Skip to main content
Sign in

Pickle Finance

avoid.net/pickle-finance28/100·85% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·2DUfBk…TC58

Summary

Pickle Finance was a DeFi yield aggregator launched in September 2020 that allowed users to auto-compound returns via tokenized strategy vaults called 'Jars.' On November 21, 2020, an attacker exploited a combination of smart contract vulnerabilities in the unaudited ControllerV4 contract to drain 19,759,355 DAI (~$19.7 million) from the pDAI Jar in what analysts described as one of the most technically complex DeFi exploits of its era. The protocol subsequently partnered with Yearn Finance, issued a CORNICHON compensation token to victims, and continued operating until it announced a full shutdown effective October 1, 2025.

Connected Entities

1 entities · 1 linked investigation
Protocols
Pickle Finance
Relationships
    Also appears in
    Pickle Finance·18
    Have evidence about Pickle Finance?

    Timeline(10 events)

    2020-09-11

    Pickle Finance launches on Ethereum at block 10838600 with a fair-launch PICKLE token distribution and no pre-mine.

    2020-09-15

    Protocol TVL surpasses $347 million within four days of launch, driven by DeFi Summer yield farming demand.

    2020-10-03

    MixBytes commences a smart contract audit covering ControllerV3 and existing Jar strategy contracts.

    2020-10-20

    HAECHI AUDIT completes its review of Pickle Finance smart contracts, covering ControllerV3 scope.

    2020-10-23

    ControllerV4 is deployed to mainnet with the new swapExactJarForJar() function, outside the scope of both completed audits.

    2020-11-21

    Attacker drains 19,759,355 DAI from the pDAI PickleJar using the 'Evil Jar' exploit, combining unvalidated jar swaps, code injection via CurveProxyLogic, and incorrect dust classification of cDAI. PICKLE token falls ~50%.

    2020-11-22

    Pickle Finance governance multi-sig granted emergency powers via Timelock at 3:15 PM UTC. CurveProxyLogic converter revoked from Controller one minute later, eliminating the attack vector.

    2020-11-24

    Yearn Finance and Pickle Finance announce a collaboration. CORNICHON compensation token introduced and distributed proportionally to hack victims based on pDAI Jar balance snapshot.

    2025-07-01

    Pickle Finance announces protocol shutdown, citing bear market conditions and saturated yield-aggregator market. 170,280 USDC treasury to be distributed to token holders.

    2025-10-01

    Pickle Finance UI disabled. Protocol fully sunsets after approximately five years of operation.

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/30/2026, 7:10:26 PM

    last updated: 5/30/2026, 7:10:28 PM

    avoid.net — verified advice for a post-truth world