Is Penpie Safe?
Risk Grade: C (50/100)
Penpie is rated as elevated risk — multiple novel mechanisms and notable interaction risks.
High risk — proven security failures and total dependency on another protocol make this a fragile place to park funds
A yield booster that sits on top of Pendle, letting you earn higher returns by pooling voting power. It holds about $80M in deposits. Its D+ grade is driven by a $27M hack in September 2024 and the fact that your money is 100% dependent on Pendle staying safe -- if Pendle fails, Penpie fails with it.
TVL
$23M
Mechanisms
6
Interactions
5
Value Grade
C-
Key Risks for Penpie Users
Already hacked for $27M in September 2024 -- attackers created a fake market and drained funds through a code vulnerability
Every dollar in Penpie depends entirely on Pendle working correctly. If Pendle gets exploited, you lose everything here too
After a hack, the protocol faces a lose-lose choice: print new tokens (destroying existing holders' value) or let victims absorb the loss
Top Risk Factors
- •Exploited for $27M in September 2024 via reentrancy vulnerability in reward distribution, demonstrating critical smart contract risk in yield aggregation layer
- •Tight coupling to Pendle protocol creates single point of failure: any Pendle exploit or PT/YT market failure cascades directly to Penpie users
- •veToken governance model (vlPNP) creates governance capture risk and post-exploit hyperinflation scenarios similar to Rari/Indexed Finance failures
Risk Score Breakdown
Penpie's highest risk area is Track Record (15/15). Here's how each dimension contributes to the overall 50/100 score:
Read the Full Penpie Risk Report
This protocol has 2 collapse scenarios. 1 critical and 2 high-severity interaction risks identified. See the full mechanism classification, interaction matrix, and deep-dive recommendations.
View Full Report →Considering an investment?