Share this article
Safemoon LP Exploited for $8.9M; SFM Tokens Remain ‘Safe,' CEO Says
A publicly available token burn function in the contract allowed attackers to manipulate the protocol, some said.
Updated Mar 29, 2023, 2:45 p.m. Published Mar 29, 2023, 5:58 a.m.
The Safemoon token liquidity pool (LP) was drained of nearly $9 million worth of tokens on Wednesday after attackers manipulated a faulty feature on its smart contracts.
Blockchain data shows several tokens were exchanged in the wee hours on Wednesday in a single transaction, with the attacker ultimately stealing billions of Safemoon’s SFM tokens locked on an LP.
STORY CONTINUES BELOW
A liquidity pool is a basket of tokens locked in a smart contract. Liquidity pools are used to facilitate decentralized trading, lending, and borrowing between users without relying on third parties.
Safemoon’s SFM tokens fell over 40% in early Asian hours before slightly recovering at writing time.
Safemoon is a decentralized finance (DeFi) token that has four functions that take place during each trade: fee reflection, LP acquisition, token burn and growth fund – with these factors contributing to making safemoon one of the biggest gainers in the 2021 bull market.
Safemoon developers said Wednesday their liquidity pool had been compromised. “We want to inform you that our LP has been compromised. We are taking swift action in an attempt to resolve the issue as soon as possible,” developers tweeted.
Safemoon CEO John Karony said in a followup tweet the exploit was related to a single LP on BNB Chain.
“I want to make clear that our DEX is safe. This ultimately affected the SFM:BNB LP pool,” Karony said. “We have located the suspected exploit, patched the vulnerability, and are engaging a chain forensics consultant to determine the precise nature and extent of the exploit.”
To our valued community,
— John Karony (@CptHodl) March 29, 2023
As you may be aware, on Tuesday 28 March, SafeMoon’s Liquidity Pool was compromised. We have taken swift action to resolve the situation and protect our community. I want to make clear that our DEX is safe. This ultimately affected the SFM:BNB LP pool.…
Some developers pointed to a faulty burn feature on Safemoon’s smart contracts as a key reason behind the exploit.
“The attacker took advantage of the public burn function, this function let any user burn tokens from ANY other address (code attached),” Dappd CEO DeFi Mark posted on Twitter.
“The attacker used this function to remove SFM tokens from the Safemoon-WBNB Liquidity Pool, artificially raising the price of SFM,” DeFi Mark noted, adding this was an “extremely elementary exploit that many contracts in the space have been falling victim to.”
More For You
L1 tokens broadly underperformed in 2025 despite a backdrop of regulatory and institutional wins. Explore the key trends defining ten major blockchains below.
What to know:
2025 was defined by a stark divergence: structural progress collided with stagnant price action. Institutional milestones were reached and TVL increased across most major ecosystems, yet the majority of large-cap Layer-1 tokens finished the year with negative or flat returns.
This report analyzes the structural decoupling between network usage and token performance. We examine 10 major blockchain ecosystems, exploring protocol versus application revenues, key ecosystem narratives, mechanics driving institutional adoption, and the trends to watch as we head into 2026.
More For You
Ethereum’s ‘Glamsterdam’ upgrade aims to fix MEV fairness
The full scope of Glamsterdam has not yet been finalized, but developers are targeting it to go live in 2026.
What to know:
- Ethereum developers, fresh off last month’s successful Fusaka upgrade, which cut down costs for nodes, are already moving full-steam ahead on planning the blockchain’s next major change.
- Glamsterdam is a two simultaneous upgrades taking place on Ethereum’s two core layers.
- At the heart of the upgrade is ePBS and Block-level Access Lists.
- Developers haven't decided on the full scope of the upgrade but are targeting it for 2026.
Top Stories
