Euler Finance
Summary
Euler Finance is an Ethereum-based non-custodial lending protocol founded in 2020 by Michael Bentley (PhD, Oxford) that pioneered permissionless lending for long-tail ERC-20 assets. On March 13, 2023, the protocol suffered a ~$197 million flash loan exploit — the largest DeFi hack of 2023 — caused by a missing health check in the donateToReserves() function. In an unusual outcome, the attacker, who communicated under the alias 'Jacob,' returned approximately $240 million in assets (including ETH price appreciation) over three weeks following on-chain negotiations, enabling full user restitution. The protocol relaunched as Euler V2 in September 2024 with a modular architecture, 45+ security audits, and subsequently grew TVL to over $1.5 billion by early 2025.
Connected Entities
1 entities- + 10 more
Timeline(20 events)
2020-09-01
Euler Labs incorporated; development of permissionless DeFi lending protocol begins.
2021-08-25
Euler raises ~$8 million in Series A funding, with Paradigm as a lead investor.
2021-05-01
First audit engagements begin; Halborn, Solidified, and other firms begin reviewing Euler smart contracts.
2022-06-07
Euler raises $32 million Series B led by Haun Ventures; investors include FTX Ventures, Coinbase Ventures, Jump Crypto, and Jane Street.
2022-07-01
Whitehat researcher Kankodu reports 'first depositor' bug via Immunefi bug bounty; awarded $50,000. Euler deploys fix introducing donateToReserves() function.
2022-09-01
WatchPug audit of donateToReserves() function conducted; missing solvency check not identified. Vulnerable code deployed on mainnet.
2023-03-13
Flash loan exploit drains ~$197 million from Euler Finance across stETH, USDC, WBTC, and DAI. Euler pauses vulnerable module same day. Lazarus Group wallet interaction flagged by on-chain analysts.
2023-03-14
Euler offers $1 million bounty for information on attacker identity. On-chain ultimatum demands return of 90% of funds within 24 hours.
2023-03-18
Attacker returns first tranche: 3,000 ETH (~$5.3 million). On-chain negotiations continue.
2023-03-21
Lazarus Group operatives allegedly attempt phishing attack against the Euler exploiter's wallet; investigators treat this as a false flag, not evidence of affiliation.
2023-03-25
Attacker returns 51,000 ETH (~$90 million) in major tranche.
2023-03-28
Attacker returns additional 7,000 ETH and $10 million DAI. On-chain apology sent by exploiter using alias 'Jacob.'
2023-04-03
Final tranche of stolen funds returned. Total recovered: ~$240 million (exceeding original $197 million due to ETH price appreciation).
2023-04-12
Euler opens user redemptions, allowing affected depositors to claim recovered funds. No net user losses recorded.
2023-04-19
Seraphim Czecker, Head of Risk at Euler Labs, publicly resigns approximately one month after the hack.
2024-02-01
Euler V2 architecture publicly announced; development and security audit program underway.
2024-09-01
Euler V2 launches on Ethereum mainnet following 45 audit engagements across 13 firms, a $1.25M Cantina code competition, and a $3.5M CTF challenge. TVL begins rapid growth from ~$4.5 million.
2025-03-01
Euler V2 TVL surpasses $1 billion, exceeding the V1 historical peak of $323 million. EUL token rises ~70% in Q1 2025.
2026-01-12
Co-founder and CEO Michael Bentley announces step-down from CEO role; Jonathan Han named incoming CEO.
2026-04-19
KelpDAO bridge exploit ($292 million). Euler proactively freezes rsETH-collateralized lending markets to limit protocol exposure.
Decision Log
- hash: 7HhXRHU56n7HiFTDqkMCvCtL7ToAuPpSXR63ewg2aowP
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 5/30/2026, 6:25:09 PM
last updated: 5/30/2026, 6:25:14 PM
avoid.net — verified advice for a post-truth world