Verify a decision

{"actor":"system:backfill","investigation_id":"ebd43551-764e-4f75-ab7d-83aba2dc9d0e","kind":"publish","page_slug":"team-finance","published_at":"2026-05-19T21:12:25.752Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Team Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.businesswire.com/news/home/20220429005583/en/TrustSwaps-Team.Finance-Continues-to-Be-the-Industry-Leader-in-Cryptocurrency-Token-Locks-and-Management"},{"credibility":3,"name":"","type":"other","url":"https://defillama.com/protocol/team-finance"},{"credibility":3,"name":"","type":"other","url":"https://www.crunchbase.com/person/jeff-kirdeikis"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://medium.com/haechi-audit/team-finance-incident-analysis-537656284ed0"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-team-finance-hack-october-2022"},{"credibility":3,"name":"","type":"other","url":"https://hacken.io/insights/why-team-finance-was-exploited-for-14-5-million-despite-its-audit/"},{"credibility":3,"name":"","type":"other","url":"https://www.theblock.co/post/180369/hacker-uses-2700-to-drain-15-8-million-from-team-finance"},{"credibility":3,"name":"","type":"other","url":"https://blockworks.co/news/defi-platform-exploited-for-14-5m-despite-security-audits"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/analysis-review-of-team-finance-exploit-f439c2f63e2"},{"credibility":3,"name":"","type":"other","url":"https://medium.com/haechi-audit/team-finance-incident-analysis-537656284ed0"},{"credibility":3,"name":"","type":"other","url":"https://etherscan.io/address/0xe2fe530c047f2d85298b07d9333c05737f1435fb"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://www.coindesk.com/tech/2022/10/31/attacker-behind-145m-team-finance-exploit-returns-7m"},{"credibility":3,"name":"","type":"other","url":"https://cointelegraph.com/news/team-finance-hacker-returns-7m-to-associated-projects-after-exploit"},{"credibility":3,"name":"","type":"other","url":"https://beincrypto.com/another-white-hat-hacker-returns-funds-from-platform-exploit/"},{"credibility":3,"name":"","type":"other","url":"https://slowmist.medium.com/analysis-review-of-team-finance-exploit-f439c2f63e2"},{"credibility":3,"name":"","type":"other","url":"https://www.cryptopolitan.com/team-finance-exploited-for-15-million/"}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"","type":"other","url":"https://hacken.io/insights/why-team-finance-was-exploited-for-14-5-million-despite-its-audit/"},{"credibility":3,"name":"","type":"other","url":"https://www.halborn.com/blog/post/explained-the-team-finance-hack-october-2022"},{"credibility":3,"name":"","type":"other","url":"https://immunebytes.com/blog/team-finance-exploit-oct-27-2022-detailed-analysis/"}]}],"sources_used":[],"summary":"Team Finance is a DeFi token-locking and vesting platform operated by TrustSwap Inc. that suffered a critical $14.5 million exploit on October 27, 2022, when an attacker abused a validation flaw in its Uniswap V2-to-V3 migration function. The attacker ultimately returned approximately $7 million, retaining roughly 10% as a self-declared bug bounty; Team Finance subsequently switched auditors to CertiK and reported full user reimbursement by June 2023.","timeline":[{"date":"2020-01-01","event":"Team Finance founded as part of TrustSwap Inc., offering token locking and vesting smart contracts for DeFi projects.","source":""},{"date":"2022-01-19","event":"Hacken conducts smart contract audit of Team Finance's LockToken.sol and related contracts; migrate() function not yet in scope as it had not been added to the codebase.","source":""},{"date":"2022-04-29","event":"TrustSwap publishes press release stating Team Finance has secured over $6.5 billion in total value and serves more than 21,000 projects.","source":""},{"date":"2022-08-01","event":"Zokyo conducts audit of Team Finance contracts including the migrate() function, flagging two critical vulnerabilities related to arbitrary token address use and reentrancy. Team Finance dismisses findings as 'intended logic.'","source":""},{"date":"2022-10-27","event":"Exploit executed: attacker drains approximately $14.5–15.8 million from four LP pools (FEG, CAW, TSUKA, KNDX) locked on Team Finance via a manipulated Uniswap V2-to-V3 migration call. Team Finance immediately pauses all protocol activity.","source":""},{"date":"2022-10-28","event":"Team Finance publicly appeals to the attacker to return funds in exchange for a bounty. SlowMist, KALOS Security, and other firms publish on-chain analysis of the exploit.","source":""},{"date":"2022-10-29","event":"Attacker begins returning funds to affected projects via on-chain transactions, identifying themselves as a 'whitehat' hacker in embedded transaction messages.","source":""},{"date":"2022-10-31","event":"Approximately $7 million in tokens returned to the four affected project communities (Kondux, Tsuka, FEG, CAW). Attacker retains roughly 10% as a self-declared bug bounty. CoinDesk and CoinTelegraph report on the partial recovery.","source":""},{"date":"2023-06-01","event":"Team Finance representative states that all affected users have received the vast majority of their funds back. Platform reports CertiK engaged as new auditor and multiple security enhancements implemented.","source":""},{"date":"2023-07-01","event":"Jeff Kirdeikis transitions from CEO to Board Chairman of TrustSwap.","source":""}]},"v":1}