QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$63 000 USD
AUGUST 2025
GLOBAL
EQUILIBRIA FINANCE
DESCRIPTION OF EVENTS
Equilibria Finance is a DeFi platform designed to help users maximize their yield potential, inspired by the dynamic motion of a pendulum at equilibrium. The project is purpose-built for the Pendle Finance ecosystem and caters specifically to $PENDLE holders and liquidity providers. Founded by experienced DeFi professionals, Equilibria provides a streamlined interface for users to amplify their earnings through smart yield strategies.
The platform integrates with Pendle’s veToken/boosted yield model by offering a liquid version of vePENDLE called ePENDLE. This allows $PENDLE holders to benefit from staking rewards and other incentives while maintaining liquidity, as ePENDLE can be traded or swapped back to PENDLE. Meanwhile, LPs who don’t hold vePENDLE can still enjoy boosted yields by routing their positions through Equilibria.
Equilibria’s goal is to extend beyond Pendle over time, bringing its yield-optimizing infrastructure to other protocols. With community and partner support, the platform aims to scale its ecosystem while continuing to deliver innovative solutions for DeFi participants.
According to the technical description provided by the Equilibria Finance team:
"The vulnerability stemmed from the Ethereum mainnet version of stk-ePENDLE not being configured as non-transferable. An attacker used flash loans through Balancer to acquire ePENDLE, stake it into stk-ePENDLE, and then repeatedly transfer stk-ePENDLE across multiple addresses. Each transfer triggered a reward claim, which harvested the unclaimed rewards from the contract."
The loss was reported as "approximately 13.36 ETH".
Equilibria Finance reports that they "automatically paused all protocol functions" following "the very first transaction of the attack".
The Equilibria Finance team enabled functions shortly after the exploit was contained and they had verified "no scenario impacted Pendle markets or LPs". They announced that "[t]he Ethereum stk-ePENDLE contract will be updated to match the secure implementation already active on other chains" and that "[t]he Equilibria treasury will compensate users who missed out on ETH rewards as a result of this incident".
Equilibria Finance has announced that they will be covering all rewards which were intended to be paid out to users of the protocol.
To help address future concerns and risks, Equilibria announced they will be adopting "stricter procedures for all contract deployments and updates on every supported network".
Equilibria Finance, a DeFi platform built around the Pendle Finance ecosystem, experienced an exploit in its Ethereum auto-compounder due to a misconfigured contract that allowed reward farming through repeated transfers. The attacker drained approximately 13.36 ETH in unclaimed rewards, but no user funds or core liquidity positions were affected. The team responded quickly by pausing protocol functions, containing the incident, and has since implemented fixes, committed to compensating affected users, and announced stricter deployment procedures to prevent future vulnerabilities.
TenArmor - "Our system has detected that #Equilibria Finance @Equilibriafi on #ETH was attacked, resulting in an approximately loss of $62.5K. The root cause lies in the reward mechanism of the stk-ePendle contract, which calculates rewards for each account based on its stk-ePendle balance, making it easily exploitable by transferring stk-ePendle across multiple accounts." - Twitter/X (Aug 27)
Equilibria Finance Attack Transaction - Etherscan (Aug 27)
The Equilibria Finance Exploiter - Etherscan (Aug 27)
Equilibria Finance - "Earlier today, we identified an exploit in the Ethereum ePENDLE auto-compounder contract, which resulted in the loss of approximately 13.36 ETH. Importantly, no user funds were affected—including all Pendle Market LP positions and ePENDLE balances. The incident was contained to the auto-compounder’s accumulated ETH rewards, which had remained unclaimed for over a year." - Twitter/X (Aug 27)
Equilibria Finance - "All functions have been fully unpaused and are operating normally now." - Twitter/X (Aug 27)
Equilibria Finance - "Hey Equilibrians, we’ve encountered an issue with our ePENDLE Balancer vault. All Pendle Markets and LPs are safe, and our team is on top of it." - Twitter/X (Aug 27)
Equilibria Finance Link Tree (Aug 27)
Equilibria Finance Homepage (Aug 27)
Equilibria Finance Documentation (Aug 27)
Equilibria Finance Twitter/X (Aug 27)
