Meerkat Finance
Rug PullDeFi · ✝ 2021
A 'contract upgrade' that quietly redirected vaults to the deployer.
Meerkat Finance was a BSC yield-farming vault project that vanished roughly $32M just a day after launch in March 2021. The team altered the contracts to drain user deposits and then disappeared, in what was widely judged a rug pull.
- Peak
- ~$32M stolen
- Cause
- Rug Pull
- Year of death
- 2021
☠️ Cause of death
An upgradeable proxy let the deployer swap in malicious logic that drained the vaults, after which the team went dark.
📓 Lessons left behind
- —Upgradeable vault contracts can be weaponized by their own team.
- —Demand verifiable timelocks on any upgrade authority.
- —Day-one launches with admin keys are red flags.
🌱 The idea that survived
Timelocked upgrades
Reinforced demand for timelocks and immutable vaults so deployers cannot silently swap drain logic.
#defi#rug#bsc