Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

kms misconfigurationDemo

Aug 19, 2022 · $2.7M · infrastructure

Narrative

On 2022-08-19, Arcade suffered a kms misconfiguration incident resulting in approximately $2,679,908 in losses. The exploit targeted the infrastructure layer. Attribution: unknown. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
kms_misconfiguration
Secondary causes
private_key_leak
Attack layer
infrastructure
Strategy
human_exploit
Actor role
target
Attribution
unknown
Attacker address
0x003c8ae0da9dd7f03f4d055737fbadf7eb3bd7ba
Flash loan
no
Audited at time
no
Bounty at time
no

AADAPT mappings

DEMO:AADAPT.TA0006DEMO:AADAPT.TA0005DEMO:AADAPT.T1552.005

Evidence

Disclosure date
Aug 21, 2022
Funds recovered
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/arcade/post-mortem-arcade-2022-08-19
  • https://rekt.news/arcade-rekt
  • https://blog.arcade.xyz/incident-report
tx hashes (2)
  • 0x3aa405aa8474fbbc67cd1fb4b51bb3a5381ecb511c04ae86bd0bfe7719d53616
  • 0x9491470e1ec064c26f46c1ad4a6ed1c89f431d12f83cb210bb0f3e4df1fd33ac