Verify a decision

{"actor":"system:backfill","investigation_id":"d40476b9-899f-41d7-b73b-db790f510920","kind":"publish","page_slug":"midas-capital","published_at":"2026-05-29T17:23:40.216Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Midas Capital","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/midas-capital/introducing-midas-capital-bb6ce3a256a3","type":"other","url":""},{"credibility":3,"name":"https://medium.com/midas-capital/tech-update-open-source-monorepo-and-building-new-primitives-for-defi-1a1ca21cf9ae","type":"other","url":""},{"credibility":3,"name":"https://github.com/Midas-Protocol","type":"other","url":""},{"credibility":3,"name":"https://talk.harmony.one/t/midas-capital-permissionless-lending-borrowing-platform-infrastructure-for-daos-treasuries-individuals/11297","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/midas-capital-rekt","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/how-was-midas-capital-exploited-f9d90926eaf2","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/midas-capital-releases-660000-exploit-post-mortem-defi-attacks-carry-into-2023/","type":"other","url":""},{"credibility":3,"name":"https://x.com/peckshield/status/1614774855999844352","type":"other","url":""},{"credibility":3,"name":"https://quillaudits.substack.com/p/midas-capital-has-suffered-a-loss","type":"other","url":""},{"credibility":3,"name":"https://www.quadrigainitiative.com/hackfraudscam/midascapitalvirtualpricereentrancy.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/midas-capital/midas-exploit-post-mortem-1ae266222994","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/midas-capital-pool-exploited/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-midas-capital-exploit-759721f031f8","type":"other","url":""},{"credibility":3,"name":"https://medium.com/kalos/midas-capital-hack-analysis-6fc9f4a48c92","type":"other","url":""},{"credibility":3,"name":"https://www.olympix.ai/blog/midas-capital-lost-600k-due-to-rounding-issue","type":"other","url":""},{"credibility":3,"name":"https://blocksec.com/blog/6-hundred-finance-incident-catalyzing-the-wave-of-precision-related-exploits-in-vulnerable-forked-protocols","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://rekt.news/midas-capital-rekt","type":"other","url":""},{"credibility":3,"name":"https://medium.com/midas-capital/midas-exploit-post-mortem-1ae266222994","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/midas-capital-releases-660000-exploit-post-mortem-defi-attacks-carry-into-2023/","type":"other","url":""},{"credibility":3,"name":"https://blocksec.com/blog/6-hundred-finance-incident-catalyzing-the-wave-of-precision-related-exploits-in-vulnerable-forked-protocols","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/midas-capital/introducing-midas-capital-bb6ce3a256a3","type":"other","url":""},{"credibility":3,"name":"https://medium.com/midas-capital/future-of-midas-capital-337442511b93","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/tribe-dao-votes-in-favor-of-repaying-victims-of-80m-rari-hack","type":"other","url":""},{"credibility":3,"name":"https://coinjournal.net/news/tribe-dao-finally-votes-to-reimburse-rari-hack-victims/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://beincrypto.com/midas-capital-pool-exploited/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-midas-capital-exploit-759721f031f8","type":"other","url":""},{"credibility":3,"name":"https://www.olympix.ai/blog/midas-capital-lost-600k-due-to-rounding-issue","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/midas-capital/midas-exploit-post-mortem-1ae266222994","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/midas-capital-pool-exploited/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@midascapital/moving-forward-jarvis-polygon-pool-exploit-a532074103f6","type":"other","url":""},{"credibility":3,"name":"https://cryptopanic.com/news/17402093/Midas-Capital-Releases-660000-Exploit-Post-Mortem-DeFi-Attacks-Carry-Into-2023","type":"other","url":""}]}],"sources_used":[],"summary":"Midas Capital is a multichain DeFi isolated lending protocol that forked its codebase from Rari Capital's Fuse implementation. The protocol suffered two separate security exploits in 2023 totaling approximately $1.26 million in losses, with both incidents attributed to known smart contract vulnerabilities that had previously affected other Compound V2 forks. ZachXBT flagged the protocol, and the second exploit resulted in laundered funds routed through Tornado Cash.","timeline":[{"date":"2021-10-01","event":"Midas Capital conceptualized at LisCon 2021 as a multichain deployment of Rari Capital's Fuse isolated lending protocol.","source":""},{"date":"2022-01-01","event":"Midas Capital launched, offering Tribe DAO a 25% token allocation; proposal passed with 94% governance support.","source":""},{"date":"2022-04-01","event":"Parent ecosystem Rari Capital's Fuse pools exploited for approximately $80 million; Tribe DAO destabilized.","source":""},{"date":"2022-08-01","event":"Tribe DAO votes to wind down operations. Midas Capital continues independently.","source":""},{"date":"2022-10-01","event":"Read-only reentrancy vulnerability in Curve LP tokens exploited against market.xyz for $220,000 — a known precursor to the January 2023 Midas Capital attack.","source":""},{"date":"2023-01-15","event":"Jarvis Polygon pool exploited via read-only reentrancy on WMATIC-stMATIC Curve LP token collateral. Approximately $660,000 in jCHF, jEUR, jGBP, and agEUR stolen and swapped to MATIC. Jarvis Network covers ~$350,000 shortfall.","source":""},{"date":"2023-01-17","event":"Midas Capital publishes post-mortem on January exploit; attempts to contact attacker regarding bounty; no funds recovered.","source":""},{"date":"2023-04-01","event":"Hundred Finance exploited for approximately $7 million using the same Compound V2 rounding/inflation attack pattern that would later strike Midas Capital.","source":""},{"date":"2023-06-17","event":"BNB Chain Ankr-Helio isolated pool exploited via exchange rate inflation attack (rounding vulnerability in Compound V2 fork). Approximately $340,000 drained per team post-mortem; PeckShield reports over $600,000 total. 510+ BNB laundered through Tornado Cash.","source":""},{"date":"2023-06-18","event":"Midas Capital pauses all pools, contacts authorities, and announces pivot toward permissioned protocol design.","source":""},{"date":"2023-06-20","event":"Midas Capital publishes post-mortem on June exploit detailing rounding vulnerability and incomplete fix inherited from Compound V2 / Hundred Finance patch lineage.","source":""}]},"v":1}