Skip to main content
Sign in
Magpie Protocol1 decision on this page

Audit log

Every state-changing event for Magpie Protocol: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-30 05:05:27Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 423,089,268
    sig
    5kiGH4aobcdr…ctoBsGoAexplorer ↗
    hash
    DbJABEpnNrpi…myYhSB8hsha256 → base58
    verifying row…full verify ↗
    canonical bytes (7875 B) ▸
    {"actor":"system:backfill","investigation_id":"425d4aa7-23ea-48a1-bfce-5c1e47138809","kind":"publish","page_slug":"magpie-protocol","published_at":"2026-05-30T05:05:27.383Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Magpie Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://flagship.fyi/outposts/dapps/magpie-xyz-protocol-deep-dive-boosted-yield-from-pendle-finance/","type":"other","url":""},{"credibility":3,"name":"https://docs.magpiexyz.io/mgp-token","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/magpie-ecosystem","type":"other","url":""},{"credibility":3,"name":"https://revelointel.com/project-breakdown/magpie/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@Magpieprotocol/magpie-protocol-smart-contract-vulnerability-post-mortem-f6400db0a25e","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@Magpieprotocol/magpie-protocol-charting-a-secure-path-following-exploit-c7046d9fc3ca","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/magpieprotocoluncheckedcontractinputs.php","type":"other","url":""},{"credibility":3,"name":"https://revoke.cash/exploits/magpie","type":"other","url":""},{"credibility":3,"name":"https://hackernoon.com/balancing-usability-and-security-in-the-wake-of-a-breach-an-interview-with-magpie-protocols-cio","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/penpie-rekt","type":"other","url":""},{"credibility":3,"name":"https://therecord.media/penpie-defi-protocol-ethereum-stolen","type":"other","url":""},{"credibility":3,"name":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis","type":"other","url":""},{"credibility":3,"name":"https://beosin.com/resources/an-analysis-of-penpie-security-incident-with-a-loss-of-27-million","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/slowmist-incident-analysis-penpie-hack-e6157975898f","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://thedefiant.io/news/defi/penpie-proposes-compensation-plan-and-insurance-protocol-after-usd27m-exploit","type":"other","url":""},{"credibility":3,"name":"https://gov.magpiexyz.io/t/penpie-compensation-plan-draft-02/412","type":"other","url":""},{"credibility":3,"name":"https://gov.magpiexyz.io/t/pip-15-recovery-plan-for-users-affected-by-penpie-exploit/426","type":"other","url":""},{"credibility":3,"name":"https://gov.magpiexyz.io/t/mip-55-recovery-plan-for-users-affected-by-penpie-exploit/428","type":"other","url":""},{"credibility":3,"name":"https://serenityresearch.substack.com/p/serenity-premium-magpie-penpies-hack","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.magpiexyz.io/security/audit-reports","type":"other","url":""},{"credibility":3,"name":"https://github.com/peckshield/publications/blob/master/audit_reports/PeckShield-Audit-Report-Magpie-v1.0.pdf","type":"other","url":""},{"credibility":3,"name":"https://github.com/peckshield/publications/blob/master/audit_reports/PeckShield-Audit-Report-Magpie-v1.1.pdf","type":"other","url":""},{"credibility":3,"name":"https://www.auditone.io/blog-posts/the-penpie-hack-understanding-the-september-2024-reentrancy-exploit-and-the-role-of-auditing-in-defi-security","type":"other","url":""},{"credibility":3,"name":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis","type":"other","url":""},{"credibility":3,"name":"https://blog.magpiexyz.io/prioritizing-safety-and-security-9acf2f5add7f","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.magpiexyz.io/mgp-token","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/magpie","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/magpie/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://revoke.cash/exploits/magpie","type":"other","url":""},{"credibility":3,"name":"https://thecyberexpress.com/penpie-defi-hack-crypto-theft-2024/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024","type":"other","url":""}]}],"sources_used":[],"summary":"Magpie XYZ is a multi-chain DeFi yield-optimization ecosystem built on a SubDAO model, enhancing veTokenomics across protocols including Wombat Exchange, Pendle Finance, PancakeSwap, Radiant Capital, and Camelot DEX. The ecosystem has suffered two distinct smart contract exploits: a $129,000 router vulnerability in April 2024 and a critical $27.3 million reentrancy exploit in September 2024 via its Penpie SubDAO, the latter of which resulted in laundering through Tornado Cash and law enforcement referrals to the FBI and Singapore Police. ZachXBT has flagged the entity in connection with the broader security incidents.","timeline":[{"date":"2022-01-01","event":"Magpie XYZ launches its inaugural SubDAO protocol in partnership with Wombat Exchange on BNB Chain, introducing mWOM as a liquid wrapper for veWOM governance tokens.","source":""},{"date":"2023-01-01","event":"Penpie SubDAO launches, targeting Pendle Finance yield optimization. Users can deposit PENDLE to receive mPENDLE liquid wrappers while the protocol accumulates vePENDLE.","source":""},{"date":"2024-04-23","event":"Magpie Protocol MagpieRouterV2 exploited via unchecked function selector position; $129,000 stolen from 221 wallets. Attacker addresses identified on Ethereum and BSC.","source":""},{"date":"2024-05-07","event":"Magpie Protocol completes reimbursement of all 221 affected wallets in full within two weeks of the April exploit.","source":""},{"date":"2024-09-03","event":"Penpie SubDAO exploited via reentrancy attack on batchHarvestMarketRewards(); 11,113.6 ETH ($27.3 million) stolen. Pendle Finance pauses all contracts preventing an additional estimated $105 million in losses. PNP token drops ~40%.","source":""},{"date":"2024-09-03","event":"Penpie team files police report at Kampong Java Neighbourhood Police Centre (Singapore) and files complaint with FBI Internet Crime Complaint Center (IC3).","source":""},{"date":"2024-09-04","event":"Attacker declines bounty offer from Penpie team and begins laundering stolen 11,109.62 ETH via Tornado Cash.","source":""},{"date":"2024-09-05","event":"Penpie post-mortem published; Pendle provides VPN IP address data to Singapore law enforcement for investigation.","source":""},{"date":"2024-10-01","event":"Magpie governance publishes Penpie compensation plan drafts (Draft 01, Draft 02) proposing SRT token distribution and SAFUPIE insurance SubDAO.","source":""},{"date":"2024-10-01","event":"Governance proposals MIP #55 and PIP #15 formalize recovery plan: 4% MGP token supply allocated, 20% of Penpie vePENDLE revenue, and 20% of Magpie monthly revenue committed to buybacks.","source":""},{"date":"2024-12-18","event":"MGP token reaches all-time high of approximately $0.212 USD before declining over 90% in subsequent months.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 8bc14f24-30c5-4e60-ab41-645cdb45e87f
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.