Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.

Goldfinch

Lending, Money Markets & CDPsmedium·risk 0.4834·TVL $1.3M·blast $1.3M·active

website github twitter discord

Static profile (Identity / Contract / Dependency / Governance / Reputation)

Identity

Sector

Lending, Money Markets & CDPs

Subsector tags

consumer_app, general_defi, infra_toolingDemo

Chain deployments

Ethereum

Website

https://www.goldfinch.xyzDemo

Launch date

Oct 24, 2021

Immutable

noDemo

Permissionless

yesDemo

Contract

Primary address

0xdab396ccf3d84cf2d07c4454e10c8a6f5b008d2b

Proxy pattern

none

Upgrade authority

UNKNOWN

Multisig threshold

—

Compiler

0.8.13

Uses assembly

noDemo

Bug bounty

noneDemo

Contract addresses

0xdab396ccf3d84cf2d07c4454e10c8a6f5b008d2bDemo

Audits tier

0

Dependency

Oracle providers

—

Bridge dependencies

—

Stablecoin dependencies

—

LST / LRT deps

—Demo

DEX liquidity venues

balancerDemo

CEX listings

bybitDemo

Custodian

—Demo

KMS provider

unknownDemo

RPC provider

self_hostedDemo

Frontend host

cloudflare_pagesDemo

npm lockfile sha

sha256:79085e4bf51a188bec32f4f778056f707acdb79a7e34883529f1b667e9120617Demo

Governance

Governance type

delegatedDemo

Governance token

0x1f6b7ec50dd982f08358fa40af77fa14c59d3466Demo

Treasury size

$8.6KDemo

Team size

25Demo

Jurisdiction

GBDemo

Incorporated entity

Goldfinch DAO LLCDemo

Anonymous team

noDemo

Security disclosure

noDemo

IR SLA (hours)

—Demo

Reputation

GitHub

https://github.com/goldfinch/goldfinchDemo

Commit velocity (30d)

5Demo

Contributors

18Demo

Twitter

@goldfinchDemo

Discord

https://discord.gg/1ahvp44Demo

Last incident

Nov 21, 2025Demo

KYT screening

cleanDemo

Threat History

1 recorded incident

Nov 21, 2025phishing drainerhuman opunattributed_criminalDemo

$1M

On 2025-11-21, Goldfinch suffered a phishing drainer incident resulting in approximately $1,045,627 in losses. The exploit targeted the human_op layer. Attribution: unattributed_criminal. This is a demonstration entry — not a real incident.

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0040

View incident →

Peer Incidents · Method B

10 root-cause predicate matches

Vulnerable to: reentrancy

Matches the reentrancy predicate

28 historical peer events

SommelierOct 26, 2025Demo
$30.7M
Kyber NetworkMay 21, 2025Demo
$2.1M
DeribitApr 22, 2025Demo
$936K
Zora NetworkApr 10, 2025Demo
$4.7M
Stader LabsJan 15, 2025Demo
$16.1M
+ 23 more

Vulnerable to: phishing drainer

Matches the phishing drainer predicate

17 historical peer events

BitgetNov 17, 2025Demo
$739.9K
OrcaApr 12, 2025Demo
$180.8K
Ether.fiFeb 6, 2025Demo
$443.4K
Alchemy PayNov 8, 2024Demo
$334.2K
Curve FinanceOct 3, 2024Demo
$755.7K
+ 12 more

Vulnerable to: ice phishing approval

Matches the ice phishing approval predicate

16 historical peer events

deBridgeAug 4, 2025Demo
$7.5M
EulerJun 5, 2025Demo
$87.9K
Bend DAOFeb 18, 2025Demo
$968.9K
Maple FinanceDec 1, 2024Demo
$1.4M
BlurAug 10, 2024Demo
$6.5M
+ 11 more

Vulnerable to: frontend dns hijack

Matches the frontend dns hijack predicate

12 historical peer events

Bridge.xyz / StripeJan 25, 2025Demo
$10.4M
UK FCA Digital SandboxJul 15, 2024Demo
$3.6M
Three SigmaJun 24, 2024Demo
$2.7M
CryptoQuantJun 24, 2024Demo
$517.3K
Celsius (defunct)Jun 2, 2024Demo
$22M
+ 7 more

Vulnerable to: rounding precision

Matches the rounding precision predicate

10 historical peer events

Frax EtherSep 8, 2025Demo
$51.2K
BNY Mellon DigitalMay 15, 2025Demo
$750K
RedStoneApr 17, 2025Demo
$63.2K
Bend DAONov 22, 2024Demo
$57.9K
Starknet BridgeJun 17, 2024Demo
$784.1K
+ 5 more

Vulnerable to: supply chain npm

Matches the supply chain npm predicate

10 historical peer events

Beefy FinanceFeb 19, 2025Demo
$176.2K
PowerledgerFeb 11, 2025Demo
$7.4M
UnichainDec 23, 2024Demo
$8.8M
MEXCSep 26, 2024Demo
$1M
Mango MarketsAug 6, 2024Demo
$915.6K
+ 5 more

Vulnerable to: dvn collapse

Matches the dvn collapse predicate

8 historical peer events

Blast, Blockdaemon Wallet +2Dec 2, 2025Demo
$93.6M
Fordefi, XSGDFeb 14, 2025Demo
$17M
Element Finance, QuantozJul 20, 2024Demo
$1.1M
Mercado Bitcoin, SwellJun 19, 2024Demo
$15.3M
Internet Computer (DFINITY), Mantle +1Jun 17, 2024Demo
$10.3M
+ 3 more

Vulnerable to: signature malleability

Matches the signature malleability predicate

8 historical peer events

Ether.fiJul 2, 2025Demo
$17.2M
Swell NetworkNov 1, 2024Demo
$1.2M
Immutable protocolOct 26, 2024Demo
$4M
The SandboxNov 23, 2023Demo
$3.9M
PancakeSwapSep 17, 2022Demo
$656.7K
+ 3 more

Vulnerable to: governance proposal malicious

Matches the governance proposal malicious predicate

5 historical peer events

Stripe CryptoOct 12, 2024Demo
$1.5M
Notional V3Oct 25, 2023Demo
$507.1K
Hong Kong Monetary Authority — Ethereum pilotsSep 12, 2022Demo
$18.9M
FalconXSep 11, 2022Demo
$4.8M
AvailJul 21, 2020Demo
$30.8M

Vulnerable to: prompt injection agent

Matches the prompt injection agent predicate

4 historical peer events

LodestarJan 17, 2025Demo
$3.2M
Ether.fi CashJun 16, 2023Demo
$4.6M
HTX (Huobi)Jun 14, 2022Demo
$3.7M
SwellMay 26, 2022Demo
$403K

Dependency Twins · Method A + B + C ensemble

Top 10 of 25 precomputed

Unichain

Rollups, Data Availability & ZK Infra · high

A · Jaccard0.21

C · Cosine0.95

kms_provider = unknown
frontend_host = cloudflare_pages
subsector_tags = general_defi, consumer_app
chain_deployments = Ethereum

The Sandbox

Identity, NFTs, Gaming & Consumer Apps · low

A · Jaccard0.14

C · Cosine0.87

kms_provider = unknown
subsector_tags = consumer_app, general_defi, infra_tooling
chain_deployments = Ethereum
method_b_root_causes = signature_malleability, ice_phishing_approval

Lift Dollar (USDL)

Stablecoin Issuers & Synthetic Dollars · high

A · Jaccard0.17

C · Cosine0.83

kms_provider = unknown
subsector_tags = general_defi, consumer_app
chain_deployments = Ethereum
method_b_root_causes = reentrancy, rounding_precision

Immutable protocol

Stablecoin Issuers & Synthetic Dollars · medium

A · Jaccard0.18

C · Cosine0.81

kms_provider = unknown
subsector_tags = consumer_app, general_defi, infra_tooling
chain_deployments = Ethereum
method_b_root_causes = signature_malleability

Blur

Identity, NFTs, Gaming & Consumer Apps · high

A · Jaccard0.14

C · Cosine0.85

kms_provider = unknown
subsector_tags = infra_tooling, general_defi, consumer_app
chain_deployments = Ethereum
method_b_root_causes = reentrancy, ice_phishing_approval

BNY Mellon Digital

Institutional Custody & Prime Services · critical

A · Jaccard0.22

C · Cosine1.00

kms_provider = unknown
frontend_host = cloudflare_pages
subsector_tags = consumer_app, infra_tooling, general_defi
chain_deployments = Ethereum

API3

Oracles & Off-Chain Data Networks · medium

A · Jaccard0.21

C · Cosine0.95

kms_provider = unknown
frontend_host = cloudflare_pages
subsector_tags = general_defi, consumer_app
chain_deployments = Ethereum

Radiant Capital

Lending, Money Markets & CDPs · medium

A · Jaccard0.12

C · Cosine0.75

kms_provider = unknown
subsector_tags = consumer_app, infra_tooling, general_defi
chain_deployments = Ethereum
method_b_root_causes = reentrancy, ice_phishing_approval

Sanctum

Liquid Staking & Restaking · critical

A · Jaccard0.09

C · Cosine0.76

kms_provider = unknown
subsector_tags = general_defi, consumer_app
method_b_root_causes = reentrancy

Euler

Lending, Money Markets & CDPs · low

A · Jaccard0.11

C · Cosine0.73

subsector_tags = general_defi, infra_tooling
chain_deployments = Ethereum
method_b_root_causes = signature_malleability, ice_phishing_approval