Starstream / Agora Incident

TL:DR

On 07 April 2022, the Starstream Treasury was exploited leading to a loss of 532 million STARS. The attacker then deposited the stolen STARS tokens to Agora DeFi's lending contracts and borrowed multiple assets including METIS, WETH and MUSDC. The total protocol loss was ~$15,000,000.

Event Summary

Starstream is a suite of products for providing yield aggregation and yield generation on the Metis L2 rollup. The protocol is maintained by various developers and is governed by STARS holders.

On 07 April 2022, an attacker took advantage of an external function in the Starstream contract. An external function is able to be executed by any user. The external function execute() in the Starstream ‘Distributortreasury’ contract allowed the attacker to transfer STARS tokens from the Starstream treasury to the attacker’s account. The attacker then deposited the stolen STARS tokens into Agora DeFi’s lending contracts and borrowed assets including METIS, WETH and MUSDC. The attacker then used an Exchange Proxy to move the funds to the Ethereum blockchain before sending funds to Tornado Cash. In total the attacker sent 900 ETH to Tornado cash. A day later the attacker bridged 120 ETH back to the METIS network via the Metis Andromeda Bridge.

On 9 June 2022 Starstream announced via Twitter that they were winding down, stating that due to low usage of the protocol and the current market climate, the project was no longer viable.

“Starstream is winding down: All remaining treasury funds will be distributed to veSTARS holders and used for buybacks. veHERMES NFT will be merged with MaiaDAO and StarHermes will receive a 1:1 representation of the NFT via an airdrop.”

Attack Flow

The root cause of this exploit is the Starstream Treasury contract's owner Distributor Treasury contract has an ‘external’ execute() function, which has a low-level call in the implementation. The ‘DistributorTreasury' is designed to distribute STARS in ‘StarstreamTreasury’. The attacker used this function to generate withdraw messages and withdraw STARS from 'StarstreamTreasury’.

bc757902-297f-42b5-bab0-fa182421a907

function execute() has the ‘external’ property which allows external users to call it.

Profit and Asset tracing

Using SkyTrace we can see the transfer of funds from the Exchange Proxy to Tornado cash.

bdc6688f-8f04-4004-a47c-4c9c313b0a1c

Could the issue be identified during an audit?

Part of the auditing process of a smart contract is checking functions that have an 'external' flag legitimately need to have external access. As such the execute() function in Distributor Treasury contract would be detected and investigated further.

Related Blogs

Reports ·Incident Analysis

Resolv Protocol Incident Analysis

On 22 March 2026, the Revolv protocol was exploited, resulting in a loss of ~$26.8M due to a compromise of the project's cloud infrastructure which gave access to Resolv’s AWS Key Management Service (KMS).

Mar 23, 2026

Reports ·Incident Analysis

Movie Token Incident Analysis

On 10 March 2026, the Movie Token (MT) contract was exploited for approximately $242,000 due to a critical flaw in its 'sell' logic. The vulnerability stemmed from a double-counting error: when a user sold MT tokens, the contract simultaneously transferred them to the liquidity pair for the swap and added that same balance to a pendingBurnAmount variable. When distributeDailyRewards() subsequently burned those pending tokens, it created an artificial supply shock, inflating the MT price and allowing the attacker to drain value from the pool.

Mar 19, 2026

Reports ·Incident Analysis

SOF/LAXO Incident Analysis

In February 2026 two separate exploits occurred on the BNB Smart Chain (BSC), affecting SOF and LAXO tokens, leveraging the same class of vulnerability: a flawed token burn mechanism that allowed price manipulation within a single transaction.

Feb 26, 2026