Coming soon

← Back to the graveyard
Hedgey logo

Hedgey

Hacked

DeFi · born 2021 · ✝ 2024

A flawed claim contract leaked ~$44.7M to attackers.

Hedgey Finance was a tokenomics platform offering on-chain token vesting, lockups and airdrop claims on Arbitrum and Ethereum. In April 2024 attackers abused a flaw in its token-claim contracts, using flash loans to drain roughly $44.7M.

Peak
~$44.7M stolen
Cause
Hacked
Year of death
2024

☠️ Cause of death

The claim contract failed to validate flash-loaned funds properly, letting attackers borrow, claim, and walk away with the difference.

📓 Lessons left behind

  • Claim and airdrop contracts handle real money and need real audits.
  • Assume any caller can be flash-loan funded.
  • Validate state, never trust the caller's balance.

🌱 The idea that survived

Flash-loan-aware design

Reinforced that claim logic must be hardened against atomically borrowed capital.

#defi#flash-loan#claim-contract