Skip to main content
Sign in

Socket Protocol

avoid.net/socket-protocol58/100·82% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·33vHoH…6ajC

Summary

Socket Protocol (also marketed as Bungee Exchange) is a cross-chain interoperability and liquidity-routing protocol founded in 2021 by Vaibhav Chellani and Rishabh Khurana. On January 16, 2024, a newly deployed route module containing an unvalidated calldata vulnerability was exploited, draining approximately $3.3 million from approximately 230 wallets that had granted infinite token approvals to the SocketGateway contract. In an unusual outcome for a DeFi exploit, Socket negotiated the return of 1,032 ETH (~$2.3 million) from the attacker and covered the remaining ~$1.1 million shortfall itself, making all affected users whole.

Connected Entities

1 entities · 10 linked investigations
Protocols
Socket Protocol
Relationships
    Also appears in
    Gamma Strategies·28BitGrail·2Thorchain DEX·14Orca·85KuCoin Exchange Hack·32Zircon Gamma·32CryptoZoo·8Value DeFi Protocol·18Evolved Apes NFT·2Tinyman·52
    Have evidence about Socket Protocol?

    Timeline(10 events)

    2021-01-01

    Socket Protocol founded by Vaibhav Chellani and Rishabh Khurana, building on prior Biconomy infrastructure experience.

    CoinDesk

    2022-03-01

    Socket closes $5 million seed round led by Framework Ventures.

    CoinDesk

    2023-09-06

    Socket raises $5 million strategic round co-led by Coinbase Ventures and Framework Ventures to expand interoperability with Coinbase Wallet and Base.

    CoinDesk

    2024-01-13

    Admin transaction adds the vulnerable WrappedTokenSwapperImpl route to the SocketGateway contract — three days before the exploit.

    CertiK Incident Analysis

    2024-01-16

    Attacker exploits unvalidated calldata in the new route module at 19:03 UTC, draining approximately $3.3 million from ~230 wallets with infinite approvals to SocketGateway in two transactions.

    CertiK Incident Analysis / The Block

    2024-01-16

    Socket team disables the vulnerable route and pauses contracts within approximately 14 minutes of the exploit.

    Halborn

    2024-01-16

    Socket admin wallet sends on-chain message to the attacker initiating bounty negotiation and requesting return of funds within 12 hours.

    CryptoBriefing

    2024-01-17

    Socket and Bungee Exchange resume normal operations after patching the vulnerable module.

    CoinDesk

    2024-01-23

    Socket announces recovery of 1,032 ETH (~$2.3M) from the attacker following negotiations, and commits to covering the remaining ~$1.1M shortfall to make all 232 affected users whole.

    The Block / CoinTelegraph

    2024-01-23

    Compensation portal launched at recovery.socket.tech; affected users can claim reimbursement by signing an on-chain message without granting new approvals.

    Blockworks
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/31/2026, 6:59:58 AM

    last updated: 5/31/2026, 7:00:02 AM

    avoid.net — verified advice for a post-truth world