Silo V2

2021-01-01

Silo Finance founded and initial protocol design work begun on isolated lending market architecture.

2023-04-27

Whitehat submits critical vulnerability report via Immunefi disclosing interest rate model (IRMV1) flaw that could have exposed approximately $3 million in Ethereum-market deposits.

2023-05-01

Silo deploys patched interest rate model (IRMv2), fixing the utilization ratio calculation vulnerability.

2023-06-06

Silo Finance publicly discloses the 2023 vulnerability and awards 100,000 USDC bug bounty to the whitehat reporter.

2024-01-01

Silo V2 announced with expanded architecture: multichain deployment, programmable markets, Silo Vaults, and xSILO revenue token.

2025-05-28

Cork Protocol exploited for approximately $12 million (3,761 wstETH); attacker address later linked to Silo Finance exploit.

2025-06-25

Silo Finance leverage contract exploit occurs at 14:11:23 UTC; 224 ETH (~$545,000 in SiloDAO test funds) drained via improper input validation in unreleased LeverageUsingSiloFlashloanWithGeneralSwap contract.

2025-06-25

Silo Finance pauses the affected contract on Ethereum and Sonic networks; confirms core markets and user funds unaffected.

2025-06-25

SILO token price drops approximately 11% following public disclosure of the exploit.

2025-06-25

PeckShield flags attacker wallet as linked to the Cork Protocol exploit; both incidents involve Tornado Cash fund laundering.

2025-06-25

Attacker routes stolen 224 ETH through Tornado Cash in multiple transactions to obfuscate fund trail.

2025-06-26

Certora publishes incident post-mortem acknowledging that Certora Prover was not applied to the exploited leverage contract, and that formal verification would have detected the user-controlled external call vulnerability.