Skip to main content
Sign in

ThalaSwap

avoid.net/thalaswap42/100·100% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:defillama]
anchored·25TqEL…qDHf

Summary

ThalaSwap is the decentralized exchange component of Thala Labs, an Aptos-based DeFi protocol offering an AMM, the Move Dollar (MOD) overcollateralized stablecoin, liquid staking, and a launchpad. On November 15, 2024, an input-validation bug introduced in a two-line patch to the v1 farming contract allowed an attacker to drain $25.5 million in liquidity pool tokens; funds were fully recovered within hours after SEAL 911 identified the exploiter via on-chain evidence and the attacker returned assets in exchange for a $300,000 bounty.

Connected Entities

1 entities
Protocols
ThalaSwap
Relationships
    Have evidence about ThalaSwap?

    Timeline(9 events)

    2022-10-25

    Thala Labs raises $6 million seed round co-led by ParaFi Capital, White Star Capital, and Shima Capital

    2023-04-06

    Thala protocol launches on Aptos mainnet; reaches $10M TVL within days

    2024-11-01

    Two-line patch deployed to v1 farming contract, introducing the unstake_max input-validation bug that bypassed standard security review

    2024-11-15

    Exploit begins at 4:46 AM PST from address 0xf7…; second larger drain completed at 7:10 AM PST from address 0x80…; total $25.5M in LP tokens stolen

    2024-11-15

    TVL alerts trigger at 5:12 AM PST; vulnerability identified by 7:30 AM PST; all relevant contracts paused; $11.5M in Thala assets frozen

    2024-11-15

    SEAL 911 and Ogle identify attacker via on-chain evidence within minutes; on-chain message sent to attacker at 9:34 AM PST

    2024-11-15

    Attacker agrees to return all funds by 10:13 AM PST in exchange for $300,000 protocol bounty and $40,000 personal payment; full recovery confirmed by 11:13 AM PST

    2024-11-16

    Thala Labs publishes post-mortem on Medium detailing root cause, timeline, and remediation steps including OtterSec re-audit and withdrawal rate limits

    2025-01-01

    ThalaSwap V3 (CLMM concentrated liquidity) becomes primary liquidity venue; protocol remains operational with $2.23M TVL as of mid-2026

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:defillama

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 5/4/2026, 2:54:27 AM

    last updated: 5/20/2026, 3:37:11 AM

    avoid.net — verified advice for a post-truth world