Verify a decision

{"actor":"system:backfill","investigation_id":"425d4aa7-23ea-48a1-bfce-5c1e47138809","kind":"publish","page_slug":"magpie-protocol","published_at":"2026-05-30T05:05:27.383Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Magpie Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://flagship.fyi/outposts/dapps/magpie-xyz-protocol-deep-dive-boosted-yield-from-pendle-finance/","type":"other","url":""},{"credibility":3,"name":"https://docs.magpiexyz.io/mgp-token","type":"other","url":""},{"credibility":3,"name":"https://defillama.com/protocol/magpie-ecosystem","type":"other","url":""},{"credibility":3,"name":"https://revelointel.com/project-breakdown/magpie/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/@Magpieprotocol/magpie-protocol-smart-contract-vulnerability-post-mortem-f6400db0a25e","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@Magpieprotocol/magpie-protocol-charting-a-secure-path-following-exploit-c7046d9fc3ca","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/magpieprotocoluncheckedcontractinputs.php","type":"other","url":""},{"credibility":3,"name":"https://revoke.cash/exploits/magpie","type":"other","url":""},{"credibility":3,"name":"https://hackernoon.com/balancing-usability-and-security-in-the-wake-of-a-breach-an-interview-with-magpie-protocols-cio","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024","type":"other","url":""},{"credibility":3,"name":"https://rekt.news/penpie-rekt","type":"other","url":""},{"credibility":3,"name":"https://therecord.media/penpie-defi-protocol-ethereum-stolen","type":"other","url":""},{"credibility":3,"name":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis","type":"other","url":""},{"credibility":3,"name":"https://beosin.com/resources/an-analysis-of-penpie-security-incident-with-a-loss-of-27-million","type":"other","url":""},{"credibility":3,"name":"https://slowmist.medium.com/slowmist-incident-analysis-penpie-hack-e6157975898f","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://thedefiant.io/news/defi/penpie-proposes-compensation-plan-and-insurance-protocol-after-usd27m-exploit","type":"other","url":""},{"credibility":3,"name":"https://gov.magpiexyz.io/t/penpie-compensation-plan-draft-02/412","type":"other","url":""},{"credibility":3,"name":"https://gov.magpiexyz.io/t/pip-15-recovery-plan-for-users-affected-by-penpie-exploit/426","type":"other","url":""},{"credibility":3,"name":"https://gov.magpiexyz.io/t/mip-55-recovery-plan-for-users-affected-by-penpie-exploit/428","type":"other","url":""},{"credibility":3,"name":"https://serenityresearch.substack.com/p/serenity-premium-magpie-penpies-hack","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.magpiexyz.io/security/audit-reports","type":"other","url":""},{"credibility":3,"name":"https://github.com/peckshield/publications/blob/master/audit_reports/PeckShield-Audit-Report-Magpie-v1.0.pdf","type":"other","url":""},{"credibility":3,"name":"https://github.com/peckshield/publications/blob/master/audit_reports/PeckShield-Audit-Report-Magpie-v1.1.pdf","type":"other","url":""},{"credibility":3,"name":"https://www.auditone.io/blog-posts/the-penpie-hack-understanding-the-september-2024-reentrancy-exploit-and-the-role-of-auditing-in-defi-security","type":"other","url":""},{"credibility":3,"name":"https://threesigma.xyz/blog/exploit/penpie-reentrancy-exploit-analysis","type":"other","url":""},{"credibility":3,"name":"https://blog.magpiexyz.io/prioritizing-safety-and-security-9acf2f5add7f","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://docs.magpiexyz.io/mgp-token","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/magpie","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/magpie/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/tech/2024/09/03/defi-protocol-penpie-exploited-for-27m-of-crypto-assets-pnp-token-craters-40","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://revoke.cash/exploits/magpie","type":"other","url":""},{"credibility":3,"name":"https://thecyberexpress.com/penpie-defi-hack-crypto-theft-2024/","type":"other","url":""},{"credibility":3,"name":"https://www.halborn.com/blog/post/explained-the-penpie-hack-september-2024","type":"other","url":""}]}],"sources_used":[],"summary":"Magpie XYZ is a multi-chain DeFi yield-optimization ecosystem built on a SubDAO model, enhancing veTokenomics across protocols including Wombat Exchange, Pendle Finance, PancakeSwap, Radiant Capital, and Camelot DEX. The ecosystem has suffered two distinct smart contract exploits: a $129,000 router vulnerability in April 2024 and a critical $27.3 million reentrancy exploit in September 2024 via its Penpie SubDAO, the latter of which resulted in laundering through Tornado Cash and law enforcement referrals to the FBI and Singapore Police. ZachXBT has flagged the entity in connection with the broader security incidents.","timeline":[{"date":"2022-01-01","event":"Magpie XYZ launches its inaugural SubDAO protocol in partnership with Wombat Exchange on BNB Chain, introducing mWOM as a liquid wrapper for veWOM governance tokens.","source":""},{"date":"2023-01-01","event":"Penpie SubDAO launches, targeting Pendle Finance yield optimization. Users can deposit PENDLE to receive mPENDLE liquid wrappers while the protocol accumulates vePENDLE.","source":""},{"date":"2024-04-23","event":"Magpie Protocol MagpieRouterV2 exploited via unchecked function selector position; $129,000 stolen from 221 wallets. Attacker addresses identified on Ethereum and BSC.","source":""},{"date":"2024-05-07","event":"Magpie Protocol completes reimbursement of all 221 affected wallets in full within two weeks of the April exploit.","source":""},{"date":"2024-09-03","event":"Penpie SubDAO exploited via reentrancy attack on batchHarvestMarketRewards(); 11,113.6 ETH ($27.3 million) stolen. Pendle Finance pauses all contracts preventing an additional estimated $105 million in losses. PNP token drops ~40%.","source":""},{"date":"2024-09-03","event":"Penpie team files police report at Kampong Java Neighbourhood Police Centre (Singapore) and files complaint with FBI Internet Crime Complaint Center (IC3).","source":""},{"date":"2024-09-04","event":"Attacker declines bounty offer from Penpie team and begins laundering stolen 11,109.62 ETH via Tornado Cash.","source":""},{"date":"2024-09-05","event":"Penpie post-mortem published; Pendle provides VPN IP address data to Singapore law enforcement for investigation.","source":""},{"date":"2024-10-01","event":"Magpie governance publishes Penpie compensation plan drafts (Draft 01, Draft 02) proposing SRT token distribution and SAFUPIE insurance SubDAO.","source":""},{"date":"2024-10-01","event":"Governance proposals MIP #55 and PIP #15 formalize recovery plan: 4% MGP token supply allocated, 20% of Penpie vePENDLE revenue, and 20% of Magpie monthly revenue committed to buybacks.","source":""},{"date":"2024-12-18","event":"MGP token reaches all-time high of approximately $0.212 USD before declining over 90% in subsequent months.","source":""}]},"v":1}