Steadefi

2023-06-17

A team member allegedly downloaded a malware-laden file during a Telegram conversation with an entity identifying itself as 'Spirit Blockchain Group', according to Steadefi's post-mortem.

2023-06-28

The deployer wallet's MetaMask seed phrases were compromised, allegedly as a result of the June 17 malware infection.

2023-08-07

Attacker exploited the compromised deployer private key at approximately 4:06 PM UTC to transfer ownership of all lending and strategy vaults on Arbitrum and Avalanche to address 0x9cf71F2ff126B9743319B60d2D873F0E508810dc. Approximately $1.14 million in assets drained and bridged to Ethereum mainnet via Synapse bridge.

2023-08-09

Steadefi publicly disclosed the exploit via Twitter, warning all funds were at risk.

2023-08-10

Deadline passed for Steadefi's bounty offer of 10% of stolen funds in exchange for the return of 90%. Offer was not accepted by the attacker.

2023-08-23

Steadefi published full exploit analysis and reimbursement plan. Recovery portal opened at steadefi.com/claim for proportional USDC distribution to affected wallets.

2023-09-01

Steadefi published relaunch and compensation plan, announcing security upgrades including multisig permissions, timelocks, and Hypernative real-time monitoring.

2023-10-01

On-chain analysis indicated attacker addresses began distributing funds through exchanges after alleged Tornado Cash mixing, per Merkle Science flow-of-funds analysis.

2023-12-01

Protocol relaunched as Steadefi v2 with SDY token (replacing STEADY), enhanced security architecture, and compensation tokenomics targeting affected users.

2024-01-01

Steadefi v3 vault migration announced, adding liquid restaking token (LRT) vault strategies and continued GMX v2 integration.