TempleDAO Loses $2 Million in Latest Exploit

Funds were converted to ether and moved to a new wallet

by Bessie Liu /
article-image

Source: DALL·E

share

key takeaways

  • An estimated 1.1 million TEMPLE was sold off
  • The root cause of the exploit was insufficient access control to the migrateStake function, according to BlockSec

TempleDAO, a yield-farming DeFi protocol, has been exploited for around $2.34 million.

All funds exploited were converted to ether and then moved to a new wallet, where they now sit. 

The pseudonymous Doc Peppercorn, a contributor to TempleDAO, posted on its Discord group that a series of transactions through Stax Finance, a TempleDAO-affiliated dapp, led to the sell-off of an estimated 1.1 million TEMPLE, the primary token of the Temple Protocol.

“We are investigating what happened so we can bring you the full picture of how this occurred, what we did to resolve and any further remediation steps,” he wrote.

The root cause of the exploit was insufficient access control to a specific function in the Stax smart contract, according to security firm BlockSec.

Prior to the exploit, TempleDAO’s protocol’s total value locked was about $57 million, according to DeFiLlama. The exploit amounted to roughly 4% of the protocol’s assets. 

According to a recent report published by bug bounty and security services platform, Immunefi, DeFi protocols remain a key target for exploits in comparison to centralized finance — representing a total of 98.8% of losses in Q3 of 2022 — with the Nomad Bridge hack and the Wintermute exploit making up the majority of the losses.

The two most targeted chains were Binance’s BNB Chain, which was recently drained of over 2 million BNB, and Ethereum, according to the report.

At the time when the report was published, the BNB Chain had suffered from 16 individual attacks resulting in the loss of 28.6% of all losses across targeted chains, and Ethereum reported 13 incidents which represented 23.2% of total losses.

The exploiter’s address was originally funded from an address on the Binance Exchange, so it’s possible the exchange may have know-your-customer information on the culprit.

A Binance spokesperson did not immediately respond to a request for comment.

Stax Finance is exploring its options.

Loading Tweet..

Temple DAO said that its Core Vaults do not share code with Stax and are therefore unaffected.

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Research

by Research Team

news

article-image

The Breakdown

Friday charts: Crazy train investing

What if growth goes exponential while you’re hiding in gold and bitcoin?

by Byron Gilliam /
article-image

Forward Guidance NewsletterMarkets

Crypto stock outlooks fluctuate after GENIUS, ahead of Q2 reports

While Compass Point analysts downgrade its Circle price target, Jefferies initiates Galaxy coverage with ‘buy’ rating

by Ben Strack /
article-image

0xResearch NewsletterBusiness

ZK breakthroughs, onchain comebacks and stablecoin shakeups

Friday News potpourri: Here’s what’s shaping up across Bitcoin, Ethereum and beyond.

by Macauley Peterson /
article-image

Supply Shock

Bitcoin whales are waking up — it’s perfect clickbait

A little inside baseball about crypto news

by David Canellis /
article-image

Empire NewsletterMarkets

Animal spirits are ‘back in the market:’ Empire

Dragonfly’s Rob Hadick and Empire’s Jason Yanowitz talked about the market and what they’re watching

by Katherine Ross /
article-image

The Breakdown

Thursday links: Blockchain stocks, barroom compliance and NFT treasuries

For just $54, you, too, could send a memecoin 500% higher

by Byron Gilliam /