PikePike Token Generation
TLDR:Pike token generation and distribution took place on 9/30/2024 17:57 UTC110,761,849.83 Pike tokens distributed to 3,681 Presale ParticipantsPresale Participants will receive 50% of the tokens subscribed; the remaining 50% will vest monthly over 6 months after a 3 month cliffPike tokens will be distributed automatically to the same wallet addresses used for the presale contributionPike token format is ERC-20, and the initial trading venue will be Aerodrome on BasePike token address on Bas...
PikeThe Pike PIU Program is now live!
The Pike PIU Program is live!https://piu.pike.finance A new paradigm for points programs. One that doesn’t lock you in, and lets you monetize your participation at will. Rewarding both onchain activity, and community participation. Earn higher whitelist tiers, and contribute to the Pike Community Presale - for a chance to subscribe to the Pike Governance Token, and being a part of the native multichain DeFi journey at the ground floor.TLDR:$PIU allocation for Discord roles will be unlocked by...
PikePost-Mortem Report: Pike USDC Withdrawal Vulnerability
This report aims to transparently outline the circumstances that led to the financial loss and to assure our users that we are committed to implementing immediate measures to recover stolen funds. On April 26, 2024, 00:13:59 UTC, Pike Finance experienced a security breach due to the exploitation of a vulnerability within the Pike protocol. This resulted in a financial loss of 299,127 USDC incurred across 3 networks — Ethereum, Arbitrum, and Optimism. Only the USDC asset was affected, all othe...
Modular money market optimized for cross-chain liquidity
PikePike Token Generation
TLDR:Pike token generation and distribution took place on 9/30/2024 17:57 UTC110,761,849.83 Pike tokens distributed to 3,681 Presale ParticipantsPresale Participants will receive 50% of the tokens subscribed; the remaining 50% will vest monthly over 6 months after a 3 month cliffPike tokens will be distributed automatically to the same wallet addresses used for the presale contributionPike token format is ERC-20, and the initial trading venue will be Aerodrome on BasePike token address on Bas...
PikeThe Pike PIU Program is now live!
The Pike PIU Program is live!https://piu.pike.finance A new paradigm for points programs. One that doesn’t lock you in, and lets you monetize your participation at will. Rewarding both onchain activity, and community participation. Earn higher whitelist tiers, and contribute to the Pike Community Presale - for a chance to subscribe to the Pike Governance Token, and being a part of the native multichain DeFi journey at the ground floor.TLDR:$PIU allocation for Discord roles will be unlocked by...
PikePost-Mortem Report: Pike USDC Withdrawal Vulnerability
This report aims to transparently outline the circumstances that led to the financial loss and to assure our users that we are committed to implementing immediate measures to recover stolen funds. On April 26, 2024, 00:13:59 UTC, Pike Finance experienced a security breach due to the exploitation of a vulnerability within the Pike protocol. This resulted in a financial loss of 299,127 USDC incurred across 3 networks — Ethereum, Arbitrum, and Optimism. Only the USDC asset was affected, all othe...
Modular money market optimized for cross-chain liquidity
Subscribe to Pike
Subscribe to Pike
Share Dialog
Share Dialog
>1.8K subscribers
>1.8K subscribers
This report aims to transparently outline the circumstances that led to the financial loss and to assure our users that we are committed to implementing immediate measures to recover stolen funds.
On April 30th, Pike Finance experienced a second significant security breach due to the exploitation of a vulnerability related to a recent contract upgrade. This incident resulted in a substantial financial loss of 99,970.48 ARB, 64,126 OP, and 479.39 ETH.
The vulnerability stemmed from an oversight during the upgrade of the spokes contract, which was part of the measures taken to address the initial USDC vulnerability reported on April 26th.
https://mirror.xyz/pikefinance.eth/M1ToE42vwEHuE6xlz0dVRQwPT0xpaRtpIIw2arOdBAM
The upgrade had altered the storage layout of the Spoke contract, particularly affecting the position of initialized variables. This misalignment in storage mapping caused the contract to behave as if it was uninitialized. As a result, attackers were able to bypass and execute unauthorized upgrades and withdrawals.
We acknowledge that this oversight occurred during the process of trying to secure the protocol from the first exploit. It is crucial to note that the vulnerability was not due to inherent issues within the Pike protocol itself but was a consequence of a hastily completed contract upgrade.
2024-04-26: Initial USDC vulnerability exploited.
2024-04-26 to 2024-04-30: Efforts to pause and upgrade protocol functions to enhance security.
2024-04-30 21:47: Attackers exploited the contract upgrade vulnerability, leading to unauthorized withdrawals.
Hacker Wallet: 0x19066f7431df29A0910d287C8822936Bb7D89E23
Asset Conversion: The stolen assets were quickly moved and diversified across different cryptocurrencies.
As of today, no funds have been recovered, and no direct contact with attackers has been established. The investigation is ongoing, and we are working closely with external experts to trace the stolen assets.
In response to this incident, we are taking corrective actions by a continued and constant collaboration with security experts and auditors to ensure the integrity of our platform.
We are committed to learning from these incidents and strengthening our systems to protect our users' assets.
We will be publishing a report of all the users on Pike with their outstanding balances, with restitution to be made in the next week or so.
Further updates on our progress will be communicated in the coming days, so please keep an eye out on our Twitter.
We appreciate the patience and support of our community as we work through these challenges.
This report aims to transparently outline the circumstances that led to the financial loss and to assure our users that we are committed to implementing immediate measures to recover stolen funds.
On April 30th, Pike Finance experienced a second significant security breach due to the exploitation of a vulnerability related to a recent contract upgrade. This incident resulted in a substantial financial loss of 99,970.48 ARB, 64,126 OP, and 479.39 ETH.
The vulnerability stemmed from an oversight during the upgrade of the spokes contract, which was part of the measures taken to address the initial USDC vulnerability reported on April 26th.
https://mirror.xyz/pikefinance.eth/M1ToE42vwEHuE6xlz0dVRQwPT0xpaRtpIIw2arOdBAM
The upgrade had altered the storage layout of the Spoke contract, particularly affecting the position of initialized variables. This misalignment in storage mapping caused the contract to behave as if it was uninitialized. As a result, attackers were able to bypass and execute unauthorized upgrades and withdrawals.
We acknowledge that this oversight occurred during the process of trying to secure the protocol from the first exploit. It is crucial to note that the vulnerability was not due to inherent issues within the Pike protocol itself but was a consequence of a hastily completed contract upgrade.
2024-04-26: Initial USDC vulnerability exploited.
2024-04-26 to 2024-04-30: Efforts to pause and upgrade protocol functions to enhance security.
2024-04-30 21:47: Attackers exploited the contract upgrade vulnerability, leading to unauthorized withdrawals.
Hacker Wallet: 0x19066f7431df29A0910d287C8822936Bb7D89E23
Asset Conversion: The stolen assets were quickly moved and diversified across different cryptocurrencies.
As of today, no funds have been recovered, and no direct contact with attackers has been established. The investigation is ongoing, and we are working closely with external experts to trace the stolen assets.
In response to this incident, we are taking corrective actions by a continued and constant collaboration with security experts and auditors to ensure the integrity of our platform.
We are committed to learning from these incidents and strengthening our systems to protect our users' assets.
We will be publishing a report of all the users on Pike with their outstanding balances, with restitution to be made in the next week or so.
Further updates on our progress will be communicated in the coming days, so please keep an eye out on our Twitter.
We appreciate the patience and support of our community as we work through these challenges.
No activity yet