Skip to main content
Sign in

Wasabi Protocol

avoid.net/wasabi18/100·100% conf.
[AI-DRAFTED · AWAITING VERIFICATION][src:base][src:uups-upgrade][src:berachain][src:tornado-cash][src:ethereum][src:blast][src:admin-key-exploit][src:leveraged-trading][src:nft-fi][src:perps][src:zachxbt][src:memecoin][src:options][src:defi]
anchored·5wrNnq…p8Pf

Summary

Wasabi Protocol is a decentralized perpetual futures and leveraged trading platform for memecoins and long-tail assets, deployed on Ethereum, Base, Berachain, and Blast. On April 30, 2026, the protocol suffered a critical multi-chain exploit in which a compromised admin deployer key was used to execute malicious UUPS proxy upgrades across core contracts, draining over $5 million in user funds. Security firm BlockSec reported that the attacker's wallets had been funded via Tornado Cash, and on-chain investigator ZachXBT publicly criticized the protocol for single-EOA admin control, absence of a timelock or multisig, and alleged misappropriation of project funds on influencer marketing.

Connected Entities

1 entities · 1 linked investigation
Protocols
Wasabi Protocol
Relationships
    Also appears in
    Wasabi Protocol·18

    Connected Through

    1 shared actor · 1 investigation

    Distinct actors this investigation shares with others — holders, traders, and named parties. Shared infrastructure (exchanges, pools) is excluded.

    Have evidence about Wasabi Protocol?

    Timeline(6 events)

    2024-06-18

    Wasabi Protocol raises $3 million seed round led by Electric Capital, with participation from Alliance, Memeland, and several prominent crypto investors and influencers.

    2026-04-30

    Wasabi Protocol suffers a multi-chain admin key compromise exploit. Attacker uses compromised wasabideployer.eth key to grant ADMIN_ROLE to a malicious contract and execute UUPS upgrades on core contracts across Ethereum, Base, Berachain, and Blast, draining over $5 million.

    2026-04-30

    BlockSec Phalcon system alerts on $5.15M in abnormal Wasabi Protocol fund movements, reporting that preliminary traces link Tornado Cash-funded accounts to the ADMIN_ROLE grants used in the attack.

    2026-04-30

    CoinDesk reports the exploit as an apparent admin key compromise, estimating $4.5 million drained. The Block puts the figure at over $5 million based on multi-chain totals from security firms.

    2026-04-30

    ZachXBT publicly criticizes Wasabi Protocol's single-EOA admin architecture and alleges project funds were spent on influencer marketing (including KOL Kook) rather than security infrastructure.

    2026-05-01

    Halborn publishes a technical post-mortem confirming root cause as private key security failure and governance design, not exploitable smart contract code. Attacker address 0x02228b0afcdbEdf8180D96Fc181Da3AF5DD1d1ab identified.

    Provenance & Audit Trail
    Anchored on SolanaVerify on-chainsrc:basesrc:uups-upgradesrc:berachainsrc:tornado-cashsrc:ethereumsrc:blastsrc:admin-key-exploitsrc:leveraged-tradingsrc:nft-fisrc:perpssrc:zachxbtsrc:memecoinsrc:optionssrc:defi

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet

    generated: 5/4/2026, 4:04:56 PM

    last updated: 5/26/2026, 4:11:13 AM

    avoid.net — verified advice for a post-truth world