Venus Core Pool

2020-01-01

Venus Protocol launched on BNB Chain by the Swipe Wallet development team, forking Compound and MakerDAO

2021-05-01

XVS oracle manipulation attack; attacker pumps XVS price from ~$70 to ~$140, borrows ~2,000 BTC and ~5,700 ETH; protocol left with $95 million in bad debt

2022-05-01

Terra/LUNA collapse causes $14 million in bad debt on Venus due to stale Chainlink price feed with hard-coded $0.10 minimum for LUNA

2022-10-01

BNB Chain bridge exploiter deposits 900,000 BNB as collateral on Venus to borrow $150 million in stablecoins; BNB Chain governance intervenes to prevent destabilizing liquidation

2023-05-01

Code4rena audit of Venus Isolated Pools documents donation attack vector under finding M-10; Venus development team dismisses it as 'supported behavior with no negative side effects'

2025-02-01

Venus ZKSync deployment suffers donation-style exploit on wUSDM market; approximately $717,000 in net bad debt incurred; BNB Chain deployment left unpatched

2025-06-01

Alleged attacker begins nine-month accumulation of THE (Thena) tokens on Venus, funded via ~7,400 ETH from Tornado Cash; community members allegedly raise concerns; Venus declines to act

2025-09-02

Core Pool exploit: phishing attack tricks large protocol user into approving malicious transaction; approximately $27 million in vUSDT, vUSDC, and BTCB drained from Venus Core Pool

2025-09-03

Venus 'lightning vote' passes with 100% community support; forced liquidation of attacker assets recovers approximately $13.5 million; protocol fully restores services

2026-03-15

Donation attack on vTHE market: attacker donates 36+ million THE directly to vTHE contract, inflates exchange rate 3.81x, borrows ~$14.9 million in assets; THE price collapses; $2.15 million in bad debt remains

2026-03-19

XVS governance token falls approximately 9% following disclosure of bad debt; Venus pauses THE market and reduces collateral factors to zero on six additional markets