Skip to main content
Sign in

Tinyman

avoid.net/tinyman52/100·82% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·66NfCw…gY4p

Summary

Tinyman is an automated market maker (AMM) and decentralized exchange (DEX) built on the Algorand blockchain, launched on mainnet in October 2021. On January 1, 2022, attackers exploited a logic flaw in the protocol's pool-token burn function to drain approximately $3 million in wrapped Bitcoin and Ethereum assets across 43 pools. Tinyman subsequently patched the contracts, launched a compensation program covering all affected liquidity providers, and released a fully re-audited v2.0 protocol in early 2023.

Connected Entities

1 entities · 10 linked investigations
Organizations
Tinyman
Relationships
    Also appears in
    Gamma Strategies·28BitGrail·2Thorchain DEX·14Origin Protocol·38Matcha Meta·28CATFI Memecoin / Eth Father (Park)·0Florence Finance·28Pincoin·2Zabu Finance·18Kevin Rose·62
    Have evidence about Tinyman?

    Timeline(10 events)

    2021-08-01

    Tinyman launches on Algorand testnet

    CoinDesk

    2021-09-21

    Runtime Verification completes initial audit of Tinyman v1 smart contracts

    Tinyman Medium

    2021-10-07

    Tinyman launches on Algorand mainnet; raises $2.5M from investors including Borderless Capital, DCG, and BlockTower

    CoinDesk

    2022-01-01

    Exploit begins at 19:03 UTC; primary attacker executes 16 transactions exploiting burn function logic flaw, stealing approximately $1.8M in goBTC and goETH

    Tinyman Technical Report 1

    2022-01-02

    Tinyman publishes official incident announcement; warns all liquidity providers to withdraw funds; disables liquidity routes on web app; contacts law enforcement

    Tinyman Medium

    2022-01-02

    Total attack scope confirmed: 13 unique attacker addresses, 43 pools drained, 360 malicious transactions, approximately $3M total losses including arbitrage

    Tinyman Technical Report 1

    2022-01-19

    Tinyman v1.1 relaunches on mainnet with patched contracts; two audit firms reviewed the updated contracts; bug bounty program extended

    coin.fyi / Tinyman

    2022-03-24

    Tinyman begins distributing compensation payments to affected liquidity providers; program covers stolen amounts, stuck LP tokens, and arbitraged losses

    Tinyman Compensation Program Medium

    2022-11-30

    Tinyman announces v2.0 at Algorand Decipher event in Dubai, featuring Tealish-written contracts, multi-level audit, and Immunefi bug bounty up to $250,000

    PR Newswire

    2023-01-01

    Tinyman v2.0 mainnet launch (approximate); audited by Runtime Verification at specification, Tealish, and TEAL bytecode levels

    Runtime Verification blog
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-5

    generated: 5/30/2026, 1:00:19 PM

    last updated: 5/30/2026, 1:00:23 PM

    avoid.net — verified advice for a post-truth world