Verify a decision

{"actor":"system:backfill","investigation_id":"bdadc939-db8a-469e-9f90-efc0aa2e2810","kind":"publish","page_slug":"astrid-finance","published_at":"2026-05-30T11:47:54.034Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Astrid Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6","type":"other","url":""},{"credibility":3,"name":"https://astridfinancial.wixsite.com/mysite","type":"other","url":""},{"credibility":3,"name":"https://testnet.astrid.finance/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6","type":"other","url":""},{"credibility":3,"name":"https://www.binance.com/en/square/post/2023-10-29-astrid-finance-suffers-exploit-after-auditors-recommended-fix-smart-contract-paused-and-full-refunds-promised-1541672","type":"other","url":""},{"credibility":3,"name":"https://www.fxstreet.com/cryptocurrencies/news/what-happened-in-crypto-this-weekend-202310300652","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.binance.com/en/square/post/2023-10-29-astrid-finance-suffers-exploit-after-auditors-recommended-fix-smart-contract-paused-and-full-refunds-promised-1541672","type":"other","url":""},{"credibility":3,"name":"https://www.fxstreet.com/cryptocurrencies/news/what-happened-in-crypto-this-weekend-202310300652","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.fxstreet.com/cryptocurrencies/news/what-happened-in-crypto-this-weekend-202310300652","type":"other","url":""},{"credibility":3,"name":"https://business.outlookindia.com/cryptocurrency/standard-chartered-owned-crypto-platform-zodia-launched-in-hong-kong-astrid-finance-exploiter-returns-182k","type":"other","url":""},{"credibility":3,"name":"https://www.binance.com/en/square/post/2023-10-29-astrid-finance-suffers-exploit-after-auditors-recommended-fix-smart-contract-paused-and-full-refunds-promised-1541672","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://twitter.com/AstridFinance","type":"other","url":""},{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://testnet.astrid.finance/","type":"other","url":""},{"credibility":3,"name":"https://www.fxstreet.com/cryptocurrencies/news/what-happened-in-crypto-this-weekend-202310300652","type":"other","url":""},{"credibility":3,"name":"https://github.com/astridfinance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://medium.com/neptune-mutual/understanding-the-astrid-finance-exploit-d8001a65b4f6","type":"other","url":""},{"credibility":3,"name":"https://www.binance.com/en/square/post/2023-10-29-astrid-finance-suffers-exploit-after-auditors-recommended-fix-smart-contract-paused-and-full-refunds-promised-1541672","type":"other","url":""}]}],"sources_used":[],"summary":"Astrid Finance is an Ethereum-based liquid restaking protocol built on EigenLayer, allowing users to deposit liquid staking tokens (stETH, rETH, cbETH) in exchange for liquid restaked tokens. On October 28, 2023, the protocol suffered a smart contract exploit due to a missing input validation check in its withdraw function, resulting in the theft of approximately $228,000 in assets. The attacker eventually returned 80% of stolen funds after an on-chain negotiation and legal threat by the team; all affected users received refunds, and the vulnerable contracts remain paused pending re-audit.","timeline":[{"date":"2023-10-28","event":"Astrid Finance exploited on Ethereum Mainnet via missing input validation in withdraw function; approximately $228,000 in stETH, rETH, and cbETH drained by attacker at address 0x792ec27874e1f614e757a1ae49d00ef5b2c73959.","source":""},{"date":"2023-10-28","event":"Astrid Finance team detects exploit, pauses vulnerable contracts, and takes a snapshot of all token holders to facilitate future refunds.","source":""},{"date":"2023-10-28","event":"Team initially states the vulnerability originated from an auditor-recommended fix; retracts the statement approximately one hour later, attributing the flaw to a mutual oversight by both the team and the auditing firm.","source":""},{"date":"2023-10-29","event":"Team sends on-chain message to attacker offering a 20% bounty (approximately 25.6 ETH) to return the remaining 80% of stolen funds; deadline set for October 31, 2023 at 8:00 am UTC with threat of legal action.","source":""},{"date":"2023-10-30","event":"Attacker returns approximately 102 ETH (roughly $182,000) — the 80% share — ahead of the deadline. Team states the matter is 'settled amicably.'","source":""},{"date":"2023-10-31","event":"Team publishes full list of affected depositors and their refund amounts; confirms all user refunds processed. Remaining recovered funds moved to multisig wallet for re-audit and redevelopment.","source":""},{"date":"2023-11-01","event":"Astrid Finance announces plan to undergo multiple independent smart contract audits before any future mainnet relaunch; contracts remain paused.","source":""}]},"v":1}