tamjid0x01
awesome-smartcontract-hacking

Here we collect and discuss for Smart contract security & Blockchain researches and tools - contributions are welcome.

Last updated May 17, 2026
98
Stars
17
Forks
1
Issues
0
Stars/day
Attention Score
43
Language breakdown
No language data available.
Files click to expand
README

awesome-smartcontract-hacking

  • Project: Firo (formely Zcoin)
Date: 2021-01-19 Summary: 51% attack for 36 hours with 306 blocks reorged. Impact: 866K FIRO ($4M) double spent on Binance. Firo froze attacker's funds and forked to compensate exchanges. References: * Firo 51% attack post mortem and vote on attackers’ funds by Firo Team
  • Project: Nano
Date: 2021-01-21 Summary: Ongoing spam attack. Impact: Network slow down. References: * Spam attack (test?) on NANO this morning. 60,000 transactions dumped in 10 minutes... by u/Qwahzi * Recent DoS nano network attack and V21.3 fixes by Nano
  • Project: Verge
Date: 2021-02-15 Summary: 51% attack with 560K block orphaned (200 days worth) Impact: Unknown References: * The Verge Re-Org Attempt: Aftermath by Verge
  • Project: Hardhat
Date: 2021-02-19 Summary: Project NPM package targeted with a similarly named package. Impact: Unknown References: * Announcement Tweet * How MetaMask’s Latest Security Tool Can Protect Developers From Theft
  • Project: Kava
Date: 2021-05-21 Summary: Market volatility and network congestions caused by the liquidator bots prevent users from re-collaterizing borrow positions. Impact: Many users liquidated References: * May 19th Market Volatility by Kava
  • Project: yCredit Finance
Date: 2021-01-01 Summary: Minting vulnerability exploited Impact: $11M lost Type: Hack References: * Deposit Less, Get More: yCredit Attack Details by BlockSecTeam * Exploit PoC by Banteg
  • Project: Saddle Finance
Date: 2021-01-19 Summary: Price arbirtrage due to high slippage. Impact: 7.9 BTC ($275K) lost Type: Hack References: * Saddle Finance - REKT by rekt * 2021-1 Saddle Finance Arbitrage by Origin Protocol
  • Project: SushiSwap
Date: 2021-01-19 Summary: Misconfiguration exploited to manipulate DIGG-WETH price. Impact: 81 ETH ($100K) attacker profit Type: Hack References: * SushiSwap was attacked for the second time by SlowMist * Badgers DIGG SUSHI by rekt * Replaying Ethereum Hacks - Sushiswap BadgerDAO's Digg by cmichel
  • Project: Yearn
Date: 2021-02-04 Summary: Yearn V1 yDAI vault exploited. Impact: $11M lost Type: Hack References: * Vulnerability disclosure 2021-02-04 by Yearn Security * The yDAI Incident Analysis: Forced Investment by PeckShield * A brief analysis of yearn finance being hacked by SlowMist * Inside the Yearn v1 yDAI Hack (Feb 2021) by Halborn * Yearn - REKT by rekt * Yearn Exploit by Origin Protocol * Attacker TX on Etherscan * Tether Freezes $1.7 Million in Profits From Yearn Finance Hack by Robert Stevens (Decrypt)
  • Project: Growth DeFi
Date: 2021-02-09 Summary: rAAVE pool exploited by forcing an LP with a fake token. Impact: $1.3M (ETH) stolen. Type: Hack References: * rAAVE Farming Contract Exploit explained by Growth DeFi * The Big Combo (Growth DeFi - REKT) by rekt * Growth DeFi Exploit by Origin Protocol
  • Project: BT Finance
Date: 2021-02-09 Summary: Exploit similar to Yearn hack. Impact: $1.7M stolen. Type: Hack References: * BT.Finance Exploit analysis report by BT Finance * BT.Finance Exploit by Origin Protocol
  • Project: Alpha Homora
Date: 2021-02-12 Summary: Smart contract exploited. Impact: $38M (USDC, DAI, USDT, WETH) stolen. Type: Hack References: * Alpha Homora V2 Post Mortem by Alpha Homora * Alpha Finance - REKT by rekt
  • Project: CryptoPunks
Date: 2021-02-24 Summary: Auction was front-run using flash loans. Impact: Punk #1737 won for 1 Wei. Type: Hack References: * Announcement Tweet
  • Project: Furucombo
Date: 2021-02-27 Summary: Exploited by tricking it to use fake AAVE implementation. Impact: $15M stolen. Type: Hack References: * Furucombo Post-Mortem March 2021 by Furucombo * Analysis of the Furucombo Hack by SlowMist * Furucombo - REKT by rekt * Furucombo exploit internals by Kurt Barry * Replaying Ethereum Hacks - Furucombo by Cmichel * 2021-2-27 Furucombo Attack by Origin Protocol
  • Project: Yield Finance
Date: 2021-02-27 Summary: Whitehat hack, $166K DAI lost and later recovered. Impact: N/A. Type: Hack References: * Announcement Tweet
  • Project: Zerion
Date: 2021-03-04 Summary: Tricked into listing a malicious Balancer clone. Impact: $30K Type: Hack References: * Post mortem on Zerion’s asset phishing attack by Evgeny Yurtaev
  • Project: PAID Network
Date: 2021-03-05 Summary: Private keys compromised Impact: $160M (PAID) minted and sold. Type: Hack References: * PAID Network Attack Postmortem, March 7, 2021 by PAID * Analysis of Paid Network’s Hacked Event by SlowMist
  • Project: Kava
Date: 2021-03-05 Summary: Flaw in accounting logic exploited. Impact: No funds were lost. Type: Hack References: * Kava 5 Launch Post-Mortem by Kava
  • Project: DODO
Date: 2021-03-09 Summary: Initialization function was left callable. Impact: $3.8M lost Type: Hack References: * DODO Pool Incident Postmortem: With a Little Help from Our Friends by DODO Breeder * DODO - REKT by rekt
  • Project: True Seigniorage Dollar
Date: 2021-03-13 Summary: Upgrade forced by taking over DAO. Impact: 11.8B TSD minted and sold Type: Hack References: * Announcement Tweet
  • Project: Roll
Date: 2021-03-14 Summary: Private keys compromised. Impact: $5.7M lost Type: Hack References: * Roll - REKT by rekt * A $5.7 Million Crypto Heist Sent Social Tokens into Free Fall by Tim Hakki (Decrypt)
  • Project: Cream Finance
Date: 2021-03-15 Summary: DApp attacked by hijacking DNS Impact: Unknown Type: Hack References: * Announcement Tweet * Postmortem Report of DNS Hijacking by CREAM
  • Project: PancakeSwap Finance
Date: 2021-03-15 Summary: DApp attacked by hijacking DNS Impact: Unknown Type: Hack References: * Announcement Tweet
  • Project: Nifty Gateway
Date: 2021-03-15 Summary: Account hijacking Impact: NFTs stolen Type: Hack References: * Announcement Tweet
  • Project: Iron Finance
Date: 2021-03-16 Summary: vFarm reward misconfiguration Impact: 170K SIL lost Type: Hack References: * Iron Finance vFarms incident Post-mortem (16 March 2021) by Iron Finance
  • Project: SIL Finance
Date: 2021-03-18 Summary: Contract permissions exploited. Impact: $12.1M lost and later returned Type: Hack References: * Follow Up on the Service Outage & All Funds Are SAFU by SIL finance
  • Project: Uniswap Info
Date: 2021-03-30 Summary: Transaction volume spam by Delta Finance. Impact: N/A Type: Hack References: * $11 Billion in ‘Fake’ Uniswap Volume Causes DeFi Project and DEX to Clash by Jeff Benson (Decrypt) * Exploit analysis by Igor Igamberdiev
  • Project: ForceDAO
Date: 2021-04-04 Summary: Insufficient validation on the deposit function. Impact: $367K stolen. Whitehat saved $9.6M Type: Hack References: * xFORCE Exploit Post Mortem by ForceDAO * Exploit analysis by Igor Igamberdiev
  • Project: Polkatrain
Date: 2021-04-04 Summary: Rebate mechanism exploited. Impact: $3M (57K DOT) stolen Type: Hack References: * The response for hacker attack incident from Polkatrain team by Polkatrain
  • Project: Uranium Finance
Date: 2021-04-07 Summary: Logic bug exploited. Impact: $1.5M stolen Type: Hack References: * Uranium : post-mortem, v2, compensations by Uranium Finance * Exploit analysis by @ret2jazzy
  • Project: PancakeSwap Lottery
Date: 2021-04-12 Summary: Lottery exploited by administrator. Impact: $1.8M stolen Type: Hack References: * $1,800,000 was stolen from Binance Smart Chain PancakeSwap Lottery Pool by Crypto Pwnage * $1,800,000 was stolen from Binance Smart Chain PancakeSwap Lottery Pool - Part II by Crypto Pwnage
  • Project: Uranium Finance
Date: 2021-04-27 Summary: Logic bug exploited. Impact: $51M stolen Type: Hack References: * Hack announcement * Exploit post-mortem by Uranium Finance * SlowMist: Analysis of Uranium Finance’s Hacked Event by SlowMist * Exploit analysis by @FrankResearcher * Uranium Finance - REKT by rekt
  • Project: Spartan Protocol
Date: 2021-05-02 Summary: Logic bug exploited. Impact: $30M stolen Type: Hack References: * The Spartan Incident: Root Cause Analysis by PeckShield * Exploit analysis by @FrankResearcher * Spartan Pool Hack by Origin Protocol
  • Project: Value DeFi
Date: 2021-05-06 Summary: Reinitialized pool. Impact: $10M stolen Type: Hack References: * Value DeFi - Rekt 2 by rekt * Exploit analysis by @FrankResearcher
  • Project: Value DeFi
Date: 2021-05-08 Summary: Incorrect use of exponents. Impact: $11M stolen Type: Hack References: * Value DeFi - Rekt 3 by rekt * ValueDeFi Incident: Incorrect Weighted Constant Product Invariant Calculation by PeckShield * Exploit analysis by @FrankResearcher
  • Project: Meebits
Date: 2021-05-08 Summary: Flawed NFT generation. Impact: Rare $700K NFT generated Type: Hack References: * Meebits Exploit Analysis and PoC by iphelix * Ultra-rare Meebit NFT minted via exploit sells for $765,000 by Liam Frost (Cryptoslate)
  • Project: Rari Capital
Date: 2021-05-08 Summary: Composability vuln. Impact: $10M stolen Type: Hack References: * 5/8/2021: Rari Capital Ethereum Pool — Post-Mortem by Davic Lucid (Rari Capital) * (5/8/21) Rari Capital Exploit Timeline & Analysis by Nipun Pitimanaaree (Alpha Finance) * Exploit Analysis by Igor Igamberdiev (@FrankResearcher) * Price manipulation attack in reality (again): RariCapital incident by BlockSecTeam * Rari Capital - REKT by rekt * Hacker mocking Rari Capital by @dudesahn and @bantg * Why the Attack Was Possible by @banescusebi and @ridesolo5 * ETH and BSC attacker addresses.
  • Project: xToken Market
Date: 2021-05-14 Summary: Incorrect price calculation. Impact: $25.5M Type: Hack References: * Initial Report on xBNTa, xSNXa Exploit by Michael J. Cohen (xToken) * Exploit Analysis by Igor Igamberdiev (@FrankResearcher) * xToken - REKT by rekt
  • Project: Vault.sx
Date: 2021-05-14 Summary: Reentrancy exploit. Impact: $13.5M Type: Hack References: * EOS vaults.sx hack by cmichel
  • Project: Bearn Finance
Date: 2021-05-16 Summary: Withdrawal logic vulnerability. Impact: $11M Type: Hack References: * bVaults’ BUSD Alpaca Strategy Exploit Post-Mortem and bEarn’s Compensation Plan by bEarn Fi * Bearn.Fi Incident: Inconsistent Asset Denomination Between Vault & Strategy by PeckShield * bEarn - REKT by rekt * Bearn.Fi Hack by Origin Protocol
  • Project: Venus Protocol
Date: 2021-05-18 Summary: Price manipulation Impact: $200M+ liquidated $100M+ debt Type: Hack References: * Venus Protocol — Incident Post Mortem by Venus Protocol * Exploit Analysis by Igor Igamberdiev (@FrankResearcher)
  • Project: Pancake Bunny
Date: 2021-05-19 Summary: Minting vulnerability exploited Impact: 114,631 BNB ($41.8M), 697,245 BUNNY ($8M); 6.97M BUNNY minted and sold, token price collapsed Type: Hack References: * Official Post Mortem by Pancake Bunny * PancakeBunny Incident: Root Cause Analysis by PeckShield * BSC attacker address. * Exploit Analysis by Igor Igamberdiev (@FrankResearcher) * SlowMist: PancakeBunny Hack Analysis by SlowMist * BSC PancakeBunny Exploit Post Mortem by Christoph Michel * PancakeBunny - REKT by rekt * Knownsec Blockchain Lab|Binance SmartChain PancakeBunny (BUNNY) Attack Event Analysis by Knownsec Blockchain Lab * The PancakeBunny Bunny Performance Fee Minting Incident Analysis by WatchPug * Hack Track: Pancake Bunny Hack by Merkle Science * Attacker donates to Rekt by rekt
  • Project: Bogged Finance
Date: 2021-05-22 Summary: Minting vulnerability Impact: $3.6M Type: Hack References: * BOG Flash Loan Attack: What Happened, and what’s next — Token Migration by Bogged Finance * Bogged Finance Incident: Root Cause Analysis by PeckShield * Bogged Finance Hack by Origin Protocol
  • Project: AutoShark Finance
Date: 2021-05-24 Summary: Minting vulnerability exploited Impact: $750K (2.2K WBNB) Type: Hack References: * Autoshark Performance Fee Minting Incident Analysis by WatchPug * How AutoShark got economically exploited by AutoShark * AutoShark - REKT by rekt
  • Project: Merlin
Date: 2021-05-26 Summary: Minting vulnerability exploited Impact: $680K Type: Hack References: * Our Road Ahead by Merlin Lab * Merlin Lab Enhanced Security Measures by Merlin Lab * Merlin Labs - REKT by rekt * Exploit Analysis by Peckshield
  • Project: Merlin
Date: 2021-05-26 Summary: Price calculation error Impact: $540K Type: Hack References: * Our Road Ahead by Merlin Lab * Merlin Labs - REKT 2 by rekt
  • Project: BurgerSwap
Date: 2021-05-27 Summary: Reentry vulnerability Impact: $7.2M Type: Hack References: * BurgerSwap - REKT by rekt * Exploit Analysis by Igor Igamberdiev (@FrankResearcher) * Exploit Analysis by Mudit Gupta (@Mudit_Gupta) * Exploit Analysis by Hayden Adams (@haydenzadams) * Exploit Analysis by PeckShield
  • Project: Wild Credit
Date: 2021-05-27 Summary: Contract reinitialized Impact: $700K Type: Hack References: * Exploit Analysis by Mudit Gupta (@Mudit_Gupta) * Exploit Analysis by Anish Agnihortri (@_anishagnihotri)
  • Project: JulSwap
Date: 2021-05-27 Summary: Price manipulation using flashloans Impact: $700K Type: Hack References: * Flash Loan Farming / JULb / BNB by JustLiquidity (JulSwap) * JulSwap V2 Upgrading Its Oracle Mechanism to Chainlink by JustLiquidity (JulSwap) * Exploit Analysis by Mudit Gupta (@Mudit_Gupta) * Exploit Analysis by PeckShield * Exploit Analysis by WatchPug
  • Project: Belt Finance
Date: 2021-05-29 Summary: Price manipulation using flashloans Impact: $6.2M Type: Hack References: * May 29 Incident Report by Belt Finance * Exploit Analysis by Igor Igamberdiev (@FrankResearcher) * Exploit Analysis by PeckShield * Exploit Analysis by Mudit Gupta (@Mudit_Gupta) * Exploit Analysis by Christoph Michel (@cmichelio) * Belt Finance Attack Event Analysis by Knownsec Blockchain Lab * Belt - REKT by rekt

© 2026 GitRepoTrend · tamjid0x01/awesome-smartcontract-hacking · Updated daily from GitHub