Verify a decision

{"actor":"system:backfill","investigation_id":"8388ccc1-df89-4f34-99e6-1bea24787247","kind":"publish","page_slug":"penpiexyz","published_at":"2026-06-01T17:48:38.686Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Penpie","sections":[{"content":"On September 3, 2024, Penpie suffered a reentrancy exploit resulting in the loss of approximately $27 million (11,113.6 ETH) in user funds. The attack was confirmed by on-chain security firms Cyvers and PeckShield within minutes of the first transaction. Three attack transactions were executed between approximately 6:25 PM and 6:42 PM UTC, with the first transaction alone siphoning roughly $15.7 million. The attacker's address was funded with 10 ETH — approximately $25,000 — via Tornado Cash prior to the attack, indicating premeditated preparation. PNP, Penpie's native token, fell approximately 40% on the day of the exploit, while Pendle's PENDLE token declined approximately 9% amid market spillover concerns.","heading":"September 2024 Exploit Overview","severity":"critical","sources":[{"credibility":2,"name":"Penpie exploited for $27 million in reentrancy attack — CryptoSlate","type":"news","url":"https://cryptoslate.com/penpie-exploited-for-27-million-in-reentrancy-attack/"},{"credibility":1,"name":"DeFi Protocol Penpie Exploited for $27M of Crypto Assets; PNP Token Craters — CoinDesk","type":"news","url":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40/"},{"credibility":2,"name":"Penpie - Rekt.news","type":"news","url":"https://rekt.news/penpie-rekt"}]},{"content":"The exploit combined two distinct weaknesses. First, Penpie's permissionless pool registration — introduced in May 2024 — allowed any user to register a new Pendle market with the protocol, provided that market existed on Pendle Finance's factory contract. The attacker deployed a malicious market contract that passed Penpie's validation checks because the PendleMarketRegisterHelper contract considered any market valid if created through Pendle's permissionless PendleMarketFactoryV3, regardless of the legitimacy of its underlying Standardized Yield (SY) token. Second, Penpie's batchHarvestMarketRewards function contained a reentrancy vulnerability: reward amounts were calculated based on the difference in a balanceOf() call before and after redeemRewards() executed, but no reentrancy guard was in place. During the redeemRewards() callback, the attacker's malicious SY contract re-entered PendleStaking.depositMarket(), depositing high-value LP tokens to mint inflated shares. Those LP tokens were then counted as rewards, allowing the attacker to drain amounts far exceeding any genuine deposit. The attacker used flash loans to supply the initial capital, converting proceeds to ETH via Li.fi before moving funds to a staging address.","heading":"Attack Mechanics: Fake Pendle Market and Reentrancy","severity":"critical","sources":[{"credibility":2,"name":"Explained: The Penpie Hack (September 2024) — Halborn","type":"news","url":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024"},{"credibility":2,"name":"Penpie Hack: Auditing the $27M Reentrancy Exploit — Three Sigma","type":"news","url":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis"},{"credibility":2,"name":"Zokyo: Penpie Post-Mortem Analysis of the $27M Reentrancy Exploit","type":"news","url":"https://zokyo.io/blog/penpie-postmortem-analysis-of-the-27m-reentrancy-exploit/"},{"credibility":1,"name":"2 auditors miss $27M Penpie flaw — CoinTelegraph Crypto-Sec","type":"news","url":"https://cointelegraph.com/magazine/pythia-finance-drained-53k-crypto-sec/"}]},{"content":"Penpie had engaged multiple auditors prior to the exploit. Zokyo conducted an early audit of the PendleStaking contract; at that time, pool registration was restricted to the protocol owner via a multisig, making the reentrancy path effectively unexploitable by external parties. Zokyo noted the batchHarvestMarketRewards function was only callable by a trusted owner, and did not flag the reentrancy as a critical risk under those access conditions. When Penpie introduced permissionless pool registration in May 2024 — roughly one year after the Zokyo audit — a separate firm, AstraSec, was engaged. However, AstraSec's scope was limited to the new registration contracts; the PendleStakingBaseUpg contract, which had not changed significantly on its surface, was excluded. The critical interaction between the permissive new registration logic and the existing reentrancy path in PendleStakingBaseUpg was therefore not reviewed by either auditor. CoinTelegraph's Crypto-Sec column noted that this split-audit approach — where incremental changes are audited in isolation — is a known industry risk, and that comprehensive re-audits of the full system are necessary when new surface area is exposed to untrusted input. The Penpie team itself later acknowledged that incremental audits must be accompanied by holistic reviews when new external-facing functionality is introduced.","heading":"Audit Failures and Security Gap","severity":"high","sources":[{"credibility":2,"name":"Zokyo: Penpie Post-Mortem Analysis of the $27M Reentrancy Exploit","type":"news","url":"https://zokyo.io/blog/penpie-postmortem-analysis-of-the-27m-reentrancy-exploit/"},{"credibility":1,"name":"2 auditors miss $27M Penpie flaw — CoinTelegraph Crypto-Sec","type":"news","url":"https://cointelegraph.com/magazine/pythia-finance-drained-53k-crypto-sec/"},{"credibility":2,"name":"The PenPie Hack: Understanding the September 2024 Reentrancy Exploit and the Role of Auditing in DeFi Security — AuditOne","type":"news","url":"https://www.auditone.io/blog-posts/the-penpie-hack-understanding-the-september-2024-reentrancy-exploit-and-the-role-of-auditing-in-defi-security"},{"credibility":1,"name":"Penpie Audit Reports — Official Docs","type":"official","url":"https://docs.penpiexyz.io/security/audit-reports"}]},{"content":"Pendle Finance was not directly exploited: the vulnerability existed in Penpie's own contracts, not in Pendle's core protocol. However, approximately $105 million in additional user funds held via Penpie's vePENDLE positions and other Pendle-adjacent pools were at risk of further drainage. Pendle's team coordinated with Penpie to pause relevant contracts within approximately three minutes of the final attack transaction, preventing further losses. Pendle's PENDLE token declined roughly 9% on the day amid market concern about systemic exposure. Pendle Finance also provided the attacker's VPN IP address — obtained from its own access logs — to Penpie for submission to Singapore law enforcement, according to reporting by The Record from Recorded Future News.","heading":"Pendle Finance Involvement and $105M Rescue","severity":"high","sources":[{"credibility":1,"name":"Pendle says it saved $105 million that could have been further drained amid Penpie hack — The Block","type":"news","url":"https://www.theblock.co/post/314616/pendle-says-it-saved-105-million-that-could-have-been-further-drained-amid-penpie-hack"},{"credibility":2,"name":"$105M Crypto Save: Pendle Prevents Further Losses From Hack — Bitcoinist","type":"news","url":"https://bitcoinist.com/105-million-crypto-save-defi-protocol-pendle-prevents-further-losses-from-penpies-exploit/"},{"credibility":1,"name":"Penpie DeFi platform files reports with FBI, Singapore police — The Record (Recorded Future News)","type":"news","url":"https://therecord.media/penpie-defi-protocol-ethereum-stolen"}]},{"content":"The attacker began laundering stolen funds within hours of the exploit. Within 12 hours, approximately $7 million (roughly 5,600 ETH) had been routed through Tornado Cash, as reported by CoinTelegraph and DeFi Planet. By September 6, the attacker transferred 7,262 ETH (approximately $17.4 million) to an intermediary address. Over the days following the attack, substantially all of the stolen funds — totaling approximately 11,261 ETH — were passed through Tornado Cash. The attacker declined Penpie's on-chain bounty offer and did not communicate any intention to return funds. Security firms PeckShield and Cyvers tracked the initial movements but noted that Tornado Cash's mixing mechanism makes tracing the final destination of funds substantially more difficult.","heading":"Fund Laundering via Tornado Cash","severity":"critical","sources":[{"credibility":2,"name":"Penpie Protocol Hacker Reportedly Laundered $7M Through Tornado Cash Within 12 Hours — DeFi Planet","type":"news","url":"https://defi-planet.com/2024/09/penpie-protocol-hacker-reportedly-laundered-7m-through-tornado-cash-within-12-hours-of-27m-theft/"},{"credibility":1,"name":"Penpie hacker launders 26% of $27M stolen funds in 12 hrs — CoinTelegraph","type":"news","url":"https://cointelegraph.com/news/penpie-protocol-hacker-launders-7m-tornado-cash"},{"credibility":2,"name":"Penpie Hacker Moves $27M Ether to Tornado Cash Barely a Week After Exploiting the DeFi Platform — DailyCoin","type":"news","url":"https://dailycoin.com/penpie-hacker-launders-last-batch-of-the-stolen-27m-ether"},{"credibility":2,"name":"Ignoring The Bounty, Penpie Hacker Launders $27 Million In Ether — Bitcoinist","type":"news","url":"https://bitcoinist.com/penpie-hacker-launders-27-million-in-ether/"}]},{"content":"Immediately following the attack, Penpie paused all protocol deposits and withdrawals. The team sent an on-chain message to the attacker acknowledging the exploit and requesting confidential contact to negotiate terms, promising no legal action if funds were returned and offering a negotiated bounty. On September 3, 2024, Penpie team members filed a report at the Kampong Java Neighbourhood Police Centre in Singapore. On September 4, 2024, Penpie also filed a complaint with the FBI's Internet Crime Complaint Center (IC3). The VPN IP address used in the attack — supplied by Pendle Finance from its own logs — was handed to a Singapore Technology Crime Senior Investigation Officer for forwarding to the VPN provider. No arrest or attribution has been publicly confirmed as of mid-2026.","heading":"Team Response and Law Enforcement","severity":"medium","sources":[{"credibility":1,"name":"Penpie DeFi platform files reports with FBI, Singapore police — The Record (Recorded Future News)","type":"news","url":"https://therecord.media/penpie-defi-protocol-ethereum-stolen"},{"credibility":1,"name":"Penpie Post-Mortem Report — Official Blog (Magpie / Penpie)","type":"official","url":"https://blog.penpiexyz.io/penpie-post-mortem-report-1ac9863b663a"}]},{"content":"On October 7, 2024, Magpie XYZ — the development team behind Penpie — published a compensation proposal for affected users. The plan introduced approximately 27 million Safu Recovery Tokens (SRT), each redeemable for $1 of value. Magpie committed to allocating 4% of its MGP governance token supply toward repayment: 1% from the team allocation and 3% from the treasury, with up to 30% of SRT holdings exchangeable for vote-locked MGP (vlMGP) at a rate of 10 vlMGP per SRT. Additionally, 20% of Penpie's vePENDLE revenue and 20% of Magpie's overall monthly protocol revenue were earmarked for open-market SRT buybacks. The proposal also outlined the creation of Safupie, a new sub-DAO functioning as a decentralized insurance fund that would accept premiums from Magpie's subDAOs and pay out compensation in the event of future exploits across the ecosystem. As of this writing, the Safupie mechanism and SRT distribution were subject to ongoing governance discussion.","heading":"Compensation Plan and Safupie Insurance Mechanism","severity":"medium","sources":[{"credibility":1,"name":"[PIP #15] Recovery Plan for Users Affected by Penpie Exploit — Magpie Governance Forum","type":"official","url":"https://gov.magpiexyz.io/t/pip-15-recovery-plan-for-users-affected-by-penpie-exploit/426"},{"credibility":1,"name":"Penpie Compensation Plan Draft 02 — Magpie Governance Forum","type":"official","url":"https://gov.magpiexyz.io/t/penpie-compensation-plan-draft-02/412"},{"credibility":2,"name":"Penpie Proposes Compensation Plan and Insurance Protocol After $27M Exploit — The Defiant","type":"news","url":"https://thedefiant.io/news/defi/penpie-proposes-compensation-plan-and-insurance-protocol-after-usd27m-exploit"}]},{"content":"Penpie is a subDAO and product line of Magpie XYZ, a multi-chain DeFi yield optimization platform. Penpie was designed to function as a vote-escrow booster for Pendle Finance, allowing users to earn enhanced yield on Pendle's principal and yield token markets by pooling vePENDLE voting power. Magpie XYZ is reported to be incorporated and operating from the UAE (Dubai) and Singapore, with the team filing incident reports at a Singapore neighbourhood police centre. The protocol's governance token is PNP; Magpie's ecosystem governance token is MGP. The team's identity is partially disclosed — Magpie's CEO is publicly identified as Ali Raheman in company directories — but day-to-day developer identities are not prominently disclosed in official documentation.","heading":"Protocol Background and Relationship to Magpie XYZ","severity":"low","sources":[{"credibility":1,"name":"Introduction — Penpie Official Docs","type":"official","url":"https://docs.penpiexyz.io/penpie-ecosystem/introduction"},{"credibility":1,"name":"Penpie protocol exploited, suffers $27M loss — CoinTelegraph","type":"news","url":"https://cointelegraph.com/news/penpie-protocol-exploited-suffers-27-million-loss"}]}],"sources_used":[{"name":"Explained: The Penpie Hack (September 2024) — Halborn","type":"news","url":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024"},{"name":"Penpie Hack: Auditing the $27M Reentrancy Exploit — Three Sigma","type":"news","url":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis"},{"name":"Zokyo: Penpie Post-Mortem Analysis of the $27M Reentrancy Exploit","type":"news","url":"https://zokyo.io/blog/penpie-postmortem-analysis-of-the-27m-reentrancy-exploit/"},{"name":"Penpie exploited for $27 million in reentrancy attack — CryptoSlate","type":"news","url":"https://cryptoslate.com/penpie-exploited-for-27-million-in-reentrancy-attack/"},{"name":"DeFi Protocol Penpie Exploited for $27M of Crypto Assets; PNP Token Craters — CoinDesk","type":"news","url":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40/"},{"name":"Penpie - Rekt.news","type":"news","url":"https://rekt.news/penpie-rekt"},{"name":"Penpie DeFi platform files reports with FBI, Singapore police — The Record (Recorded Future News)","type":"news","url":"https://therecord.media/penpie-defi-protocol-ethereum-stolen"},{"name":"Pendle says it saved $105 million that could have been further drained amid Penpie hack — The Block","type":"news","url":"https://www.theblock.co/post/314616/pendle-says-it-saved-105-million-that-could-have-been-further-drained-amid-penpie-hack"},{"name":"Penpie hacker launders 26% of $27M stolen funds in 12 hrs — CoinTelegraph","type":"news","url":"https://cointelegraph.com/news/penpie-protocol-hacker-launders-7m-tornado-cash"},{"name":"Penpie Protocol Hacker Reportedly Laundered $7M Through Tornado Cash Within 12 Hours — DeFi Planet","type":"news","url":"https://defi-planet.com/2024/09/penpie-protocol-hacker-reportedly-laundered-7m-through-tornado-cash-within-12-hours-of-27m-theft/"},{"name":"Penpie Hacker Moves $27M Ether to Tornado Cash — DailyCoin","type":"news","url":"https://dailycoin.com/penpie-hacker-launders-last-batch-of-the-stolen-27m-ether"},{"name":"Ignoring The Bounty, Penpie Hacker Launders $27 Million — Bitcoinist","type":"news","url":"https://bitcoinist.com/penpie-hacker-launders-27-million-in-ether/"},{"name":"[PIP #15] Recovery Plan for Users Affected by Penpie Exploit — Magpie Governance Forum","type":"official","url":"https://gov.magpiexyz.io/t/pip-15-recovery-plan-for-users-affected-by-penpie-exploit/426"},{"name":"Penpie Compensation Plan Draft 02 — Magpie Governance Forum","type":"official","url":"https://gov.magpiexyz.io/t/penpie-compensation-plan-draft-02/412"},{"name":"2 auditors miss $27M Penpie flaw — CoinTelegraph Crypto-Sec","type":"news","url":"https://cointelegraph.com/magazine/pythia-finance-drained-53k-crypto-sec/"},{"name":"The PenPie Hack: Understanding the September 2024 Reentrancy Exploit — AuditOne","type":"news","url":"https://www.auditone.io/blog-posts/the-penpie-hack-understanding-the-september-2024-reentrancy-exploit-and-the-role-of-auditing-in-defi-security"},{"name":"Penpie Audit Reports — Official Docs","type":"official","url":"https://docs.penpiexyz.io/security/audit-reports"},{"name":"Penpie Post-Mortem Report — Official Blog (Magpie / Penpie)","type":"official","url":"https://blog.penpiexyz.io/penpie-post-mortem-report-1ac9863b663a"},{"name":"Penpie protocol exploited, suffers $27M loss — CoinTelegraph","type":"news","url":"https://cointelegraph.com/news/penpie-protocol-exploited-suffers-27-million-loss"},{"name":"$105M Crypto Save: Pendle Prevents Further Losses From Hack — Bitcoinist","type":"news","url":"https://bitcoinist.com/105-million-crypto-save-defi-protocol-pendle-prevents-further-losses-from-penpies-exploit/"},{"name":"Introduction — Penpie Official Docs","type":"official","url":"https://docs.penpiexyz.io/penpie-ecosystem/introduction"}],"summary":"Penpie is a yield optimizer and vote-escrowed liquidity layer built on top of Pendle Finance, developed by the Magpie XYZ team. On September 3, 2024, the protocol was exploited for approximately $27 million through a reentrancy vulnerability in its batch reward harvesting function, compounded by a permissionlessly registered fake Pendle market. The attacker laundered substantially all stolen funds through Tornado Cash within days, rejecting a negotiated bounty offer from the Penpie team.","timeline":[{"date":"2023-01-01","event":"Zokyo completes security audit of PendleStaking contract. At this time, pool registration is owner-only, limiting the exploitability of the reentrancy path.","source":"Zokyo Post-Mortem Analysis","source_url":"https://zokyo.io/blog/penpie-postmortem-analysis-of-the-27m-reentrancy-exploit/"},{"date":"2024-05-01","event":"Penpie introduces permissionless pool registration, allowing any user to register a Pendle market with the protocol. AstraSec audits the new registration contracts in isolation; the PendleStakingBaseUpg contract is excluded from scope.","source":"CoinTelegraph Crypto-Sec; Zokyo Post-Mortem","source_url":"https://cointelegraph.com/magazine/pythia-finance-drained-53k-crypto-sec/"},{"date":"2024-09-03","event":"Attacker funds exploit address with 10 ETH via Tornado Cash. Three exploit transactions execute between approximately 6:25 PM and 6:42 PM UTC. Approximately $27 million (11,113.6 ETH) is drained via reentrancy on batchHarvestMarketRewards using a fake Pendle market. Penpie and Pendle pause contracts within minutes. PNP token falls ~40%; PENDLE falls ~9%.","source":"CoinDesk; Rekt.news; The Record","source_url":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40/"},{"date":"2024-09-03","event":"Penpie team files police report at Kampong Java Neighbourhood Police Centre in Singapore. Team sends on-chain message to attacker offering negotiated bounty and promising no legal action if funds are returned.","source":"The Record (Recorded Future News)","source_url":"https://therecord.media/penpie-defi-protocol-ethereum-stolen"},{"date":"2024-09-04","event":"Penpie files complaint with the FBI's Internet Crime Complaint Center (IC3). VPN IP address from attack is submitted to Singapore Technology Crime investigator.","source":"The Record (Recorded Future News)","source_url":"https://therecord.media/penpie-defi-protocol-ethereum-stolen"},{"date":"2024-09-04","event":"Within 12 hours of the attack, the attacker launders approximately $7 million (5,600 ETH) through Tornado Cash, representing roughly 26% of stolen funds.","source":"CoinTelegraph; DeFi Planet","source_url":"https://cointelegraph.com/news/penpie-protocol-hacker-launders-7m-tornado-cash"},{"date":"2024-09-06","event":"Attacker transfers 7,262 ETH (~$17.4 million) to an intermediary address and continues routing funds through Tornado Cash.","source":"Bitcoinist; DailyCoin","source_url":"https://bitcoinist.com/penpie-hacker-launders-27-million-in-ether/"},{"date":"2024-09-10","event":"Attacker completes laundering of substantially all stolen funds — approximately 11,261 ETH — through Tornado Cash. Bounty offer is effectively rejected.","source":"DailyCoin","source_url":"https://dailycoin.com/penpie-hacker-launders-last-batch-of-the-stolen-27m-ether"},{"date":"2024-10-07","event":"Magpie XYZ publishes PIP #15, the formal recovery plan for affected users, introducing Safu Recovery Tokens (SRT) and the Safupie insurance sub-DAO.","source":"Magpie Governance Forum; The Defiant","source_url":"https://gov.magpiexyz.io/t/pip-15-recovery-plan-for-users-affected-by-penpie-exploit/426"}]},"v":1}