Coming soon

← Back to the graveyard
Ooki logo

Ooki

Hacked

DeFi · $OOKI · born 2020 · ✝ 2021

A phished private key cost the protocol ~$55M.

Ooki (formerly bZx) was a decentralized margin-trading and lending protocol deployed across Polygon and BSC. In November 2021 a developer was phished, exposing a private key that let attackers drain roughly $55M from the protocol's contracts.

Peak
~$55M stolen
Cause
Hacked
Year of death
2021

☠️ Cause of death

A phishing email compromised a developer's private key controlling protocol contracts, giving attackers direct control to siphon user funds.

📓 Lessons left behind

  • One phished key can defeat an otherwise audited protocol.
  • Critical contract control belongs behind multisig, not one keypair.
  • Train every signer to treat unsolicited files as hostile.

🌱 The idea that survived

Multisig key custody

Reinforced the case for multisig and hardware-backed signing on all protocol admin keys.

#defi#private-key#phishing