Verify a decision

{"actor":"system:backfill","investigation_id":"161be9c7-ee67-4ea2-9533-68617b497f21","kind":"publish","page_slug":"subquery-network","published_at":"2026-05-29T02:53:12.270Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"SubQuery Network","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://subquery.network/","type":"other","url":""},{"credibility":3,"name":"https://subquery.network/doc/subquery_network/token/token.html","type":"other","url":""},{"credibility":3,"name":"https://subquery.network/doc/subquery_network/introduction/introduction.html","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.crunchbase.com/person/sam-zou","type":"other","url":""},{"credibility":3,"name":"https://subquery.medium.com/leading-the-way-in-web3-meet-the-subquery-team-a49e40513b86","type":"other","url":""},{"credibility":3,"name":"https://subquery.medium.com/series-a-1abed6c1c2af","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://subquery.medium.com/subquery-raises-1-8m-seed-round-for-future-expansion-3348c1f2a931","type":"other","url":""},{"credibility":3,"name":"https://subquery.medium.com/series-a-1abed6c1c2af","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/price/subquery/vesting","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://subquery.medium.com/subquery-mainnet-and-sqt-launch-all-you-need-to-know-cd64186649f3","type":"other","url":""},{"credibility":3,"name":"https://blog.subquery.network/subquery-token-to-launch-on-bybit-exchange/","type":"other","url":""},{"credibility":3,"name":"https://cryptorank.io/price/subquery/vesting","type":"other","url":""},{"credibility":3,"name":"https://www.coingecko.com/en/coins/subquery-network","type":"other","url":""},{"credibility":3,"name":"https://coinmarketcap.com/currencies/subquery-network/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://subquery.ghost.io/subquery-network-security-incident-report/","type":"other","url":""},{"credibility":3,"name":"https://subquery.network/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://hacken.io/audits/subquery-network/","type":"other","url":""},{"credibility":3,"name":"https://medium.com/@subquery/subquery-network-passes-smart-contract-audit-by-hacken-876a276fddeb","type":"other","url":""},{"credibility":3,"name":"https://subquery.ghost.io/subquery-network-security-incident-report/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://subquery.network/doc/subquery_network/token/token.html","type":"other","url":""},{"credibility":3,"name":"https://subquery.medium.com/series-a-1abed6c1c2af","type":"other","url":""}]}],"sources_used":[],"summary":"SubQuery Network is a Web3 data indexing protocol originally built for the Polkadot ecosystem, founded by Sam Zou and James Bayly out of New Zealand-based OnFinality. The project raised $10.8M in seed and Series A funding, launched its mainnet and SQT token in February 2024, and suffered a significant smart-contract exploit on April 12, 2026 in which a missing access-control modifier allowed an attacker to drain approximately 382 million SQT tokens (~$134,000 USD) from staker and delegator wallets across five transactions. ZachXBT flagged the entity in connection with this incident; the team published a full disclosure report and executed on-chain compensation for all affected wallets.","timeline":[{"date":"2021-01-01","event":"SubQuery raises $1.8 million seed round led by DeFi Alliance, D1 Ventures, Hypersphere Ventures, DFG, and The LAO.","source":""},{"date":"2021-09-11","event":"SubQuery announces $9 million Series A round co-led by Arrington Capital, DCG, and Stratos Technologies.","source":""},{"date":"2022-04-12","event":"SubQuery Network passes Hacken smart contract security audit with no material findings.","source":""},{"date":"2024-02-22","event":"SQT token deposits open on Bybit exchange ahead of mainnet TGE.","source":""},{"date":"2024-02-23","event":"SubQuery mainnet launches and SQT token begins trading on Bybit at approximately $0.0144.","source":""},{"date":"2024-03-29","event":"SQT reaches all-time high price of approximately $0.0855.","source":""},{"date":"2024-12-31","event":"SQT price ends 2024 approximately 76% below its launch price, trading around $0.005.","source":""},{"date":"2026-04-12","event":"Smart contract exploit on Base network drains approximately 382 million SQT (~$134,000 USD) from staking contract, 272 individual wallets, RewardsBooster, and Treasury via missing onlyOwner access control on the Settings contract setContractAddress() function.","source":""},{"date":"2026-04-13","event":"SubQuery team identifies full attack vector, simulates exploit traces, and deploys fix restoring onlyOwner modifiers to affected contract functions.","source":""},{"date":"2026-04-14","event":"On-chain compensation distribution begins; SubQuery publishes full public disclosure and recovery plan.","source":""},{"date":"2026-04-15","event":"On-chain compensation to all 272 affected staker and delegator wallets completed.","source":""}]},"v":1}