Dear Pike Community and Users,

It has been an extremely volatile and emotional time for all of us in the past week. We want to share our thoughts and provide clarity on what has happened, where we are now, and what our path forward looks like.

Despite what we’ve gone through, this is a tough but temporary setback. This is also a valuable lesson for us as we equip ourselves to face bigger challenges and create greater positive impact for DeFi as a whole.

We have been building Pike for almost 2 years and our team has been trying relentlessly over the last 6 years. We are 100% committed to our vision: enabling a native multichain DeFi experience.

The Vulnerabilities:

We were hit by 2 attacks, a few days apart - with the first taking place on April 26th, and the second occurring on April 30th.To read in detail what occurred, check out the following blogpost for the first vulnerability here:

You can also check out a breakdown of the second attack here:

We will update this post with a Post-Morten report on the second exploit related to the storage layout shortly.

A Crossroads:

We are now left with two options - 1. Accept defeat, or 2. Be antifragile, learn from our mistakes  and translate this into a positive opportunity to build something meaningful and successful.

We decided to pick Option 2.

We’ve come so far, and we have so much further to go and we’re committed to make Pike a success by any means necessary. Throughout this incident we were able to see who our true supporters are and their genuine intention. Accepting defeat means we are abandoning their trust and support.

For our Presale Participants - we decided to go down this route to give the community a chance to get in at the ground floor, before any institutional investors. While this of course means the potential for upside, it also means that investors have to go through the innate turbulence associated with building a startup - whether it be Web3 or otherwise.

We strongly believe the best outcome for our investors is that we commit to continue building Pike and ensure it’s a success. Exploits in DeFi are painful and have impacted many teams and not many teams have been able to fully recover from them. However, we believe we have a great chance to  achieve this feat given your support and our commitment.

Making Users Whole:

As it now stands, the Pike Beta is effectively sunset. We have no plans to re-enable functionality within the protocol in its current state.

In the coming days, we will disclose a full list of wallet addresses with active supply and borrow positions prior to the protocol halt as of April 26 08:35 PM UTC. Addresses with a supply position will have a credit balance, and addresses with a borrow position will have a debit balance. We will calculate the Net Balance [Total Value of Supply - Total Value of Borrow] and assess whether liquidation levels have been triggered using asset prices as of April 26 08:35 PM UTC. Addresses with a positive net balance after accounting for liquidation checks will be restituted in full directly to their wallets ($OP via Optimism, $ARB via Arbitrum, $ETH and $USDC via Base).

How the restitution mechanism will work :

• The Community Treasury allocation of $P has been set aside for various usages, however one of these is of course, as an insurance fund.

• As a result, we will be using 4% of the total supply of $P (from the Community Treasury  allocation) as collateral to borrow the necessary stablecoin funds from the team treasury (around $2M USD across both exploits).

• These will then be used to purchase the relevant assets on the open market and reimburse users for what they had within Pike prior to the exploit.

• As the protocol generates revenue and launches the $P token, this loan will then be paid back accordingly - transferring the $P tokens used as collateral to the Foundation Treasury.

• Once the debt is repaid, the $P will be released back to Insurance pool

What’s Next:

1. Continue with investigation and legal measures to trace stolen funds and hackers

2. Setup insurance pool

3. Execute on restitution plan for Pike users

4. Deep dive into the root cause of exploit

5. Enhance overall internal development practice and QA processes

6. Enhance security practices by onboarding additional security partners

Afterwards, we’ll continue development of Pike V2 (also known as Pike Based) which will incorporate everything we’ve learned both from a product, and a security perspective.

Thank you for everyone’s support, both positive and negative - we appreciate it regardless.