On October 2020, Harvest Finance was exploited in a flash loan attack, resulting in approximately $33 in losses. That makes the Harvest Finance exploit the 455th largest DeFi incident out of 690 documented in our archive.
Attack Mechanics: How the Harvest Finance Flash Loan Attack Played Out
Exploit Class Applied to Harvest Finance
The Harvest Finance incident on October 26, 2020 is classified as a Flash Loan Attack. Attackers borrow huge amounts via uncollateralised single-transaction loans and manipulate protocol state before repaying in the same block. In the full archive, Harvest Finance is 1 of 27 documented flash loan attack incidents.
Harvest Finance in Context
At $33, the Harvest Finance exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — PolterFinance (2024) at $7M.
Harvest Finance Vulnerability Signature
The primary source categorises the Harvest Finance exploit specifically as “Flashloan Attack”. This narrower label is entity-specific: it reflects how the Harvest Finance contract failed, rather than the broad flash loan attack pattern alone.
Impact & Recovery for Harvest Finance
Harvest Finance Loss Figure
The Harvest Finance exploit caused $33 in losses — a minor (<$1M) incident and the 3rd largest of 9 documented in 2020.
Where Harvest Finance Sits Among Flash Loan Attack Attacks
Ranked by loss size, Harvest Finance is the 17th largest of 27 flash loan attack incidents documented. That puts the Harvest Finance loss below the class average of $577.3K.
Timeline Since the Harvest Finance Incident
The Harvest Finance exploit occurred 5.5 years ago (1,996 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for Harvest Finance
Public post-mortem / on-chain analysis for the Harvest Finance incident: view source.
FAQ
How much did Harvest Finance lose?
The Harvest Finance exploit in October 2020 resulted in $33 in losses — the 3rd largest of 9 DeFi incidents that year.
When did the Harvest Finance hack happen?
The Harvest Finance exploit was recorded on October 26, 2020 — 1,996 days ago.
What type of exploit hit Harvest Finance?
The Harvest Finance incident is classified as a Flash Loan Attack. Attackers borrow huge amounts via uncollateralised single-transaction loans and manipulate protocol state before repaying in the same block.
How common is the Flash Loan Attack pattern seen at Harvest Finance?
Our archive contains 27 documented flash loan attack incidents. The Harvest Finance incident is one of them.
How does Harvest Finance compare to the largest Flash Loan Attack attack?
The largest flash loan attack incident in our archive is PolterFinance (2024) at $7M. The Harvest Finance loss is $33.
What was a notable finding regarding the relationship between Bitcoin volatility and global economic activity?
Bitcoin volatility increases with higher levels of global economic activity, showing a pro-cyclical behavior.
How are data sharing permissions managed in the BBDSPP scheme?
Permissions are managed through a combination of weighted attributes and threshold secret sharing, allowing for granular access control.