Orange Finance: Admin private key compromise → proxy upgrade → privileged drain of LP vault positions
Orange Finance's $843K drain opened 2025 because their "multi-sig" was configured to execute with a single signature — making it a single point of failure that cost users everything.
Summary #
Orange Finance suffered a Yield / Concentrated Liquidity Manager (Uniswap V3 / PancakeSwap / SushiSwap LP positions) on 2025-01-07, resulting in a loss of approximately $844K.
What happened #
Orange Finance's $843K drain opened 2025 because their "multi-sig" was configured to execute with a single signature — making it a single point of failure that cost users everything.
Linked factors #
- RD-F-004 — causal : Audit count likely 0; floor display [via dashboard_risk_factors/Vulnerability in audited or unaudited code: Unaudited]
- RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: Unknown]
- RD-F-027 — causal : ★ Single admin EOA (not multisig, not timelock) [via cross-hack: Factor 18: Single Admin Key With No On-Chain Delay] || ★ Single admin EOA — when ms threshold = 1 [via cross-hack: Factor 39: Multi-Sig Misconfigured as Single-Sig] || ★ Single admin EOA — when value mentions key compromise [via realtime_signals/Governance/admin action (Y/N): Y — proxy upgrade by compromised admin key was the attack itself]
- RD-F-028 — related : ★ Low-threshold multisig [via cross-hack: Factor 39: Multi-Sig Misconfigured as Single-Sig]
- RD-F-032 — related : Timelock duration on upgrades = 0 [via cross-hack: Factor 18: Single Admin Key With No On-Chain Delay]
- RD-F-101 — illustrative : Large governance proposal queued — RT signal would have fired [via realtime_signals/Governance/admin action (Y/N): Y — proxy upgrade by compromised admin key was the attack itself]
- RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Unknown — not disclosed]