Share this article
Safemoon LP Exploited for $8.9M; SFM Tokens Remain ‘Safe,' CEO Says
A publicly available token burn function in the contract allowed attackers to manipulate the protocol, some said.
Updated Mar 29, 2023, 2:45 p.m. Published Mar 29, 2023, 5:58 a.m.
The Safemoon token liquidity pool (LP) was drained of nearly $9 million worth of tokens on Wednesday after attackers manipulated a faulty feature on its smart contracts.
Blockchain data shows several tokens were exchanged in the wee hours on Wednesday in a single transaction, with the attacker ultimately stealing billions of Safemoon’s SFM tokens locked on an LP.
STORY CONTINUES BELOW
A liquidity pool is a basket of tokens locked in a smart contract. Liquidity pools are used to facilitate decentralized trading, lending, and borrowing between users without relying on third parties.
Safemoon’s SFM tokens fell over 40% in early Asian hours before slightly recovering at writing time.
Safemoon is a decentralized finance (DeFi) token that has four functions that take place during each trade: fee reflection, LP acquisition, token burn and growth fund – with these factors contributing to making safemoon one of the biggest gainers in the 2021 bull market.
Safemoon developers said Wednesday their liquidity pool had been compromised. “We want to inform you that our LP has been compromised. We are taking swift action in an attempt to resolve the issue as soon as possible,” developers tweeted.
Safemoon CEO John Karony said in a followup tweet the exploit was related to a single LP on BNB Chain.
“I want to make clear that our DEX is safe. This ultimately affected the SFM:BNB LP pool,” Karony said. “We have located the suspected exploit, patched the vulnerability, and are engaging a chain forensics consultant to determine the precise nature and extent of the exploit.”
To our valued community,
— John Karony (@CptHodl) March 29, 2023
As you may be aware, on Tuesday 28 March, SafeMoon’s Liquidity Pool was compromised. We have taken swift action to resolve the situation and protect our community. I want to make clear that our DEX is safe. This ultimately affected the SFM:BNB LP pool.…
Some developers pointed to a faulty burn feature on Safemoon’s smart contracts as a key reason behind the exploit.
“The attacker took advantage of the public burn function, this function let any user burn tokens from ANY other address (code attached),” Dappd CEO DeFi Mark posted on Twitter.
“The attacker used this function to remove SFM tokens from the Safemoon-WBNB Liquidity Pool, artificially raising the price of SFM,” DeFi Mark noted, adding this was an “extremely elementary exploit that many contracts in the space have been falling victim to.”
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
The Protocol: Stripe’s Tempo Testnet Goes Live
Also: ZKSync Lite to Sunset, Blockstream App Update, Axelar’s AgentFlux
What to know:
This article is featured in the latest issue of The Protocol, our weekly newsletter exploring the tech behind crypto, one block at a time. Sign up here to get it in your inbox every Wednesday.
Top Stories
