Verify a decision

{"actor":"system:backfill","investigation_id":"43bf3752-0fb6-4f41-89f8-0024428087f8","kind":"publish","page_slug":"pendle","published_at":"2026-05-19T16:20:49.649Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Pendle","sections":[{"content":"Pendle Finance is a permissionless yield-trading protocol deployed on Ethereum and Arbitrum. It was first conceptualized under the name Benchmark in November 2020 and launched on Ethereum mainnet on June 16, 2021. The protocol was co-founded by TN Lee (CEO, formerly Business Development at Kyber Network), Vu Nguyen (formerly CTO at Digix DAO), and two pseudonymous engineers known as GT and YK. Pendle enables users to wrap yield-bearing assets into Standardized Yield (SY) tokens, which are then split into Principal Tokens (PT) — representing the face value at maturity — and Yield Tokens (YT) — representing the future yield stream. This allows users to lock in fixed yields, speculate on rate movements, or sell future yield for upfront capital. By mid-2024, Pendle's total value locked (TVL) had reached approximately $5.78 billion, growing over 2,350% since the start of that year.","heading":"Protocol Overview","severity":"low","sources":[{"credibility":2,"name":"Pendle Protocol Background — OAK Research","type":"research","url":"https://oakresearch.io/en/reports/protocols/pendle-pendle-comprehensive-overview-leading-platform-on-chain-yield"},{"credibility":1,"name":"DeFi Platform Pendle Nears $1B in Total Value Locked — CoinDesk","type":"news_article","url":"https://www.coindesk.com/markets/2024/02/09/defi-platform-pendle-nears-1b-in-total-value-locked"},{"credibility":2,"name":"Pendle TVL All-Time High $5.78B — Unchained","type":"news_article","url":"https://unchainedcrypto.com/defi-protocol-pendle-reaches-all-time-high-as-total-value-locked-tops-5-78-billion/"}]},{"content":"Penpie is a separate, independent DeFi protocol that was built on top of Pendle Finance. Its purpose was to maximize PENDLE staking yields by locking PENDLE tokens for governance rights and enhanced revenue benefits. Penpie is developed by the Magpie ecosystem team and is not affiliated with or controlled by the Pendle core team. However, Penpie's smart contracts interact directly with Pendle's market infrastructure, including Pendle's permissionlessly created markets and SY token system. In May 2024, Penpie introduced a permissionless pool registration feature, allowing any user to register Pendle Markets into the Penpie system — provided those markets were already listed on Pendle Finance. This architectural change expanded the attack surface and ultimately enabled the September 2024 exploit.","heading":"Penpie Protocol and Its Relationship to Pendle","severity":"medium","sources":[{"credibility":2,"name":"Penpie Hack: Auditing the $27M Reentrancy Exploit — Three Sigma","type":"research","url":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis"},{"credibility":2,"name":"Explained: The Penpie Hack (September 2024) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024"}]},{"content":"On September 3, 2024, beginning at approximately 6:23 PM UTC, the Penpie protocol was exploited for approximately $27 million through a reentrancy vulnerability in its PendleStakingBaseUpg::batchHarvestMarketRewards() function. The attack unfolded in six phases: (1) The attacker deployed a fraudulent Pendle Market, using a malicious SY token contract that doubled as the attack vector. (2) The attacker secured flash loans from Balancer in agETH, rswETH, egETH, and wstETH and deposited these into the fraudulent SY contract. (3) The attacker called batchHarvestMarketRewards() with the malicious market as an argument, exploiting the absence of a nonReentrant modifier on this function — a modifier that was present on the depositMarket() function but not on batchHarvestMarketRewards(). (4) During the reentrant call, PendleMarket::redeemRewards() was triggered, depositing the flash-loaned tokens into legitimate markets via depositMarket(), causing the contract to incorrectly interpret this balance increase as redeemed rewards rather than deposited funds. (5) The inflated reward amounts were then sent to the RewardDistributor and attributed to the malicious market's sole depositor — the attacker. (6) The attacker withdrew from legitimate markets, converted tokens back, repaid the flash loans, and retained the profit. The stolen assets included wstETH, sUSDe, agETH, rswETH, and Pendle-related YT tokens. Three attack transactions were executed between 6:25 PM and 6:42 PM UTC, with the first transaction alone draining approximately $15.7 million. On-chain attacker addresses identified include 0x7a2f4d625fb21f5e51562ce8dc2e722e12a61d1b and 0xc0Eb7e6E2b94aA43BDD0c60E645fe915d5c6eb84 on Ethereum, and 0x4BC9815b859c8172CEe1ab2CD372fD0Eb00eb487 on Arbitrum. The fraudulent market was deployed at 0x0ab305033592E16dB7D8e77d613F8d172a76ddc9.","heading":"The Penpie Reentrancy Exploit (September 2024)","severity":"critical","sources":[{"credibility":2,"name":"Penpie Hack: Auditing the $27M Reentrancy Exploit — Three Sigma","type":"research","url":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis"},{"credibility":2,"name":"Explained: The Penpie Hack (September 2024) — Halborn","type":"research","url":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024"},{"credibility":2,"name":"Penpie — Rekt News","type":"news_article","url":"https://rekt.news/penpie-rekt"},{"credibility":2,"name":"$27M Stolen in Penpie DeFi Hack — Cybercory","type":"news_article","url":"https://cybercory.com/2024/09/06/27m-stolen-in-penpie-defi-hack-a-detailed-breakdown-of-the-attack-and-lessons-learned/"},{"credibility":2,"name":"Decoding Penpie Protocol's $27M Exploit — QuillAudits","type":"research","url":"https://www.quillaudits.com/blog/hack-analysis/penpie-protocol-exploit"}]},{"content":"At the time of the exploit, Penpie's contracts had been audited by three separate firms, but the critical reentrancy vulnerability remained undetected by all of them. When Penpie launched in June 2023, its contracts were audited by Zokyo and WatchPug. Neither audit flagged missing reentrancy protection on the batchHarvestMarketRewards() function, likely because at launch only the Penpie team's multisig could register new Pendle Markets, limiting the practical risk from malicious market contracts. When Penpie introduced permissionless pool registration in May 2024, AstraSec audited only the new registration contracts — since PendleStakingBaseUpg had not been significantly altered since the prior audits, it was excluded from AstraSec's scope. The vulnerability thus fell into a gap between audit scopes: the interaction between a newly permissionless registration system and an existing function that lacked reentrancy protection was never jointly reviewed. Cointelegraph reported that two auditors missed the $27M flaw. This represents a systemic failure in incremental audit practice: changes to access controls that expand who can interact with a function should trigger re-evaluation of all functions those actors can reach.","heading":"Audit Failures and Missed Vulnerability","severity":"high","sources":[{"credibility":1,"name":"2 Auditors Miss $27M Penpie Flaw — Cointelegraph","type":"news_article","url":"https://cointelegraph.com/magazine/pythia-finance-drained-53k-crypto-sec/"},{"credibility":2,"name":"The PenPie Hack: Reentrancy Exploit and the Role of Auditing — AuditOne","type":"research","url":"https://www.auditone.io/blog-posts/the-penpie-hack-understanding-the-september-2024-reentrancy-exploit-and-the-role-of-auditing-in-defi-security"},{"credibility":2,"name":"Penpie Hack: Auditing the $27M Reentrancy Exploit — Three Sigma","type":"research","url":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis"},{"credibility":2,"name":"Penpie Post-Mortem Analysis — Zokyo","type":"research","url":"https://zokyo.io/blog/penpie-postmortem-analysis-of-the-27m-reentrancy-exploit/"}]},{"content":"The exploit did not directly compromise Pendle's core contracts; the vulnerability resided entirely within Penpie's staking infrastructure. However, Pendle's permissionless market creation design — which allows anyone to deploy a Pendle Market — was a prerequisite for the attack, as the attacker leveraged this feature to create the fraudulent market used in the exploit. Upon detecting the breach, the Pendle team promptly paused its own contracts, which security researchers credit with protecting an additional approximately $105 million that remained at risk within Penpie. PNP (Penpie's governance token) fell approximately 40% following the incident, while PENDLE itself declined approximately 9%. Pendle posted a public statement acknowledging the breach and its coordinated response. Pendle's own protocol has been audited separately by Ackee, Dedaub, Dingbats, and top wardens from Code4rena, and those audits are distinct from the Penpie security reviews.","heading":"Pendle's Exposure and Response","severity":"medium","sources":[{"credibility":2,"name":"Pendle Post Mortem Statement — Pendle on X","type":"social_media","url":"https://x.com/pendle_fi/status/1831168623634993402"},{"credibility":2,"name":"DeFi Platform Pendle Claims to Have Saved $105M After $27M Penpie Hack — CoinMarketCap","type":"news_article","url":"https://coinmarketcap.com/academy/article/defi-platform-pendle-claims-to-have-saved-dollar105-million-after-dollar27-million-penpie-hack"},{"credibility":2,"name":"$105M Crypto Save: Pendle Prevents Further Losses — Bitcoinist","type":"news_article","url":"https://bitcoinist.com/105-million-crypto-save-defi-protocol-pendle-prevents-further-losses-from-penpies-exploit/"},{"credibility":2,"name":"Security Documentation — Pendle Docs","type":"official","url":"https://docs.pendle.finance/pendle-v2/Security"}]},{"content":"Following the exploit, Penpie extended a public bounty offer to the attacker, pledging no legal action and confidentiality in exchange for the return of funds. The attacker did not respond and rejected the offer. Within 12 hours of the theft, approximately $7 million of the stolen funds had been routed through Tornado Cash. Within approximately four days of the attack, the attacker had laundered the entirety of the stolen ETH: on-chain data confirmed that 11,261.2 ETH — worth approximately $26.72 million — had been moved through Tornado Cash in batches of 100 ETH from multiple accounts. Blockchain security firm PeckShield tracked and confirmed these movements. Security organizations including Hypernative, Slowmist, Chainalysis, and zeroShadow were engaged in demixing and tracking efforts. No funds were recovered and no attacker identity was publicly confirmed.","heading":"Fund Laundering via Tornado Cash","severity":"critical","sources":[{"credibility":2,"name":"Penpie Protocol Hacker Laundered $7M Through Tornado Cash Within 12 Hours — DeFi Planet","type":"news_article","url":"https://defi-planet.com/2024/09/penpie-protocol-hacker-reportedly-laundered-7m-through-tornado-cash-within-12-hours-of-27m-theft/"},{"credibility":2,"name":"Penpie Hacker Moves $27M Ether to Tornado Cash Barely a Week After Exploit — DailyCoin","type":"news_article","url":"https://dailycoin.com/penpie-hacker-launders-last-batch-of-the-stolen-27m-ether"},{"credibility":2,"name":"Ignoring The Bounty, Penpie Hacker Launders $27 Million In Ether — Bitcoinist","type":"news_article","url":"https://bitcoinist.com/penpie-hacker-launders-27-million-in-ether/"},{"credibility":2,"name":"Penpie Bounty Offer — Penpie on X","type":"social_media","url":"https://x.com/Penpiexyz_io/status/1831157212963598555"}]},{"content":"The Penpie incident illustrates a systemic category of risk in DeFi: protocols that build on top of permissionless infrastructure inherit the design choices and constraints of that infrastructure, potentially creating attack surfaces that neither base-layer nor overlay-layer security reviews fully address. The Penpie exploit ranked among the ten worst crypto exploits of 2024 according to The Block. The total value of crypto stolen in 2024 exceeded $1.2 billion, with the Penpie incident contributing approximately 2.2% of that figure. The exploit also highlights that permissionless market registration — a feature that increases composability and decentralization — can significantly expand attack surface if not paired with appropriate input validation and reentrancy protection across all interacting functions.","heading":"Broader Context: Third-Party Protocol Risk","severity":"high","sources":[{"credibility":1,"name":"The 10 Worst Crypto Hacks and Exploits of 2024 — The Block","type":"news_article","url":"https://www.theblock.co/post/331626/crypto-hacks-exploits-2024"},{"credibility":2,"name":"Penpie DeFi Hack: $27M Stolen, $1.2B Crypto Thefts In 2024 — The Cyber Express","type":"news_article","url":"https://thecyberexpress.com/penpie-defi-hack-crypto-theft-2024/"},{"credibility":2,"name":"Penpie Exploit Case Study: Mutation Testing — Olympix","type":"research","url":"https://www.olympix.ai/blog/penpie-exploit-case-study-leveraging-mutation-testing-to-prevent-smart-contract-vulnerabilities"}]}],"sources_used":[],"summary":"Pendle is a permissionless yield-trading protocol on Ethereum, launched in 2021 by TN Lee and Vu Nguyen, that allows users to separate and trade the principal and yield components of yield-bearing assets. In September 2024, Penpie — an independent yield optimizer built on top of Pendle — suffered a $27 million reentrancy exploit that was made possible in part by Pendle's permissionless market creation design. Although Pendle's own contracts were not directly exploited, the protocol's architecture contributed to the attack surface, and all 11,261 ETH in stolen funds were subsequently laundered through Tornado Cash.","timeline":[{"date":"2020-11-01","event":"Pendle protocol first introduced under the name Benchmark as an on-chain yield aggregator enabling separation and trading of future yield.","source":"OAK Research / PANews","source_url":"https://oakresearch.io/en/reports/protocols/pendle-pendle-comprehensive-overview-leading-platform-on-chain-yield"},{"date":"2021-06-16","event":"Pendle Finance launches on Ethereum mainnet, enabling users to mint YT and PT tokens for yield-bearing assets.","source":"OAK Research","source_url":"https://oakresearch.io/en/reports/protocols/pendle-pendle-comprehensive-overview-leading-platform-on-chain-yield"},{"date":"2023-06-01","event":"Penpie launches as a yield optimizer built on Pendle. Contracts audited by Zokyo and WatchPug before launch. At this stage, only the Penpie team multisig can register new Pendle Markets.","source":"Three Sigma / AuditOne","source_url":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis"},{"date":"2024-05-01","event":"Penpie introduces permissionless pool registration, allowing any user to register Pendle Markets. AstraSec audits only the new registration contracts; PendleStakingBaseUpg is excluded from scope.","source":"Three Sigma / Cointelegraph","source_url":"https://cointelegraph.com/magazine/pythia-finance-drained-53k-crypto-sec/"},{"date":"2024-05-01","event":"Pendle TVL reaches approximately $5.78 billion, an all-time high at that point, driven by LRT/LST restaking demand.","source":"Unchained Crypto","source_url":"https://unchainedcrypto.com/defi-protocol-pendle-reaches-all-time-high-as-total-value-locked-tops-5-78-billion/"},{"date":"2024-09-03","event":"Penpie exploited via reentrancy in batchHarvestMarketRewards(). Three attack transactions between 6:25 PM and 6:42 PM UTC drain approximately $27 million in wstETH, sUSDe, agETH, rswETH, and Pendle YT tokens across Ethereum and Arbitrum.","source":"Halborn / Three Sigma / Rekt News","source_url":"https://rekt.news/penpie-rekt"},{"date":"2024-09-03","event":"Pendle pauses its own contracts in response, protecting an additional approximately $105 million in funds. Both Pendle and Penpie freeze deposits.","source":"CoinMarketCap / Pendle on X","source_url":"https://coinmarketcap.com/academy/article/defi-platform-pendle-claims-to-have-saved-dollar105-million-after-dollar27-million-penpie-hack"},{"date":"2024-09-03","event":"Penpie publicly offers the attacker a negotiated bounty and promises of no legal action in exchange for return of stolen funds. Attacker does not respond.","source":"Penpie on X / Cryptopolitan","source_url":"https://x.com/Penpiexyz_io/status/1831157212963598555"},{"date":"2024-09-03","event":"Within 12 hours of the exploit, approximately $7 million of stolen funds are laundered through Tornado Cash. PNP token falls approximately 40%; PENDLE falls approximately 9%.","source":"DeFi Planet / Bitcoinist","source_url":"https://defi-planet.com/2024/09/penpie-protocol-hacker-reportedly-laundered-7m-through-tornado-cash-within-12-hours-of-27m-theft/"},{"date":"2024-09-07","event":"All 11,261.2 ETH (approximately $26.72 million) confirmed laundered through Tornado Cash in batches of 100 ETH from multiple accounts within approximately four days of the attack. No funds recovered.","source":"DailyCoin / PeckShield","source_url":"https://dailycoin.com/penpie-hacker-launders-last-batch-of-the-stolen-27m-ether"}]},"v":1}