Threat Intelligence
Guardrail's security research team tracks DeFi exploits and attack patterns. Here are highlights from recent years showing how real-time monitoring could have prevented major losses.
2025 Highlights
Cetus Protocol ($224M) — June 2025 A concentrated liquidity DEX on Sui exploited through price calculation manipulation. Attackers drained multiple pools by exploiting arithmetic in the swap logic. Guardrail's pool manipulation and balance anomaly guards detect this pattern by monitoring for abnormal price movements and liquidity changes within single transactions.
Silo Finance ($500K+) — June 2025 An unreleased leverage feature was exploited during testing. Even test deployments need monitoring—Guardrail's event and function guards would have detected unexpected interactions with the vulnerable contracts.
2024 Highlights
Radiant Capital ($50M) — October 2024 Not a code bug—compromised developer machines displayed fake transaction data to multisig signers. Guardrail's multisig threshold guard would have flagged the signing requirements, and admin event monitoring would have detected the ownership change before fund drainage.
Penpie ($27M) — September 2024 Reentrancy attack on the reward calculation logic. The attacker used fake Pendle market contracts to manipulate deposits mid-transaction. Guardrail's reentrancy guard and function sequence validation detect this pattern.
Ronin Bridge ($12M) — August 2024 A proxy upgrade without initialization allowed anyone to withdraw tokens. Guardrail's proxy uninitialized upgrade guard specifically detects when upgrades occur without accompanying initialization calls.
Attack Pattern Coverage
Reentrancy
Reentrancy Guard, Function Sequence Guard
Flash Loan Manipulation
Flash Loan Guard, Pool Manipulation Guard
Oracle Attacks
Price Deviation Guard, Oracle Health Guard
Governance Exploits
Multisig Threshold, Admin Event Guards
Uninitialized Proxies
Proxy Upgrade Guard
Private Key Compromise
Balance Drop Guard, Admin Change Detection
Last updated