Skip to main content
Sign in

Grim Finance

avoid.net/grim-finance8/100·92% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:defillama]
anchored·3mMP8A…LGQ6

Summary

Grim Finance was a Fantom-based DeFi yield optimizer (fork of Beefy Finance) that suffered a devastating reentrancy exploit on December 19, 2021, resulting in approximately $30 million in user funds stolen. The vulnerability — a missing reentrancy guard in the depositFor() function — had existed in an audited codebase and was classified by security researchers as an entirely preventable, well-understood attack class. The protocol has since collapsed to a near-zero TVL of roughly $29,000 and its proposed compensation plan yielded no meaningful restitution for affected users.

Connected Entities

1 entities
Protocols
Grim Finance
Relationships
    Have evidence about Grim Finance?

    Timeline(11 events)

    2021-08-01

    Solidity Finance conducts a smart contract audit of Grim Finance, approximately four months before the exploit. A new analyst performs the review while the firm's CTO is on vacation; the reentrancy vulnerability in depositFor() is not flagged.

    2021-12-19

    Attacker (address: 0xdefc385d7038f391eb0063c2f7c238cfb55b206c) exploits the GrimBoostVault depositFor() reentrancy vulnerability using a flash loan and a malicious token contract, draining approximately $30 million from Grim Finance vaults on Fantom.

    2021-12-19

    Grim Finance team pauses all vaults approximately six hours after the attack begins. The team notifies Circle (USDC), MakerDAO (DAI), and AnySwap to freeze attacker-linked addresses. The attacker has already begun converting and bridging stolen assets.

    2021-12-19

    Grim Finance TVL collapses from approximately $98.9 million to $4.2 million. The GRIM token falls approximately 81%, from $0.80 to $0.15. Rugdoc.io and other security watchdogs publicly criticize the lack of a basic reentrancy guard.

    2021-12-20

    Solidity Finance issues a public statement acknowledging the missed vulnerability, attributing it to internal organizational stress and a new analyst performing the review. CoinDesk, CoinTelegraph, and Decrypt report on the breach.

    2021-12-20

    Attacker alleged to have deposited approximately $3.3 million of stolen funds into Tornado Cash mixer, with additional funds bridged from Fantom to Ethereum mainnet via stablecoin conversions.

    2021-12-31

    Grim Finance publishes post-mortem and compensation plan announcing a new token airdrop (50% of platform revenues), 0.2% insurance fund, and NFT airdrops from partner Pod Town. Affected users must submit claims by January 7, 2022.

    2022-01-07

    Claim submission deadline for hack victims passes. No public reporting confirms material restitution was subsequently delivered.

    2022-03-17

    DeFiSafety publishes a Process Quality Review rating Grim Finance at 24% with a FAIL designation, citing inadequate security processes.

    2022-08-08

    U.S. Treasury OFAC sanctions Tornado Cash, the mixer allegedly used to launder a portion of the Grim Finance stolen funds.

    2026-05-01

    Grim Finance TVL sits at approximately $28,759 across six chains per DeFiLlama, reflecting a functionally abandoned protocol. No meaningful development activity or community engagement has been identified since early 2022.

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:defillama

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/4/2026, 2:54:52 AM

    last updated: 5/21/2026, 3:21:08 AM

    avoid.net — verified advice for a post-truth world