Skip to main content
Sign in

Seneca Protocol

avoid.net/seneca-protocol28/100·82% conf.
[AI-DRAFTED · AWAITING VERIFICATION]
anchored·3jkhxf…MvTH

Summary

Seneca Protocol is an omnichain CDP (collateralized debt position) protocol deployed on Ethereum mainnet and Arbitrum that allowed users to borrow a stablecoin (senUSD) against yield-bearing collateral assets. On February 28, 2024, a critical arbitrary external-call vulnerability in the protocol's Chamber contract was exploited, resulting in approximately $6.4 million in user funds being drained. Roughly 80% of stolen funds were returned after an on-chain negotiation, but a net loss of approximately $1.28 million remained, and evidence surfaced that the vulnerability had been reported to the team prior to launch.

Connected Entities

1 entities · 10 linked investigations
Protocols
Seneca Protocol
Relationships
    Also appears in
    Gamma Strategies·28Bunni Protocol·28BitGrail·2Lulo·68Thorchain DEX·14Crossmint·78Access Protocol·47Orca·85KuCoin Exchange Hack·32Zircon Gamma·32
    Have evidence about Seneca Protocol?

    Timeline(8 events)

    2023-11-01

    Seneca Protocol abandoned a competitive audit contest on Sherlock approximately five days before its planned launch, with the team reportedly describing the code as 'battle-tested.'

    Rekt News

    2023-11-01

    X user 'cawfree' allegedly warned Seneca of the exact performOperations vulnerability and was subsequently blocked by the team. Security researcher Daniel Von Fange also allegedly identified the bug and was removed from the project's Discord.

    Protos

    2023-11-08

    Seneca Protocol launched on Arbitrum, partnering with CamelotDEX to seed primary liquidity pools.

    Seneca (@SenecaUSD) on X

    2024-02-28

    Attacker (funded via FixedFloat approximately five months prior) exploited the Chamber contract's performOperations function, draining approximately $6.4 million (1,900+ ETH) from users across Ethereum mainnet and Arbitrum using crafted transferFrom calls.

    The Block

    2024-02-28

    PeckShield Inc. publicly flagged the attack on-chain. Seneca team confirmed the exploit and instructed users via @SenecaUSD to revoke approvals for affected Chamber contract addresses on Ethereum and Arbitrum.

    Seneca on X

    2024-02-29

    Seneca published an on-chain message offering the attacker a 20% bounty (~$1.28M) to return 80% of stolen funds and indicating legal action would not be pursued if funds were returned.

    CryptoPotato

    2024-02-29

    Attacker returned approximately 1,537 ETH (~$5.3 million) to Seneca's Gnosis Safe address, retaining approximately 300 ETH (~$1.04 million) as bounty across two new addresses.

    CoinTelegraph

    2024-03-01

    Seneca published an official post-mortem on Mirror, apologizing to the community, confirming 80% fund recovery, and committing to a user reimbursement plan and protocol security improvements.

    Seneca Exploit — Post Mortem (Mirror)
    Provenance & Audit Trail
    Anchored on SolanaVerify on-chain

    Decision Log

    This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.

    full audit log →version history →

    model: claude-sonnet-4-6

    generated: 6/1/2026, 5:49:11 PM

    last updated: 6/1/2026, 5:49:15 PM

    avoid.net — verified advice for a post-truth world