Verify a decision

{"actor":"system:backfill","investigation_id":"a52f59b4-f668-4cad-bda9-6dfe809284bb","kind":"publish","page_slug":"peapods-finance","published_at":"2026-05-29T17:31:39.453Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Peapods Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.peapods.finance/","type":"other","url":""},{"credibility":3,"name":"https://docs.peapods.finance/peas-tokenomics","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/peapods-finance","type":"other","url":""},{"credibility":3,"name":"https://docs.peapods.finance/leveraged-volatility-farming-lvf","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/liqtags/crypto-rekts/blob/main/rekts/Peapods-Finance-Exploit.md","type":"other","url":""},{"credibility":3,"name":"https://x.com/zachxbt/status/1735025990819049968","type":"other","url":""},{"credibility":3,"name":"https://coinpaper.com/2875/over-8-4-million-stolen-in-crypto-exploits-within-a-single-week","type":"other","url":""},{"credibility":3,"name":"https://hacked.slowmist.io/?c=ETH&page=6","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.solidityscan.com/peapods-finance-hack-analysis-bdc5432107a5","type":"other","url":""},{"credibility":3,"name":"https://getfailsafe.com/peapods-finance-hack-200k-exploit-what-happened-and-and-how-to-stay-safe/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/peapodsfinanceasplongsusdepricemanipulationattack.php","type":"other","url":""},{"credibility":3,"name":"https://thedefiant.io/news/defi/peapods-finance-token-slips-5-percent-on-reported-oracle-issue","type":"other","url":""},{"credibility":3,"name":"https://getfailsafe.com/peapods-finance-hack-200k-exploit-what-happened-and-and-how-to-stay-safe/","type":"other","url":""},{"credibility":3,"name":"https://www.ccn.com/news/technology/this-week-crypto-hacks-gmx-peapods-finance-exploited/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://x.com/zachxbt/status/1735025990819049968","type":"other","url":""},{"credibility":3,"name":"https://coinpaper.com/2875/over-8-4-million-stolen-in-crypto-exploits-within-a-single-week","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://sourcehat.com/audits/PeapodsFinance/","type":"other","url":""},{"credibility":3,"name":"https://github.com/sherlock-audit/2025-01-peapods-finance","type":"other","url":""},{"credibility":3,"name":"https://audits.sherlock.xyz/contests/749","type":"other","url":""},{"credibility":3,"name":"https://x.com/PeapodsFinance/status/1891971076936347935","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.peapods.finance/peas-tokenomics","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/peapods-finance","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/peapods-finance","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/peapods-finance/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.peapods.finance/leveraged-volatility-farming-lvf","type":"other","url":""},{"credibility":3,"name":"https://docs.peapods.finance/liquidations-lvf","type":"other","url":""},{"credibility":3,"name":"https://docs.peapods.finance/risk-ownership-borrowers","type":"other","url":""},{"credibility":3,"name":"https://github.com/sherlock-audit/2025-01-peapods-finance","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/peapodsfinanceasplongsusdepricemanipulationattack.php","type":"other","url":""}]}],"sources_used":[],"summary":"Peapods Finance is a permissionless DeFi protocol on Ethereum and multiple EVM chains that pioneered a 'Volatility Farming' yield mechanism using asset-backed Pods and Leveraged Volatility Farming (LVF). The protocol has suffered three distinct security incidents since its December 2023 launch, including a $231K reentrancy exploit, a slippage manipulation attack, and a $200K oracle price manipulation attack in July 2025. On-chain investigator ZachXBT identified that the individual behind the initial 2023 'white hat' exploit had dumped a portion of stolen funds before returning the remainder, raising questions about the altruistic framing of that recovery.","timeline":[{"date":"2023-12-11","event":"PEAS token launches on Ethereum via fair-launch model; 88% of supply deployed to Uniswap V3 PEAS/DAI liquidity pools, 12% distributed to team fully vested at TGE.","source":""},{"date":"2023-12-13","event":"Reentrancy exploit on WeightedIndex contract drains $231,192 (104.47 ETH) in PEAS tokens. Exploiter later identified by ZachXBT as likely axxe.eth via timing analysis linking the address to FixedFloat transactions.","source":""},{"date":"2023-12-14","event":"Peapods Finance announces ~90% of stolen funds returned; characterizes incident as 'white hat hack.' ZachXBT publishes on-chain evidence that the exploiter had dumped a portion of stolen funds through FixedFloat before returning the majority.","source":""},{"date":"2023-12-15","event":"Alleged exploiter @0xaxxe tweets that white hat fee was returned to the Peapods team.","source":""},{"date":"2024-01-11","event":"SourceHat audit of Peapods Finance finalizes. All identified high- and low-severity findings reported as resolved. Protocol receives overall 'PASS' rating.","source":""},{"date":"2024-01-26","event":"PEAS token reaches all-time high of approximately $11.21–$11.74, implying a peak market capitalization of approximately $110–$117 million.","source":""},{"date":"2025-02-08","event":"Second exploit: slippage manipulation attack on depositFromPairedLpToken function in legacy Pod code drains approximately $3,500. Peapods team states affected Pod will be reimbursed; notes the vulnerability was in a deprecated version.","source":""},{"date":"2025-02-15","event":"Peapods Finance announces conclusion of Sherlock audit contest for Leveraged Volatility Farming upgrade; 84 independent auditors participated. Contest prize pool was 120,000 USDC.","source":""},{"date":"2025-07-08","event":"Third exploit: oracle price manipulation attack on WETH/aspLONGsUSDe Pod drains approximately 78 ETH ($207,000). Attacker routes funds through ChangeNow and FixedFloat. Second attack attempt is front-run by MEV bot Yoink. Multiple security firms including SlowMist, CertiK, PeckShield, and TenArmor flag the incident. Peapods team attributes breach to 'bad oracle configuration' in a user-created Pod.","source":""}]},"v":1}