Skip to main content
Sign in

PrismaFi

avoid.net/prisma-fi12/100·88% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·4P4P3P…pehP

Summary

Prisma Finance was an Ethereum-based collateralized debt position (CDP) protocol that issued stablecoins (mkUSD and ULTRA) backed by liquid staking and restaking tokens (LRTs/LSTs). On March 28, 2024, a critical input validation flaw in the MigrateTroveZap contract was exploited via flash loan, resulting in the theft of approximately 3,479 ETH (~$12 million) from user vaults. Following the exploit, the core team effectively abandoned the protocol, which was subsequently shut down via DAO governance (PIP-46) and succeeded by Resupply Finance.

Connected Entities

1 entities
Protocols
PrismaFi
Relationships
    Have evidence about PrismaFi?

    Timeline(15 events)

    2023-01-01

    Prisma Finance launched on Ethereum mainnet as an LRT/LST-backed CDP stablecoin protocol, issuing mkUSD and ULTRA.

    2024-03-01

    Prisma Finance announced a system upgrade requiring users to migrate Trove positions to new TroveManager contracts; MigrateTroveZap contract deployed.

    2024-03-28

    At approximately 11:25 UTC, the primary attacker exploited a critical input validation flaw in the MigrateTroveZap contract using a flash loan, stealing approximately 3,479 ETH (~$12 million) from 25 victim wallets across three exploiter addresses.

    2024-03-28

    At 12:51 UTC, Prisma Finance's emergency multisig paused the protocol. TVL dropped ~40% from $236 million to $143 million. PRISMA token fell over 25%.

    2024-03-28

    The primary attacker posted an on-chain message claiming 'this is a white hat rescue' and requested contact information to arrange a refund.

    2024-03-28

    Prisma Finance directed the attacker to negotiations@prismafinance.com via on-chain message.

    2024-03-29

    The attacker publicly demanded a live public apology from the development team and insisted developers reveal their real identities as conditions for fund return discussions.

    2024-03-29

    Blockchain security firm Cyvers observed the attacker beginning to swap stolen funds to ETH; PeckShield reported approximately 200 ETH transferred to OFAC-sanctioned mixer Tornado Cash.

    2024-03-29

    A further 740 ETH reportedly transferred to a Tornado Cash-associated address, bringing total funds sent to mixers to over $2.5 million.

    2024-04-03

    Core contributor Frank Olson published a proposal (later PIP-035) to safely restart the Prisma protocol, including re-enabling LST/LRT deposits and stablecoin borrowing.

    2024-04-05

    The DAO voted 100% in favor of the protocol restart proposal.

    2024-04-07

    Prisma Finance announced resumption of operations with limited functionality restored.

    2024-12-01

    Resupply Finance launched as the successor protocol, issuing reUSD backed by crvUSD and frxUSD, with RSUP as its governance token.

    2025-01-02

    New PRISMA token emissions ceased. DAO proposal PIP-46 formally confirmed the shutdown of Prisma Finance and transition to Resupply Finance.

    2025-01-01

    Decommissioning of Prisma Finance completed by the Resupply team; less than $80,000 in debt remained, with mkUSD backed 1:1 by crvUSD via Peg Stability Modules.

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/30/2026, 6:33:15 PM

    last updated: 5/30/2026, 6:33:20 PM

    avoid.net — verified advice for a post-truth world