
Revisiting the Penpie Protocol Mechanism: The Impact of the Theft Should Not Be Overstated
TechFlow Selected TechFlow Selected

Revisiting the Penpie Protocol Mechanism: The Impact of the Theft Should Not Be Overstated
From a mechanistic analysis, the protocol fundamentals remain healthy.
By Alex Liu, Foresight News
Security Incident

On September 4, Penpie, a DeFi protocol built on Pendle, was hacked, resulting in the theft of approximately $27 million worth of crypto assets, including various staked ETH tokens, sUSDE from Ethena, and wrapped USDC stablecoins. According to Certik, this marks the largest reentrancy attack in 2024 and ranks as the third-largest such incident since January 2021, following Grim Finance (approximately $40 million in December 2021) and the Vyper vulnerability event (around $52 million in July 2023).
Despite Penpie’s public offer to the hacker—negotiating a bounty and promising no legal action if funds were returned—by September 8, the attacker had deposited the final 1,661 ETH (worth about $3.77 million) into Tornado Cash. This indicates that all $27 million stolen from Penpie (converted into 11,261 ETH) has now been fully transferred via Tornado Cash, leaving virtually no possibility of voluntary asset recovery.
Many had never heard of Penpie until it was hacked... In reality, with TVL (total value locked) surpassing $100 million long before the incident, Penpie was the first successful example of the subDAO model within the Magpie ecosystem, laying the foundation for later well-known subDAOs like Eigenpie.

The Magpie ecosystem map, with total TVL exceeding $1 billion
What does the Penpie protocol do? And does it still hold competitive potential after the security breach? Let's take a closer look.
Protocol Mechanics
Penpie is a protocol built atop Pendle. Here we won't dive deeply into Pendle’s mechanisms but instead provide a simplified overview to clarify the relationship between Pendle and Penpie.
There are three primary ways to participate in Pendle:
-
Holding PT (Principal Tokens) to earn fixed yield.
-
Holding YT (Yield Tokens) to speculate on variable returns.
-
Acting as a liquidity provider (LP), supplying SY-PT token pair liquidity. (SY: wrapped form of the underlying asset, where SY = PT + YT)
YT and PT attract users with different risk appetites, helping protocols integrated with Pendle increase their TVL. To sustain high TVL growth, sufficient SY-PT liquidity is required to enable low-slippage creation of new PT and YT tokens. To incentivize LPs, Pendle offers PENDLE token rewards.
Moreover, LPs who hold sufficient vePENDLE (obtained by locking 1 PENDLE for 4 years to get 1 vePENDLE; 2 years yields 0.5 vePENDLE, etc.) can boost their PENDLE rewards by up to 2.5x.
What if one doesn’t own PENDLE but still wants higher LP yields? Users can deposit their LP tokens into liquid lockers or yield boosters such as Penpie or StakeDAO. These platforms have locked substantial amounts of PENDLE and thus hold large quantities of vePENDLE, enabling them to amplify LP yields, take a cut of generated returns, and earn external third-party bribes.
In short, Penpie helps liquidity providers (LPs) on Pendle increase their yields without requiring them to lock up PENDLE tokens.
Penpie’s Position
From the above analysis, it's clear that the sole factor affecting Penpie’s fundamentals is the amount of vePENDLE it controls. The more vePENDLE it holds, the more LPs (and larger positions) it can support with boosted yields, thereby driving its own TVL growth and revenue.
So, does Penpie still remain competitive after the security incident? The answer is undoubtedly — yes.
Penpie did not lose any of its held vePENDLE during the hack and remains the largest holder of PENDLE tokens. The quantity of vePENDLE it holds (over 12 million, representing 37.59%) still exceeds the combined holdings of its competitors Equilibria and StakeDAO.

vePENDLE share held by Penpie, data source: defiwars.xyz
From a purely functional standpoint, Penpie could even deliver superior yields for the remaining assets (over $100 million in Pendle LP tokens) in the protocol.
However, user confidence must be rebuilt, and affected users who lost assets require a clear resolution plan from the protocol.
What Lies Ahead
For Penpie, the preservation of its core competitive advantage—the golden goose, vePENDLE—is indeed a stroke of luck amid misfortune. However, it now needs to stabilize operations and present fair solutions to users who suffered losses. Potential remedies include issuing compensation bonds or recovery tokens. This will likely require PNP token holders to sacrifice some benefits, prioritizing redistribution of protocol revenues to compensate affected users.
PNP may struggle to see strong price performance in the short term, but once Penpie resumes full functionality with updated, more secure code, it remains fundamentally sound and a genuinely useful DeFi protocol.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News













