Levyathan

2021-06-01

Levyathan launches on Binance Smart Chain as an alleged first crypto index fund protocol on BSC; LEV token distributed via airdrop and sale.

2021-07-01

CertiK completes security audit of Levyathan smart contracts, identifying 18 issues with none labeled Critical.

2021-07-28

An unknown party submits a Timelock transaction to transfer ownership of the MasterChef contract, using private keys that had been left in Levyathan's public GitHub repository.

2021-07-30

Timelock delay expires; attacker executes ownership transfer, mints approximately 100 quintillion LEV tokens, dumps them on market, and bridges proceeds to Ethereum. LEV price collapses to near zero. Concurrent emergencyWithdraw bug allows early stakers to drain additional funds from the protocol.

2021-07-30

Levyathan team publishes initial post-mortem on Medium acknowledging the private key exposure and emergencyWithdraw bug. Recovery wallet address published.

2021-08-05

Rekt.news publishes detailed analysis of the exploit, questioning whether the public key story was a cover for an inside job and criticizing the team's communications.

2021-08-01

CertiK formally acknowledges audit failure via statement to the Levyathan team, accepting responsibility for missing the emergencyWithdraw vulnerability in the post-audit code review.

2021-08-10

Levyathan publishes final Medium post announcing project dissolution, confirming development funds are depleted, new developers have withdrawn, and all recovered funds will be distributed to victims. Official channels to be shut down.