strategies lost over $3.4 million in a recent exploit","type":"news","url":"https://coinpaper.com/2962/turbulent-start-of-2024-gamma-strategies-radiant-capital-hacks-and-solana-drainers"},{"name":"Visor Finance — Introducing Gamma (Medium)","type":"official","url":"https://medium.com/visorfinance/introducing-gamma-an-organization-dedicated-to-funding-active-lp-strategies-and-research-bb6617168566"},{"name":"Visor merges with Gamma (Gamma Strategies Medium)","type":"official","url":"https://medium.com/gamma-strategies/visor-merges-with-gamma-a-re-org-focusing-on-security-and-performance-b4deaf67e273"},{"name":"Gamma Official Website","type":"official","url":"https://www.gamma.xyz/"},{"name":"Gamma Docs","type":"official","url":"https://docs.gamma.xyz/gamma"},{"name":"Gamma Docs — Audits","type":"official","url":"https://docs.gamma.xyz/gamma/learn/audits"},{"name":"Gamma Strategies GitHub","type":"official","url":"https://github.com/GammaStrategies"},{"name":"DefiLlama — Gamma TVL, Fees & Revenue","type":"onchain","url":"https://defillama.com/protocol/gamma"},{"name":"DappRadar — Gamma Strategies","type":"onchain","url":"https://dappradar.com/dapp/gamma-strategies"},{"name":"Sherlock Audit — 2024-05-gamma-staking","type":"onchain","url":"https://github.com/sherlock-audit/2024-05-gamma-staking"}],"summary":"Gamma Strategies is a non-custodial, automated concentrated liquidity management protocol operating across multiple EVM chains, allowing users to deposit assets into managed vaults (Hypervisors) that actively rebalance Uniswap V3 and similar DEX positions. On January 4, 2024, the protocol suffered a price manipulation exploit across four vaults resulting in approximately $3.4–6.2 million in losses, caused by misconfigured price change thresholds in deposit proxy settings. The protocol paused deposits, engaged OpenZeppelin for a remediation audit, and committed to a long-term user compensation plan funded by protocol revenue, though full recovery of lost funds was not guaranteed at launch of that plan.","timeline":[{"date":"2021-05-01","event":"Visor Finance announces the Gamma organization, funding it with $500,000 to research Active Liquidity Provider strategies.","source":"Visor Finance Medium","source_url":"https://medium.com/visorfinance/introducing-gamma-an-organization-dedicated-to-funding-active-lp-strategies-and-research-bb6617168566"},{"date":"2021-06-01","event":"Visor Finance suffers first exploit: approximately $500,000 lost via a privileged function call. Team publicly characterized it as 'not a rug.'","source":"REKT News","source_url":"https://rekt.news/gamma-strategies-rekt"},{"date":"2021-11-01","event":"Visor Finance suffers second incident. Team characterizes it as economic arbitrage rather than an exploit.","source":"REKT News","source_url":"https://rekt.news/gamma-strategies-rekt"},{"date":"2021-12-01","event":"Visor Finance loses approximately $8.2 million in an infinite mint vulnerability. Two days later, rebrand to Gamma Strategies is announced.","source":"REKT News","source_url":"https://rekt.news/gamma-strategies-rekt"},{"date":"2022-01-01","event":"Visor Finance and Gamma Strategies formally merge, consolidating protocol, treasury, and personnel under the Gamma Strategies brand.","source":"Gamma Strategies Medium","source_url":"https://medium.com/gamma-strategies/visor-merges-with-gamma-a-re-org-focusing-on-security-and-performance-b4deaf67e273"},{"date":"2024-01-04","event":"Exploit initiated at approximately 03:30 UTC. Attacker uses flash loans from Uniswap V3 and Balancer to manipulate prices across four Gamma vaults on Arbitrum. Approximately $3.4–6.2 million is drained.","source":"Gamma Strategies Post-Mortem (Medium) / REKT News","source_url":"https://gammastrategies.medium.com/post-mortem-remediation-plan-9a62f10d90f3"},{"date":"2024-01-04","event":"PeckShield publicly alerts the community to the exploit at approximately 03:42 UTC. Gamma Strategies acknowledges the incident and suspends all vault deposits.","source":"The Block","source_url":"https://www.theblock.co/post/270338/defi-protocol-gamma-strategies-suffers-an-estimated-3-4-million-exploit"},{"date":"2024-01-04","event":"Gamma Strategies sends on-chain negotiation message to attacker address at 10:54 AM UTC, proposing a bug bounty for return of funds.","source":"Gamma Strategies Post-Mortem (Medium)","source_url":"https://gammastrategies.medium.com/post-mortem-remediation-plan-9a62f10d90f3"},{"date":"2024-01-04","event":"Attacker deposits approximately 1,000 ETH (~$2.2M) into Tornado Cash, indicating no intention to return funds.","source":"REKT News","source_url":"https://rekt.news/gamma-strategies-rekt"},{"date":"2024-01-08","event":"OpenZeppelin audit engagement expected to begin for deposit proxy configuration review. Gamma commits to 1–3 week deposit reopening timeline post-audit.","source":"Gamma Strategies Post-Mortem (Medium) / CoinLive","source_url":"https://www.coinlive.com/news-flash/416064"},{"date":"2024-05-01","event":"Sherlock audit contest for Gamma staking contracts begins, indicating continued security review post-exploit.","source":"GitHub — sherlock-audit/2024-05-gamma-staking","source_url":"https://github.com/sherlock-audit/2024-05-gamma-staking"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision 30cb7927-1f16-4f29-a648-4699f71694e1copy