On September 2022, ShadowFi suffered a access control — the first of 77 documented access control incidents in our archive where the loss figure was not publicly disclosed but the exploit pattern is documented below.
Attack Mechanics: How the ShadowFi Access Control Played Out
Exploit Class Applied to ShadowFi
The ShadowFi incident on September 2, 2022 is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it. In the full archive, ShadowFi is 1 of 77 documented access control incidents.
ShadowFi in Context
The ShadowFi incident joins a class whose largest loss to date is Corkprotocol (2025) at $12M.
Prior Access Control Before ShadowFi
The nearest access control incident before ShadowFi was Reaper Farm, 32 days earlier on August 1, 2022 ($1.7M lost). The same exploit class surfaced again within the access control attack surface.
Impact & Recovery for ShadowFi
ShadowFi Loss Figure
The loss figure for ShadowFi is not publicly disclosed. The primary source reports the exploit in non-USD terms, so no USD estimate is published here. For reference, the average loss across 77 access control incidents in our archive is $636K.
Timeline Since the ShadowFi Incident
The ShadowFi exploit occurred 3.6 years ago (1,320 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for ShadowFi
Public post-mortem / on-chain analysis for the ShadowFi incident: view source.
FAQ
How much did ShadowFi lose?
The ShadowFi loss figure is not publicly disclosed. The primary source reports the exploit in non-USD token terms, so no USD estimate is published here.
When did the ShadowFi hack happen?
The ShadowFi exploit was recorded on September 2, 2022 — 1,320 days ago.
What type of exploit hit ShadowFi?
The ShadowFi incident is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it.
How common is the Access Control pattern seen at ShadowFi?
Our archive contains 77 documented access control incidents. The ShadowFi incident is one of them.
How does ShadowFi compare to the largest Access Control attack?
The largest access control incident in our archive is Corkprotocol (2025) at $12M. The ShadowFi loss was not publicly disclosed.
What is the significance of the 'Lachesis' consensus algorithm in Fantom's performance?
Lachesis enables faster consensus without the energy-intensive processes typical of PoW or round-based PoS schemes.
What is the main goal of cross-chain transaction technologies?
To promote the scalability of cryptocurrencies and facilitate the development of Metaverse applications.