numa.

2024-12-01

numa. protocol launches on Arbitrum with LST-backed synthetics (nuUSD, nuBTC, nuETH, nuGOLD) and burn-and-mint tokenomics.

2025-04-18

First exploit: attacker uses flash loan to manipulate $NUMA internal price via sell-burn-lock mechanism, stealing approximately 292.96 rETH (~$506K). Hypernative detected the attack 7+ minutes prior to execution. Stolen funds bridged to Ethereum and laundered through Tornado Cash.

2025-04-18

Numa team discovers exploit approximately one hour after execution. Protocol pauses lending and liquidation functionality.

2025-04-21

$NUMA token hits all-time low of approximately $0.13, down roughly 60% from pre-exploit price.

2025-04-21

Team publishes compensation plan: ~35 rETH in vault rewards, $100K external contribution, and direct team/protocol funds to make 1.49M $NUMA owed to external users whole.

2025-05-01

Team announces Sonic blockchain launch planned for end of May 2025, with Sherlock audit review required before deployment. Arbitrum lending to reopen after Sonic launch.

2025-08-10

Second exploit: attacker flash-mints nuBTC to inflate synthValueInEth, collapsing cNuma collateral prices and triggering forced liquidations of five victim accounts on Sonic. Approximately $313K (74.3 ETH) stolen. Funds bridged to Ethereum and deposited into Tornado Cash.

2025-08-01

Olympix publishes analysis of the August exploit, categorizing it as a locked-in price manipulation vulnerability. CertiK and Verichains publish independent post-mortems.