Verify a decision

{"actor":"system:backfill","investigation_id":"1cca8f4f-3a82-4091-9f74-de60c8021c13","kind":"publish","page_slug":"wasabi","published_at":"2026-05-19T00:20:43.834Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Wasabi Protocol","sections":[{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]},{"content":"","heading":"","severity":"medium","sources":[]}],"sources_used":[],"summary":"Wasabi Protocol is a decentralized perpetual futures and leveraged trading platform for memecoins and long-tail assets, deployed on Ethereum, Base, Berachain, and Blast. On April 30, 2026, the protocol suffered a critical multi-chain exploit in which a compromised admin deployer key was used to execute malicious UUPS proxy upgrades across core contracts, draining over $5 million in user funds. Security firm BlockSec reported that the attacker's wallets had been funded via Tornado Cash, and on-chain investigator ZachXBT publicly criticized the protocol for single-EOA admin control, absence of a timelock or multisig, and alleged misappropriation of project funds on influencer marketing.","timeline":[{"date":"2024-06-18","event":"Wasabi Protocol raises $3 million seed round led by Electric Capital, with participation from Alliance, Memeland, and several prominent crypto investors and influencers.","source":"","source_url":"https://www.theblock.co/post/300465/memecoin-leverage-trading-protocol-wasabi-funding"},{"date":"2026-04-30","event":"Wasabi Protocol suffers a multi-chain admin key compromise exploit. Attacker uses compromised wasabideployer.eth key to grant ADMIN_ROLE to a malicious contract and execute UUPS upgrades on core contracts across Ethereum, Base, Berachain, and Blast, draining over $5 million.","source":"","source_url":"https://www.halborn.com/blog/post/explained-the-wasabi-protocol-hack-april-2026"},{"date":"2026-04-30","event":"BlockSec Phalcon system alerts on $5.15M in abnormal Wasabi Protocol fund movements, reporting that preliminary traces link Tornado Cash-funded accounts to the ADMIN_ROLE grants used in the attack.","source":"","source_url":"https://x.com/Phalcon_xyz/status/2049772035736539516"},{"date":"2026-04-30","event":"CoinDesk reports the exploit as an apparent admin key compromise, estimating $4.5 million drained. The Block puts the figure at over $5 million based on multi-chain totals from security firms.","source":"","source_url":"https://www.coindesk.com/tech/2026/04/30/wasabi-protocol-drained-for-usd4-5-million-in-apparent-admin-key-compromise"},{"date":"2026-04-30","event":"ZachXBT publicly criticizes Wasabi Protocol's single-EOA admin architecture and alleges project funds were spent on influencer marketing (including KOL Kook) rather than security infrastructure.","source":"","source_url":"https://bitcoinworld.co.in/wasabi-hack-zachxbt-criticism/"},{"date":"2026-05-01","event":"Halborn publishes a technical post-mortem confirming root cause as private key security failure and governance design, not exploitable smart contract code. Attacker address 0x02228b0afcdbEdf8180D96Fc181Da3AF5DD1d1ab identified.","source":"","source_url":"https://www.halborn.com/blog/post/explained-the-wasabi-protocol-hack-april-2026"}]},"v":1}