Beanstalk Farms Hack 2022 — $182M Exploit Analysis

Attacker used flash loan to acquire 67% voting power and pass a malicious governance proposal in a single block.

Details

Full Description

The attacker borrowed $1B+ in a flash loan to acquire 67% of Beanstalk's governance tokens (Stalk). With this supermajority, they passed a malicious BIP (Beanstalk Improvement Proposal) that transferred all protocol assets to their address. The governance mechanism allowed immediate execution with no time-lock, making this attack possible in a single Ethereum block.

Laundering Analysis

Profits converted to ETH and funneled through Tornado Cash. USDC donation of $250K made to Ukraine relief by attacker on-chain. Attacker's identity never definitively established. The attack exploited the absence of a governance time-lock — a design flaw since corrected in most protocols.

Sources

Transaction Hashes

Related Hacks

Back to Browse