Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.

Puffer Finance

Liquid Staking & Restakingcritical·risk 0.6896·TVL $61.2M·blast $61.2M·active

website github twitter discord

Static profile (Identity / Contract / Dependency / Governance / Reputation)

Identity

Sector

Liquid Staking & Restaking

Subsector tags

consumer_app, infra_tooling, general_defiDemo

Chain deployments

Ethereum

Website

https://www.puffer-finance.xyzDemo

Launch date

Feb 1, 2024

Immutable

noDemo

Permissionless

yesDemo

Contract

Primary address

—

Proxy pattern

UNKNOWN

Upgrade authority

UNKNOWN

Multisig threshold

—

Compiler

0.8.20

Uses assembly

noDemo

Bug bounty

noneDemo

Contract addresses

0xab42ba120af9ee4d17be889954dd6bec2cbebe30, 0xcfb615c09993fd99801ad1159eaf2f798cc617a9Demo

Audits tier

0

Dependency

Oracle providers

Chainlink

Bridge dependencies

—

Stablecoin dependencies

—

LST / LRT deps

—Demo

DEX liquidity venues

camelot, velodrome, pancakeswapDemo

CEX listings

bybit, kraken, htxDemo

Custodian

—Demo

KMS provider

fireblocks_mpcDemo

RPC provider

quicknodeDemo

Frontend host

vercelDemo

npm lockfile sha

sha256:b6491b43eae34303d4ea672fe1dc6ab4c49417ac2e50888824d6b5dc14f0ee4eDemo

Governance

Governance type

token_votingDemo

Governance token

0x30f13de34f975a2b86b8f3f1752c56a8400d5fa8Demo

Treasury size

$360.4KDemo

Team size

18Demo

Jurisdiction

CHDemo

Incorporated entity

Puffer Finance Pte. Ltd.Demo

Anonymous team

noDemo

Security disclosure

yesDemo

IR SLA (hours)

2Demo

Reputation

GitHub

https://github.com/puffer-finance/puffer-financeDemo

Commit velocity (30d)

81Demo

Contributors

32Demo

Twitter

@puffer-financeDemo

Discord

https://discord.gg/xj11xmDemo

Last incident

Mar 31, 2024Demo

KYT screening

cleanDemo

Threat History

1 recorded incident

Mar 31, 2024reentrancyprotocolunattributed_criminalDemo

$24.5M

On 2024-03-31, Puffer Finance suffered a reentrancy incident resulting in approximately $24,515,368 in losses. The exploit targeted the protocol layer. Attribution: unattributed_criminal. This is a demonstration entry — not a real incident.

DEMO:AADAPT.TA0004DEMO:AADAPT.TA0040

View incident →Audited at time

Peer Incidents · Method B

11 root-cause predicate matches

Vulnerable to: reentrancy

Matches the reentrancy predicate

27 historical peer events

SommelierOct 26, 2025Demo
$30.7M
Kyber NetworkMay 21, 2025Demo
$2.1M
DeribitApr 22, 2025Demo
$936K
Zora NetworkApr 10, 2025Demo
$4.7M
Stader LabsJan 15, 2025Demo
$16.1M
+ 22 more

Vulnerable to: phishing drainer

Matches the phishing drainer predicate

18 historical peer events

GoldfinchNov 21, 2025Demo
$1M
BitgetNov 17, 2025Demo
$739.9K
OrcaApr 12, 2025Demo
$180.8K
Ether.fiFeb 6, 2025Demo
$443.4K
Alchemy PayNov 8, 2024Demo
$334.2K
+ 13 more

Vulnerable to: flash loan governance

Matches the flash loan governance predicate

18 historical peer events

ThirdwebAug 23, 2025Demo
$33.2M
LayerZero Labs (physical verification context only)Dec 17, 2024Demo
$40.2M
First Digital USDAug 6, 2024Demo
$12.1M
Protocol-Native Treasury Agents (DAO-embedded)Feb 4, 2024Demo
$13.8M
F2PoolDec 15, 2023Demo
$3.5M
+ 13 more

Vulnerable to: ice phishing approval

Matches the ice phishing approval predicate

16 historical peer events

deBridgeAug 4, 2025Demo
$7.5M
EulerJun 5, 2025Demo
$87.9K
Bend DAOFeb 18, 2025Demo
$968.9K
Maple FinanceDec 1, 2024Demo
$1.4M
BlurAug 10, 2024Demo
$6.5M
+ 11 more

Vulnerable to: frontend dns hijack

Matches the frontend dns hijack predicate

12 historical peer events

Bridge.xyz / StripeJan 25, 2025Demo
$10.4M
UK FCA Digital SandboxJul 15, 2024Demo
$3.6M
Three SigmaJun 24, 2024Demo
$2.7M
CryptoQuantJun 24, 2024Demo
$517.3K
Celsius (defunct)Jun 2, 2024Demo
$22M
+ 7 more

Vulnerable to: rounding precision

Matches the rounding precision predicate

10 historical peer events

Frax EtherSep 8, 2025Demo
$51.2K
BNY Mellon DigitalMay 15, 2025Demo
$750K
RedStoneApr 17, 2025Demo
$63.2K
Bend DAONov 22, 2024Demo
$57.9K
Starknet BridgeJun 17, 2024Demo
$784.1K
+ 5 more

Vulnerable to: supply chain npm

Matches the supply chain npm predicate

10 historical peer events

Beefy FinanceFeb 19, 2025Demo
$176.2K
PowerledgerFeb 11, 2025Demo
$7.4M
UnichainDec 23, 2024Demo
$8.8M
MEXCSep 26, 2024Demo
$1M
Mango MarketsAug 6, 2024Demo
$915.6K
+ 5 more

Vulnerable to: dvn collapse

Matches the dvn collapse predicate

8 historical peer events

Blast, Blockdaemon Wallet +2Dec 2, 2025Demo
$93.6M
Fordefi, XSGDFeb 14, 2025Demo
$17M
Element Finance, QuantozJul 20, 2024Demo
$1.1M
Mercado Bitcoin, SwellJun 19, 2024Demo
$15.3M
Internet Computer (DFINITY), Mantle +1Jun 17, 2024Demo
$10.3M
+ 3 more

Vulnerable to: signature malleability

Matches the signature malleability predicate

8 historical peer events

Ether.fiJul 2, 2025Demo
$17.2M
Swell NetworkNov 1, 2024Demo
$1.2M
Immutable protocolOct 26, 2024Demo
$4M
The SandboxNov 23, 2023Demo
$3.9M
PancakeSwapSep 17, 2022Demo
$656.7K
+ 3 more

Vulnerable to: governance proposal malicious

Matches the governance proposal malicious predicate

5 historical peer events

Stripe CryptoOct 12, 2024Demo
$1.5M
Notional V3Oct 25, 2023Demo
$507.1K
Hong Kong Monetary Authority — Ethereum pilotsSep 12, 2022Demo
$18.9M
FalconXSep 11, 2022Demo
$4.8M
AvailJul 21, 2020Demo
$30.8M

Vulnerable to: mpc ceremony compromise

Matches the mpc ceremony compromise predicate

4 historical peer events

Protocol-Native Treasury Agents (DAO-embedded)May 3, 2024Demo
$58.8M
Coinbase CustodyAug 22, 2023Demo
$109M
Chronicle LabsFeb 26, 2023Demo
$50.5M
HegicApr 15, 2022Demo
$221.6M

Dependency Twins · Method A + B + C ensemble

Top 10 of 25 precomputed

Protocol-Native Treasury Agents (DAO-embedded)

AI Agents & Autonomous On-Chain Systems · medium

A · Jaccard0.13

C · Cosine0.85

kms_provider = fireblocks_mpc
frontend_host = vercel
subsector_tags = general_defi, consumer_app
method_b_root_causes = flash_loan_governance, mpc_ceremony_compromise

Radiant Capital

Lending, Money Markets & CDPs · medium

A · Jaccard0.30

C · Cosine0.84

frontend_host = vercel
subsector_tags = consumer_app, infra_tooling, general_defi
oracle_providers = Chainlink
chain_deployments = Ethereum

Euler

Lending, Money Markets & CDPs · low

A · Jaccard0.31

C · Cosine0.82

subsector_tags = general_defi, infra_tooling
oracle_providers = Chainlink
chain_deployments = Ethereum
method_b_root_causes = signature_malleability, ice_phishing_approval

Ether.fi

Liquid Staking & Restaking · high

A · Jaccard0.27

C · Cosine0.86

kms_provider = fireblocks_mpc
frontend_host = vercel
subsector_tags = infra_tooling, general_defi, consumer_app
oracle_providers = Chainlink

Immutable protocol

Stablecoin Issuers & Synthetic Dollars · medium

A · Jaccard0.32

C · Cosine0.81

subsector_tags = consumer_app, general_defi, infra_tooling
oracle_providers = Chainlink
chain_deployments = Ethereum
method_b_root_causes = signature_malleability

Lift Dollar (USDL)

Stablecoin Issuers & Synthetic Dollars · high

A · Jaccard0.31

C · Cosine0.80

subsector_tags = general_defi, consumer_app
oracle_providers = Chainlink
chain_deployments = Ethereum
method_b_root_causes = reentrancy, rounding_precision

Sanctum

Liquid Staking & Restaking · critical

A · Jaccard0.27

C · Cosine0.80

frontend_host = vercel
subsector_tags = general_defi, consumer_app
oracle_providers = Chainlink
method_b_root_causes = reentrancy

Kelp DAO

Liquid Staking & Restaking · high

A · Jaccard0.27

C · Cosine0.71

frontend_host = vercel
subsector_tags = general_defi, infra_tooling
oracle_providers = Chainlink
chain_deployments = Ethereum

Governed protocol (monetary policy–driven)

Stablecoin Issuers & Synthetic Dollars · medium

A · Jaccard0.36

C · Cosine0.88

frontend_host = vercel
subsector_tags = infra_tooling, general_defi, consumer_app
oracle_providers = Chainlink
chain_deployments = Ethereum

Aave

Lending, Money Markets & CDPs · medium

A · Jaccard0.36

C · Cosine0.80

frontend_host = vercel
subsector_tags = infra_tooling, consumer_app, general_defi
oracle_providers = Chainlink
chain_deployments = Ethereum