Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Reproducible Foundry test fork from SunWeb3Sec/DeFiHackLabs. Clone the repo, run forge test against the file path above, and replay the exploit against a mainnet fork at the historical block. Use for reproduction only — not for live targets.
Reaper Farm's ReaperVaultV2 contract was maliciously exploited, resulting in more than $1.6 million worth of damage. Attackers exploited a vulnerability in the ReaperVaultV2 contract that could destroy other users' vault shares and withdraw tokens, thereby withdrawing large amounts of tokens from multiple vaults. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 1,698,423.
- chain
- —
- protocol
- Reaper Farm
- bug_class
- logic
- date_occurred
- 2022-08-02
- loss_usd
- $1,698,423
- source_id
- sm:reaper-farm::2022-08-02