Your First 90 DaysAcademy
Act III · The Judgment · Week 10 · Checkpoint 19

Why Protocols Get Hacked

By the end of this you will understand in plain language how protocols actually lose money, what an audit can and cannot promise, and how to read a project's security posture instead of trusting a badge.

11 steps~23 min3 nodes for your map
01 · The pool was empty by morning

Picture a person who did everything right. They read about a protocol, deposited their funds into its pool, and went to sleep. By morning the pool was empty. Nothing they did caused it. The contract had simply done something its builders never intended.

Here is the honest place to start: this happens to audited protocols too. So this lesson is not about spotting obviously sloppy code. It is about understanding how careful systems still lose money, and what the word audited really buys you.

02 · The vault was perfect, the side door was not

Most people imagine a hack as someone cracking the cryptography, beating the math by force. That almost never happens. The math, the part that secures the whole chain, holds.

What gets exploited is the logic. The code runs exactly as written, but in some rare arrangement of conditions it does something the builders never meant. The vault door was solid steel. The attacker found a side door nobody knew was in the blueprint.

03 · Three doors, named in plain language

You do not need to read code to understand the common shapes. Most hacks fall into a small number of patterns, and three of them cover an enormous amount of the damage you will ever hear about.

Tap each station on the board. We will name the trick, then walk it slowly in the next steps.

0 of 3 hack shapes revealed
04 · The re-entry trick: the teller interrupted

Take the first door slowly. Imagine a bank teller with one bad habit: when you withdraw, they hand you the cash first and only then write the new balance in the ledger. In that tiny gap, before the pen moves, you ask to withdraw again. The ledger still shows your old, full balance, so they pay you again.

A contract can have the exact same flaw. It sends money out before it updates its own memory, and the attacker uses that gap to call back in and drain far more than they own. This is the re-entry trick, and its most famous appearance was The DAO in 2016, an early Ethereum project drained through precisely this interrupted-teller flaw.

05 · The manipulated thermometer pays off

The second door is the one checkpoint 15 set up for you. A contract has no senses. To know the price of an asset, it reads a feed, a thermometer that reports an outside number onto the chain. The machine has no gut instinct to doubt that number.

So the attacker does not break the contract. They briefly bend the reading the thermometer is watching, make the feed report a price that is wildly wrong for a moment, and the contract acts on it with perfect confidence: lending too much, selling too cheap, paying out on a lie. The math was flawless. The trust in one unchecked number was the door.

06 · The bridge pot: the richest target

The third door is less a single trick and more a place attackers concentrate. Bridges, the cross-chain crossings you met in checkpoint 14, lock real funds on one side so a stand-in can exist on the other. That makes them the largest single pots of money in the entire space.

They also run some of the most complex code anywhere, because moving value safely between two separate chains is genuinely hard. Largest reward plus highest complexity is exactly the combination an attacker hunts for. It is why, as you learned, the biggest single hacks on record have been bridge hacks. The size of the prize pulls the most effort toward the hardest code.

07 · Composability: the blast radius

Now the part that makes a single flaw frightening. Back in checkpoint 12 you saw that contracts plug into each other, one calling another calling another, with no human stitching them together. That composability is the quiet superpower of this whole world.

It has a shadow. When a contract everyone builds on has a flaw, the flaw does not stay put. It travels into every other contract that trusts it. A bug in one widely used piece becomes a bug in everything that plugged into it. That is the blast radius, and it is why the stakes here are higher than in ordinary software: nobody owns the whole chain of trust.

A widely used contract that dozens of protocols build on turns out to have a flaw. Who is exposed?
08 · What an audit is, and is not

So where does a security firm fit into all this? An audit is a serious, adversarial reading of a contract before it ships: experts spending their days trying to break it on paper, exactly as checkpoint 12 described, so it does not break later with real money on it. Done well, it finds real flaws and removes them.

But here is the part the marketing leaves out, and we will not. An audit reduces risk. It never guarantees safety. Reviewers are human, code is complex, and an attacker only needs one missed door. A good audit makes you much safer. It cannot make you certain. Anyone selling you certainty is selling, not auditing.

09 · The badge versus the report

This is the single most useful habit in the lesson. The word audited on a landing page tells you almost nothing. It is a badge, and a badge can be printed by anyone.

A real audit produces a published report you can open and read. It names who did the review, states the scope, exactly which contracts were checked, lists what they found, and crucially says whether each issue was fixed. A finding that was reported but never resolved is still a live door. When a team waves the badge but cannot point you to the report, that gap is itself the signal.

Two projects both say "audited" on the homepage. One links a full report by a named firm with fixes confirmed. One links nothing. What is the honest read?
10 · Defense in depth, not a single badge

Because no audit can promise safety, serious teams do not rely on one thing. They stack layers. Audits catch flaws before launch. Bug bounties pay outside researchers to report a flaw rather than exploit it. Monitoring watches the live system for trouble. Timelocks force a delay on big changes so users can see a risky move coming and step away in time.

This is defense in depth, and it is the right thing to look for. Not a single proud badge, but a posture: several honest layers, each covering for the others when one inevitably misses. A team that talks openly about all four is showing you how it thinks. A team with only a sticker is showing you that too.

Limit test
Your friend has a simple rule: "No audit means scam. Has an audit means safe." Where does the rule break?
11 · From how it breaks to how you judge

So here is what you can now do. You know hacks are almost never broken math, they are logic, a side door nobody modeled. You can name three plain shapes: the re-entry trick that drained The DAO in 2016, the manipulated thermometer that feeds a blind contract a fake price, and the bridge pot that pulls attackers toward the richest, most complex code. You understand the blast radius of composability, and you know an audit is risk reduction, never a guarantee.

Most of all, you can tell a printed badge from a report you can open and read, and you know to look for the whole posture: audits, bounties, monitoring, timelocks, and an honest team behind them.

That is how protocols break and how you read their defenses. Next we turn it into a habit you can run on any project in ten minutes: team, token, traction, trust. How to evaluate a project, the method DYOR always promised and never gave you.

your balance2,400
BANK_DBowner: the bank
you2,400
what the app is actually showing you
BANK_DBowner: the bank
you2,400their pen
you hold a claim. they hold the pen.
your digital life
BANK · you2,400the bank ✍
INSTAGRAM · you2.1M followersMeta ✍
STEAM · you134 gamesValve ✍
AIRLINE · you58,200 milesthe airline ✍
four tables. zero pens that are yours.
BANK_DBowner: the bank
you2,400
DENIED
try both pens
PLATFORM_DBowner: the platform
her · 8 years2,000,000 followers
one automated decision away
BANK_DB · you · 2,400intentcompetencecontinuity
your row stands on all three
FTX_DBowner: FTX
you5 BTC
the backing vault●●●●●
the row stayed. the backing did not.
CARD_DBowner: your bank ✍
TV you never bought−1,100
fraud reversal+1,100
someone holds the pen, so someone can fix it
?_DBowner: nobody
youstill yours?
?
can a table exist that nobody owns?
?
?_DBowner: ̶n̶o̶b̶o̶d̶y̶
you100
no owner, no pen, no trust?
keeper 1
you100
keeper 2
you100
keeper 3
you100
keeper 4
you100
keeper 5
you100
no THE copy, only copies.
keeper 2
you100
keeper 3
you100
keeper 4
you100
keeper 5
you100
your copy
you100
five copies. one of them is yours.
one attacker
one attacker, ten thousand faces.
real machinesburned wattsnext page, sealed
writing costs watts. faking voters buys nothing.
cost paid OUTSIDE: hardware and power
proof of work, burn energy to vote.
page 1you · 100page 2you · 100page 3you · 100page 4you · 100
rewrite one line, break every lock after it.
office lunchtrusted keeperconsensusfive keepers, real cost
the price buys trustlessness. the office already has trust.
?
ownerless ledger
you?
a key, not a login?
nobody owns the table. so who owns your row?
exploitsauditssecurity-posture

Three new nodes on your map

exploits · audits · security-posture · +10 Lynx