Verify a decision

{"actor":"system:backfill","investigation_id":"d46de3f5-5b77-4b7f-bab5-692907d54b7d","kind":"publish","page_slug":"cork-v1","published_at":"2026-05-20T03:37:12.572Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Cork V1","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.cork.tech/blog/beta"},{"credibility":3,"name":"","type":"other","url":"https://chainwire.org/2026/01/21/cork-raises-5-5m-backed-by-road-capital-a16z-csx-and-strategic-investors-to-build-tokenized-risk-infrastructure/"},{"credibility":3,"name":"","type":"other","url":"https://www.coinspeaker.com/cork-protocol-raises-5-5m-decentralized-risk-layer/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://docs.cork.tech/core-concepts/collateral-asset"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-cork-protocol-hack-may-2025"},{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/exploit-analysis-cork-protocol-attacked-over-10-million-lost-75de9f229307"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://rekt.news/cork-protocol-rekt"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-cork-protocol-hack-may-2025"},{"credibility":3,"name":"","type":"other","url":"https://protos.com/sherlock-missed-it-cork-hacker-slams-audit-firms-in-on-chain-messages/"},{"credibility":3,"name":"","type":"other","url":"https://www.quillaudits.com/blog/hack-analysis/cork-protocol-hack-explained"},{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/exploit-analysis-cork-protocol-attacked-over-10-million-lost-75de9f229307"},{"credibility":3,"name":"","type":"other","url":"https://www.certik.com/resources/blog/cork-protocol-incident-analysis"},{"credibility":3,"name":"","type":"other","url":"https://dedaub.com/blog/the-11m-cork-protocol-hack-a-critical-lesson-in-uniswap-v4-hook-security/"},{"credibility":3,"name":"","type":"other","url":"https://cantina.xyz/bounties/7e55cc61-e96c-4bda-a324-25b44d45e171"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.crunchbase.com/organization/cork-protocol"},{"credibility":3,"name":"","type":"other","url":"https://www.crunchbase.com/person/phil-fogel-b52c"},{"credibility":3,"name":"","type":"other","url":"https://www.crunchbase.com/person/anna-stone"},{"credibility":3,"name":"","type":"other","url":"https://chainwire.org/2026/01/21/cork-raises-5-5m-backed-by-road-capital-a16z-csx-and-strategic-investors-to-build-tokenized-risk-infrastructure/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/business/2025/05/28/a16z-backed-cork-protocol-suffers-usd12m-smart-contract-exploit"},{"credibility":3,"name":"","type":"other","url":"https://www.web3isgoinggreat.com/?id=cork-protocol-hack"},{"credibility":3,"name":"","type":"other","url":"https://protos.com/cork-hacker-sends-eth-to-tornado-cash-donates-to-roman-storms-fund/"},{"credibility":3,"name":"","type":"other","url":"https://www.bitget.com/news/detail/12560604835357"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/cork-protocol-hacked-contracts-paused"}]}],"sources_used":[],"summary":"Cork V1 is a DeFi depeg protection protocol built on Ethereum that launched its public beta on March 4, 2025 and was exploited for approximately $12 million on May 28, 2025, less than three months after launch. The exploit resulted from a lack of input validation in the CorkHook smart contract and permissionless market creation logic, a vulnerability that slipped past four separate security audits from Quantstamp, Cantina, Sherlock, and Runtime Verification — three of which explicitly excluded the vulnerable contract from scope. All protocol functions were paused following the incident, stolen funds were laundered through Tornado Cash, and no user compensation plan has been publicly confirmed.","timeline":[{"date":"2023-01-01","event":"Cork Protocol founded by Phil Fogel, Robert Schmitt, Anna Stone, and David Stancel.","source":""},{"date":"2024-09-10","event":"Cork Protocol joins a16z Crypto's Fall 2024 accelerator cohort and secures initial funding.","source":""},{"date":"2025-01-08","event":"Cork Protocol launches Phoenix, described as one of the first risk management solutions operating as a decentralized layer on Ethereum.","source":""},{"date":"2025-03-04","event":"Cork V1 public beta goes live on Ethereum Mainnet with launch partners Lido Finance, EtherFi, Ethena, and Sky.","source":""},{"date":"2025-05-28","event":"Cork Protocol exploited for approximately $12 million (3,761.878 wstETH) via a flawed CorkHook access control and permissionless fake market creation. All contracts paused. Attacker wallet: 0xea6f30e360192bae715599e15e2f765b49e4da98.","source":""},{"date":"2025-05-29","event":"Multiple security firms (SlowMist, QuillAudits, Halborn, CertiK, Dedaub) publish exploit analysis reports. Post-mortem published by Cork team.","source":""},{"date":"2025-06-25","event":"Cork exploiter resurfaces and launders approximately 4,520 ETH (~$11 million) through Tornado Cash. Also donates 10 ETH to Roman Storm's legal defense fund. Sends on-chain messages criticizing audit firms, stating 'Sherlock missed it.'","source":""},{"date":"2026-01-21","event":"Cork raises $5.5M seed round led by a16z CSX and Road Capital to continue building tokenized risk infrastructure.","source":""}]},"v":1}