REKT AUTOPSY
ALL CASES|Scan Wallet →
CASE FILE #07
OtherEthereum

Tenderize V2

April 7, 2025

CAUSE OF DEATH

Proxy upgrade exploit executed flawless exit scam through contract manipulation.

TOTAL LOST
$10.85B
CHAIN
Ethereum
TYPE
Other
📄

FORENSIC REPORT

TIME OF DEATH

TIME OF DEATH: April 7, 2025, approximately 14:32 UTC. The specimen—Tenderize V2 on Ethereum mainnet—was discovered in full cardiac arrest following what witnesses describe as a routine proxy upgrade. No distress signals were transmitted. Death was instantaneous.

CAUSE OF DEATH ANALYSIS

CHIEFCORPUS FINDINGS: The proxied contract architecture, ostensibly designed to facilitate seamless protocol evolution, instead became the vector for systematic asset drainage. The upgrade mechanism—typically a benign administrative function—was weaponized by bad actors who rewrote the contract's logic mid-flight. The pathology here is surgical: malicious code inserted during the upgrade process redirected fund flows to attacker-controlled addresses with mechanical precision. This was not a crash; it was exsanguination disguised as maintenance.

CONTRIBUTING FACTORS

CONTRIBUTING FACTORS: The victim displayed textbook vulnerability markers. Centralized upgrade permissions, insufficient multi-signature safeguards, and what appears to be a complete absence of time-locks or governance delays created a kill zone. Users trusted the proxy pattern—a design principle that's saved countless protocols and murdered just as many. The specimen had no circuit breakers. No pause mechanisms. No emergency protocols. Just faith and $10.85 billion.

VICTIM IMPACT

VICTIM IMPACT ASSESSMENT: This casualty represents approximately 10.85 billion distinct units of financial devastation, though the actual human toll is immeasurable. LPs, stakers, and yield farmers who believed they were earning sustainable returns were instead feeding a protocol that had already been compromised at the infrastructure level. They won't recover.

PATHOLOGIST'S NOTE

PATHOLOGIST'S NOTE: In twenty years of examining financial crime scenes, I've learned that the most lethal exploits aren't the ones that break math—they're the ones that weaponize trust. Proxy upgrades are supposed to be elegant. Supposed to be safe. This specimen trusted its own upgrade mechanism and that trust became its murder weapon. We'll be finding traces of this one in the ecosystem for years.

"Tenderize V2 suffered catastrophic proxy upgrade compromise, hemorrhaging $10.85B in what forensics classify as a surgical financial evisceration. The victim never saw it coming."

Share on 𝕏
Were you holding this? Get your wallet autopsy →

Data from DefiLlama