Audit log

Every state-changing event for Ionic Money: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

1. #1publishby system:backfill

   2026-06-01 17:48:11Z
   Score: ? → ? (no score change)
   anchoranchored

   chain

   ●mainnet-betaslot 423,640,286

   sig

   645MTDC7JFDB…cYdQMe7ccopyexplorer ↗

   hash

   5Cihsvbmc1bb…JSFH2ZNecopysha256 → base58

   verifying row…full verify ↗

   canonical bytes (19598 B) ▸

   {"actor":"system:backfill","investigation_id":"fa6b2c66-1851-42d9-8703-41b7133f9517","kind":"publish","page_slug":"ionic-money","published_at":"2026-06-01T17:48:11.699Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Ionic Money","sections":[{"content":"Ionic Money is a non-custodial, permissionless money market protocol deployed on Mode Network, an OP Superchain Layer 2 blockchain. The protocol allows users to supply and borrow assets including liquid staking tokens (LSTs), liquid restaking tokens (LRTs), liquidity provider (LP) positions, and standard ERC-20 tokens. Ionic was developed by a team with overlapping leadership from Midas Capital, an earlier multi-chain lending protocol that operated on BNB Chain and Polygon. The team sunsetted Midas in favor of a 'Superchains first' strategy, focusing development resources on the Mode Network ecosystem. Ionic received seed investment from MetaCartel Ventures and grants from projects including Neon, OHM, and Kaizen DAO. The protocol's native governance token is ION. The team does not publicly disclose individual founder identities.","heading":"Protocol Overview","severity":"medium","sources":[{"credibility":2,"name":"Ionic Protocol: Introduction — Medium","type":"official","url":"https://medium.com/@ionicmoney/ionic-protocol-introduction-e6e0b748f538"},{"credibility":2,"name":"Introduction — Ionic Documentation","type":"official","url":"https://doc.ionic.money/ionic-documentation/ionic-protocol/introduction"}]},{"content":"In February 2025, Ionic Money was the victim of a social engineering attack that resulted in estimated losses of approximately $8.6 to $8.8 million. Attackers impersonated members of the Lombard Finance team over an extended business development process beginning as early as December 2024. By January 9, 2025, the attackers had deployed a counterfeit LBTC token contract (0x964dd444e3192f636322229080a576077b06fba3). After weeks of ostensibly legitimate discussions regarding oracle integrations, Balancer pool whitelisting, and authentic-appearing token contracts, the Ionic team approved the fraudulent asset as eligible collateral on the platform. Once listed, the attackers minted 250 counterfeit LBTC tokens and used them to borrow multiple real assets from the protocol, including MBTC, uniBTC, wrsETH, WETH, and STONE. Because the collateral was counterfeit and therefore worthless, the attackers abandoned it and exited with the borrowed funds. Approximately 1,204 ETH (valued at roughly $3.2 million at the time) was bridged to Ethereum and laundered through Tornado Cash. An additional approximately $3.7 million in MBTC loans remained on Mode Network. The Ionic team characterized the incident as 'not a code-based breach' and stated their smart contract protocol functioned as intended; they advised users to suspend platform interaction while the investigation proceeded and stated they were engaging law enforcement and investigative partners.","heading":"February 2025 Social Engineering Exploit (~$8.6–8.8M)","severity":"critical","sources":[{"credibility":2,"name":"Explained: The Ionic Money Hack (February 2025) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"},{"credibility":2,"name":"Ionic Money — Rekt News","type":"news_article","url":"https://rekt.news/ionic-money-rekt"},{"credibility":2,"name":"Feb 2025 — Ionic Money Fake LBTC Collateral Social Engineering — Quadriga Initiative","type":"community_report","url":"https://quadrigainitiative.com/casestudy/ionicmoneyfakelbtccollateralsocialengineering.php"},{"credibility":2,"name":"Mode-based Ionic platform hacked, losing about $8.8 million — PANews","type":"news_article","url":"https://www.panewslab.com/en/articles/6d4lap4z"}]},{"content":"The February 2025 exploit did not affect Ionic Money in isolation. Because the attackers borrowed MBTC (Merlin Chain's wrapped Bitcoin), that MBTC then circulated across the Mode Network DeFi ecosystem. When Merlin Chain announced it would use a pre-exploit snapshot to 'minimize the effects of the incident on MBTC users,' this created secondary losses for protocols on Mode Network that had accepted MBTC as collateral. In particular, Layerbank and Ironclad — two other lending protocols in the Mode ecosystem — were left holding toxic MBTC positions that became effectively worthless after the snapshot action. No coordinated user reimbursement plan across the affected protocols has been publicly confirmed.","heading":"Ecosystem Contagion from 2025 Exploit","severity":"high","sources":[{"credibility":2,"name":"Ionic Money — Rekt News","type":"news_article","url":"https://rekt.news/ionic-money-rekt"},{"credibility":2,"name":"Explained: The Ionic Money Hack (February 2025) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"}]},{"content":"Ionic Money was built by a team with overlapping leadership from Midas Capital, a multi-chain lending protocol that suffered two separate exploits in 2023 before being sunsetted. The first exploit occurred on January 16, 2023, when an attacker used a flash loan to exploit a read-only reentrancy vulnerability in the WMATIC-stMATIC Curve LP token collateral on Midas's Jarvis Polygon pool, resulting in approximately $660,000 in losses. The attacker manipulated the virtual price of the LP token by a factor of roughly ten, enabling artificial over-collateralization and subsequent fund extraction. The second exploit occurred on June 17, 2023, on BNB Chain, resulting in approximately $600,000 in losses via a rounding error vulnerability in the protocol's Compound V2 fork codebase; the attacker used flash loans to exploit the rounding issue in voucher value calculations. On-chain investigator ZachXBT stated publicly in February 2025 that he had privately confronted the Ionic team about these prior Midas exploits before the February 2025 incident, and that Ionic had launched using an audit report from Midas dated 2022. The Ionic team reportedly responded to ZachXBT's inquiry by asserting that the Midas vulnerabilities had been fixed in Ionic through implementation of whitelists and reentrancy protections.","heading":"Predecessor Protocol Midas Capital — Two Prior Exploits (2023)","severity":"high","sources":[{"credibility":2,"name":"ZachXBT on X — confronted Ionic about prior Midas hacks","type":"social_media","url":"https://x.com/zachxbt/status/1886792512917864953"},{"credibility":2,"name":"Midas Capital Suffers $660,000 Flash Loan Attack — BeinCrypto","type":"news_article","url":"https://beincrypto.com/midas-capital-releases-660000-exploit-post-mortem-defi-attacks-carry-into-2023/"},{"credibility":2,"name":"Midas Capital Pool Exploited for $600k — BeinCrypto","type":"news_article","url":"https://beincrypto.com/midas-capital-pool-exploited/"},{"credibility":2,"name":"Midas Capital Hack Analysis — KALOS Security (Medium)","type":"research","url":"https://medium.com/kalos/midas-capital-hack-analysis-6fc9f4a48c92"},{"credibility":2,"name":"Midas Capital — Rekt News","type":"news_article","url":"https://rekt.news/midas-capital-rekt"}]},{"content":"The February 2025 exploit exposed a critical weakness in Ionic Money's asset listing process. The attack succeeded not through a smart contract vulnerability but through manipulation of the protocol's off-chain due diligence and governance processes. Attackers sustained a multi-week business development engagement — beginning in approximately December 2024 — before executing the exploit in early February 2025. The incident highlights risks inherent in permissioned asset listing processes that rely on team judgment rather than on-chain verification or cryptographic proof of asset authenticity. The Ionic team acknowledged the protocol's on-chain code was not compromised, but the episode demonstrates that social vectors represent a meaningful attack surface for DeFi lending protocols that accept diverse collateral types. No protocol-level safeguards such as time-locks on new collateral listings or third-party verification requirements appear to have been in place at the time of the incident.","heading":"Collateral Vetting and Operational Risk","severity":"high","sources":[{"credibility":2,"name":"Explained: The Ionic Money Hack (February 2025) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"},{"credibility":3,"name":"Ionic Money $8.5 million Exploit: Hack Analysis — LinkedIn","type":"research","url":"https://www.linkedin.com/pulse/ionic-money-85-million-exploit-hack-analysis-piyush-shukla-7j8if"}]},{"content":"In March 2024, Ionic Money announced that Renzo Protocol's ezETH (a liquid restaking token) would be the first LRT integrated as collateral on the protocol via a RedStone oracle price feed. In late April 2024, ezETH experienced a significant depeg event following Renzo Protocol's controversial REZ tokenomics announcement, with ezETH briefly trading as low as approximately $688 on Uniswap — an 18% discount to ETH. This depeg triggered over $60 million in liquidations across DeFi platforms that accepted ezETH as collateral, particularly Morpho and Gearbox. Available sources do not document material protocol-level losses or bad debt attributable specifically to Ionic Money during the April 2024 ezETH depeg; the primary liquidation cascade was concentrated at other leverage platforms. Ionic's use of a RedStone oracle for ezETH pricing and the protocol's exposure to LRT volatility remains a noted risk factor.","heading":"ezETH Integration and April 2024 Depeg Context","severity":"medium","sources":[{"credibility":2,"name":"RedStone announces ezETH price feed support for Ionic on Mode — X","type":"official","url":"https://x.com/redstone_defi/status/1771190205728641304"},{"credibility":2,"name":"Depeg of $3B restaking token ezETH causes over $60M in DeFi liquidations — Protos","type":"news_article","url":"https://protos.com/depeg-of-3b-restaking-token-ezeth-causes-over-60m-in-defi-liquidations/"},{"credibility":1,"name":"Renzo's ezETH depegs 18.3% following REZ tokenomics announcement — The Block","type":"news_article","url":"https://www.theblock.co/post/290709/renzos-ezeth-depegs-18-3-following-rez-tokenomics-announcement-on-binance"},{"credibility":1,"name":"Renzo Restaked ETH Suffers a Brief Crash on Uniswap — CoinDesk","type":"news_article","url":"https://www.coindesk.com/markets/2024/04/24/renzo-restaked-eth-suffers-a-brief-crash-on-uniswap"}]},{"content":"The Ionic Money team has not publicly disclosed the identities of its founders or core developers. The project's introductory publication references 'a handful of ambitious giga brains' initiating the protocol in November 2021 under the Midas Capital name, without naming individuals. No named executives, founders, or lead developers appear in the protocol's official documentation or public communications as of mid-2025. The undisclosed team identity is a risk signal, particularly given the protocol's history of security incidents across both its Midas Capital and Ionic Money iterations. The protocol is backed by MetaCartel Ventures and received grants from several DeFi ecosystem funds, suggesting some institutional due diligence was conducted, but this does not substitute for public accountability.","heading":"Team Anonymity and Governance","severity":"medium","sources":[{"credibility":2,"name":"Ionic Protocol: Introduction — Medium","type":"official","url":"https://medium.com/@ionicmoney/ionic-protocol-introduction-e6e0b748f538"},{"credibility":2,"name":"Ionic suffered an attack, predecessor Midas was attacked twice — Bitget News","type":"news_article","url":"https://www.bitget.com/news/detail/12560604547626"}]},{"content":"Following the February 2025 exploit, Ionic Money's TVL declined sharply. DeFi Llama data available in mid-2025 reflects a TVL of approximately $2 million, substantially below earlier reported figures of over $250 million that the protocol cited across its multi-chain deployments on Mode Network, Base, Optimism, and BOB. The ION governance token trades at a significantly depressed price. As of mid-2025, no confirmed compensation plan for users who suffered losses in the February 2025 exploit has been publicly announced. The protocol's operational status and whether it remains actively maintained is not clearly established in publicly available sources.","heading":"Current Status and TVL","severity":"high","sources":[{"credibility":2,"name":"Ionic Protocol TVL Stats — DeFi Llama","type":"on_chain","url":"https://defillama.com/protocol/ionic-protocol"},{"credibility":2,"name":"Ionic Protocol Price — CoinGecko","type":"other","url":"https://www.coingecko.com/en/coins/ionic-protocol"}]}],"sources_used":[{"name":"Ionic Money — Rekt News","type":"news_article","url":"https://rekt.news/ionic-money-rekt"},{"name":"Explained: The Ionic Money Hack (February 2025) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"},{"name":"Feb 2025 — Ionic Money Fake LBTC Collateral Social Engineering — Quadriga Initiative","type":"community_report","url":"https://quadrigainitiative.com/casestudy/ionicmoneyfakelbtccollateralsocialengineering.php"},{"name":"Mode-based Ionic platform hacked — PANews","type":"news_article","url":"https://www.panewslab.com/en/articles/6d4lap4z"},{"name":"Ionic Protocol TVL Stats — DeFi Llama","type":"on_chain","url":"https://defillama.com/protocol/ionic-protocol"},{"name":"Ionic Protocol: Introduction — Medium","type":"official","url":"https://medium.com/@ionicmoney/ionic-protocol-introduction-e6e0b748f538"},{"name":"Introduction — Ionic Documentation","type":"official","url":"https://doc.ionic.money/ionic-documentation/ionic-protocol/introduction"},{"name":"ZachXBT on X — prior Midas hacks","type":"social_media","url":"https://x.com/zachxbt/status/1886792512917864953"},{"name":"Midas Capital Suffers $660,000 Flash Loan Attack — BeinCrypto","type":"news_article","url":"https://beincrypto.com/midas-capital-releases-660000-exploit-post-mortem-defi-attacks-carry-into-2023/"},{"name":"Midas Capital Pool Exploited for $600k — BeinCrypto","type":"news_article","url":"https://beincrypto.com/midas-capital-pool-exploited/"},{"name":"Midas Capital Hack Analysis — KALOS Security","type":"research","url":"https://medium.com/kalos/midas-capital-hack-analysis-6fc9f4a48c92"},{"name":"Midas Capital — Rekt News","type":"news_article","url":"https://rekt.news/midas-capital-rekt"},{"name":"Ionic suffered attack, predecessor Midas attacked twice — Bitget News","type":"news_article","url":"https://www.bitget.com/news/detail/12560604547626"},{"name":"Renzo's ezETH depegs 18.3% — The Block","type":"news_article","url":"https://www.theblock.co/post/290709/renzos-ezeth-depegs-18-3-following-rez-tokenomics-announcement-on-binance"},{"name":"Depeg of $3B restaking token ezETH causes over $60M in DeFi liquidations — Protos","type":"news_article","url":"https://protos.com/depeg-of-3b-restaking-token-ezeth-causes-over-60m-in-defi-liquidations/"},{"name":"Renzo Restaked ETH Suffers a Brief Crash on Uniswap — CoinDesk","type":"news_article","url":"https://www.coindesk.com/markets/2024/04/24/renzo-restaked-eth-suffers-a-brief-crash-on-uniswap"},{"name":"RedStone announces ezETH price feed support for Ionic — X","type":"official","url":"https://x.com/redstone_defi/status/1771190205728641304"},{"name":"Ionic Protocol Price — CoinGecko","type":"other","url":"https://www.coingecko.com/en/coins/ionic-protocol"}],"summary":"Ionic Money is a decentralized money market protocol operating on Mode Network (an OP Superchain L2), rebranded from Midas Capital after two exploits on that predecessor protocol in 2023. In February 2025, Ionic Money suffered a social engineering attack in which attackers impersonating the Lombard Finance team convinced the protocol to list a counterfeit LBTC token as collateral, resulting in approximately $8.6–8.8 million in losses. The protocol and its affiliated ecosystem protocols on Mode Network absorbed significant bad debt, with no confirmed user compensation as of mid-2025.","timeline":[{"date":"2021-11-01","event":"Midas Capital protocol initiated by anonymous team on Polygon and BNB Chain as a multi-chain isolated lending market.","source":"Ionic Protocol Introduction — Medium","source_url":"https://medium.com/@ionicmoney/ionic-protocol-introduction-e6e0b748f538"},{"date":"2023-01-16","event":"Midas Capital Jarvis Polygon pool exploited via flash loan read-only reentrancy on WMATIC-stMATIC Curve LP collateral; approximately $660,000 lost.","source":"Midas Capital Suffers $660,000 Flash Loan Attack — BeinCrypto","source_url":"https://beincrypto.com/midas-capital-releases-660000-exploit-post-mortem-defi-attacks-carry-into-2023/"},{"date":"2023-06-17","event":"Midas Capital BNB Chain isolated pool exploited via rounding error in Compound V2 fork codebase; approximately $600,000 lost.","source":"Midas Capital Pool Exploited for $600k — BeinCrypto","source_url":"https://beincrypto.com/midas-capital-pool-exploited/"},{"date":"2024-03-22","event":"Ionic Money (rebranded from Midas Capital) announces Renzo Protocol's ezETH as the first LRT collateral on Mode Network, using RedStone oracle price feeds.","source":"RedStone announces Ionic Money ezETH support — X","source_url":"https://x.com/redstone_defi/status/1771190205728641304"},{"date":"2024-04-24","event":"Renzo Protocol's ezETH depegs approximately 18% on Uniswap following controversial REZ tokenomics announcement; over $60M in liquidations across DeFi platforms. No confirmed material bad debt attributed to Ionic specifically.","source":"Renzo's ezETH depegs 18.3% — The Block","source_url":"https://www.theblock.co/post/290709/renzos-ezeth-depegs-18-3-following-rez-tokenomics-announcement-on-binance"},{"date":"2024-12-12","event":"Alleged attacker begins interacting with Ionic Money platform, initiating multi-week impersonation of Lombard Finance team members.","source":"Explained: The Ionic Money Hack — Halborn","source_url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"},{"date":"2025-01-09","event":"Attacker deploys counterfeit LBTC token contract (0x964dd444e3192f636322229080a576077b06fba3) on Mode Network.","source":"Explained: The Ionic Money Hack — Halborn","source_url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"},{"date":"2025-02-04","event":"Ionic Money exploit executed: 250 counterfeit LBTC tokens used as collateral to borrow approximately $8.6–8.8M in real assets including MBTC, uniBTC, wrsETH, WETH, and STONE. Approximately 1,204 ETH bridged to Ethereum and routed through Tornado Cash.","source":"Ionic Money — Rekt News","source_url":"https://rekt.news/ionic-money-rekt"},{"date":"2025-02-04","event":"ZachXBT publicly notes that Ionic is a rebrand of Midas Capital, which was exploited twice in 2023, and states he previously confronted the team about this via private messages.","source":"ZachXBT on X","source_url":"https://x.com/zachxbt/status/1886792512917864953"},{"date":"2025-02-04","event":"Ionic Money team acknowledges exploit, states the attack was a social engineering incident rather than a smart contract vulnerability, and suspends platform interaction pending investigation.","source":"Explained: The Ionic Money Hack — Halborn","source_url":"https://www.halborn.com/blog/post/explained-the-ionic-money-hack-february-2025"}]},"v":1}

   Verify offline (run on your own machine)

   python -m src.verify_decision e63d34de-c898-4474-93b3-76e82a6698a0copy