Skip to main content
Sign in

Rodeo Finance

avoid.net/rodeo12/100·82% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:defillama]
anchored·2FUKBf…cwBm

Summary

Rodeo Finance was an Arbitrum-based leveraged yield protocol that allowed users to open leveraged positions in DeFi yield strategies using borrowed USDC from an integrated lending pool. The protocol suffered two separate security exploits in July 2023 within six days of each other, with the second — a TWAP oracle manipulation attack — draining approximately 472 ETH (roughly $888,000 net) and collapsing its total value locked from $20 million to under $500. The attacker bridged stolen funds to Ethereum, routed 150 ETH through Tornado Cash, and the protocol never fully recovered operationally.

Connected Entities

2 entities · 10 linked investigations
Organizations
Rodeo
Protocols
Rodeo Finance
Relationships
    Also appears in
    edgeX Exchange·28Saga EVM Blockchain·32Mach-O Man Malware Campaign (Lazarus / Chollima)·0Gamma Strategies·28Bunni Protocol·28BitGrail·2Lulo·55Chen Zhi / Prince Group·2Thorchain DEX·28Crossmint·70
    Have evidence about Rodeo Finance?

    Timeline(7 events)

    2023-07-05

    First exploit: approximately $89,000 stolen via a vulnerability in the mintProtocolReserves function and StrategyGamma balance manipulation. Hypernative Labs detected the attack.

    CoinTelegraph

    2023-07-11

    Second exploit at approximately 07:54 UTC: attacker (0x2f3788F2396127061c46fC07BD0fcb91faAcE328) executes a multiblock TWAP oracle sandwich attack on the ETH/unshETH strategy. 472 ETH (~$888,000 net) drained from the USDC lending pool. PeckShield first publicly alerts the team on Twitter.

    QuillAudits / Rodeo Finance Post Mortem

    2023-07-11

    Rodeo Finance pauses all protocol operations. TWAP-dependent farms disabled. Team initiates forensic analysis and contacts law enforcement.

    Rodeo Finance Official Post Mortem

    2023-07-11

    Attacker bridges stolen ETH from Arbitrum to Ethereum mainnet. 285 ETH swapped for unshETH and deposited to Ankr ETH2 staking. 150 ETH sent to Tornado Cash. Approximately 371 ETH remains in attacker wallet.

    Neptune Mutual Exploit Analysis

    2023-07-11

    RDO token price drops approximately 60%, from ~$0.20 to ~$0.08. Protocol TVL collapses from $20 million to under $500.

    Blockonomi / CryptoBriefing

    2023-07-12

    Team recovers approximately $816,342 USDC worth of unshETH left in exploited contracts. Funds transferred to Rodeo multisig and swapped to USDC. Team announces weekly repayment plan for USDC pool LP losses from treasury.

    Rodeo Finance Official Post Mortem

    2023-07-12

    On-chain white hat bounty message sent to attacker wallet. No funds returned. Third-party auditors engaged for full codebase review before any potential relaunch.

    Rodeo Finance Official Post Mortem
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:defillama

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/4/2026, 2:54:40 AM

    last updated: 5/30/2026, 12:14:28 PM

    avoid.net — verified advice for a post-truth world