Verify a decision

{"actor":"system:backfill","investigation_id":"833401a1-ffcb-4c74-95d6-404dedd094a9","kind":"publish","page_slug":"sharwafinance","published_at":"2026-05-29T16:12:59.826Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"Sharwa.Finance","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/sharwa.finance","type":"other","url":""},{"credibility":3,"name":"https://sharwa.finance/app.html","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blog.verichains.io/p/vulnerability-analysis-deconstructing","type":"other","url":""},{"credibility":3,"name":"https://getfailsafe.com/sharwafinance-exploit-analysis/","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/sharwafinancemargintradingsandwichattacksolvencyflaw.php","type":"other","url":""},{"credibility":3,"name":"https://blockthreat.com/blockthreat-week-43-2025/","type":"other","url":""},{"credibility":3,"name":"https://de.fi/blog/defi-rekt-report-october-2025-38-6-million-lost-across-9-exploits","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://github.com/pashov/audits/blob/master/team/md/SharwaFinance-security-review.md","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/vulnerability-analysis-deconstructing","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/sharwafinancemargintradingsandwichattacksolvencyflaw.php","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/sharwa.finance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://blockthreat.com/blockthreat-week-43-2025/","type":"other","url":""},{"credibility":3,"name":"https://de.fi/blog/defi-rekt-report-october-2025-38-6-million-lost-across-9-exploits","type":"other","url":""},{"credibility":3,"name":"https://x.com/SharwaFinance","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://defillama.com/protocol/sharwa.finance","type":"other","url":""},{"credibility":3,"name":"https://blog.verichains.io/p/vulnerability-analysis-deconstructing","type":"other","url":""},{"credibility":3,"name":"https://quadrigainitiative.com/casestudy/sharwafinancemargintradingsandwichattacksolvencyflaw.php","type":"other","url":""}]}],"sources_used":[],"summary":"Sharwa.Finance is an on-chain portfolio margin trading protocol deployed on Arbitrum, enabling leveraged spot and options trading with cross-margin collateral. The protocol suffered a $147,000 exploit in October 2025 via a flash loan price-oracle manipulation attack, a vulnerability class that had been explicitly identified and reported by the Pashov Audit Group over one year prior to the incident. The protocol was flagged by on-chain security researchers including ZachXBT-adjacent monitoring networks, and a second oracle manipulation incident resulting in approximately $32,850 in losses was recorded in May 2026.","timeline":[{"date":"2024-06-17","event":"Pashov Audit Group publishes security review of SharwaFinance/MarginTrading, identifying four critical-severity findings including C-01 Uniswap Spot Price Manipulation, explicitly warning that reliance on Uniswap V3 spot prices enables flash loan exploitation.","source":""},{"date":"2025-10-02","event":"Sharwa.Finance deploys a new version of the FacadeTradeRouter contract (18 days before the exploit), reportedly without re-applying the oracle fix recommended in the Pashov audit.","source":""},{"date":"2025-10-20","event":"Sharwa.Finance exploited on Arbitrum via flash loan price oracle manipulation. Attackers use a large USDC flash loan from Morpho to manipulate a Uniswap V3 pool and withdraw excess value through the FacadeTradeRouter contract. Total losses approximately $147,000.","source":""},{"date":"2025-10-23","event":"FailSafe publishes exploit analysis identifying two separate attackers, attributing approximately $61,000 and $85,000 in profits respectively to an absence of insolvency checks in the MarginTrading swap function.","source":""},{"date":"2025-10-27","event":"Sharwa.Finance team posts attack post-mortem on X, commits to 100% reimbursement of affected users, and implements Reduce-Only mode blocking new positions.","source":""},{"date":"2025-10-27","event":"Additional exploit transactions documented on Arbitrum network; $40,000 of stolen funds recovered.","source":""},{"date":"2025-10-27","event":"Verichains publishes vulnerability analysis of the Sharwa Finance exploit, confirming the oracle manipulation vector and noting the prior Pashov audit finding.","source":""},{"date":"2026-05-01","event":"Sharwa.Finance suffers a second security incident attributed to oracle price manipulation on Arbitrum, resulting in approximately $32,850 in losses according to DefiLlama protocol data.","source":""}]},"v":1}