Skip to content
Est. MMXXVIVol. VI · № 273RSS
Blockchain Breaches

An archive of cryptocurrency security incidents — hacks, exploits, bridge failures and rug pulls, documented with on-chain evidence.

Dossier № 010Flash Loan Attack

Eminence Bonding-Curve Drain

Andre Cronje's unreleased Eminence lost $15M to a flash-loan bonding-curve exploit hours after a teaser drew depositors to the unaudited contract. $8M returned.

Date
Victim
Eminence
Chain(s)
Ethereum
Status
Partially Recovered

On September 29, 2020, the unreleased DeFi gaming project Eminence — built by Andre Cronje, creator of Yearn Finance — was drained of approximately $15 million in a flash-loan attack on its bonding-curve token mechanics. Cronje had explicitly stated the project was "at least three weeks away" from completion, yet $15M flowed in within hours of his posting art teasers. The attacker returned $8 million to Yearn's developer fund afterward.

What happened

Cronje's typical "ship early, iterate publicly" approach meant his deployed contracts often appeared on-chain well before their intended launch. For Eminence — a gaming-economy project with no website, no documentation, and no public launch announcement — Cronje had simply deployed an in-progress version of the EMN token contract on Uniswap, presumably for testing.

The crypto community noticed the deployment, identified Cronje's signature, and piled in regardless — depositing approximately $15 million of stablecoins into EMN's bonding curve over a few hours, on the assumption that Cronje's involvement guaranteed eventual value capture.

The bonding curve had not been audited. The attack was, in Cronje's own words, "a very simple one":

  1. Mint a lot of EMN at the tight end of the bonding curve (low price per token at low supply).
  2. Burn the freshly-minted EMN through a parallel function in exchange for a different currency the contract priced higher.
  3. Sell the proceeds back into EMN to mint more, recursively.
  4. Repeat until the entire $15M had been extracted.

Net drain: ~$15M into the attacker's wallet. The EMN price collapsed to near zero.

Aftermath

  • A portion of the attacker — possibly the same individual, possibly a different white-hat — returned $8M to a Yearn-controlled developer fund within hours.
  • Cronje stated he would distribute the recovered $8M to original depositors based on a pre-hack snapshot.
  • Cronje publicly addressed the incident and reiterated his "test in production" approach, drawing widespread criticism from the security community.
  • Eminence was never launched as a finished product.

Why it matters

Eminence is the founding case study for "degens piling into unreleased contracts" as a recurring DeFi failure mode. The community's eagerness to front-run Cronje's eventual launches created repeated unforced losses through 2020-2022:

  • Eminence (Sep 2020) — $15M into an unfinished bonding curve.
  • Iron Bank's CR Finance v0 (early 2021) — similar pattern with smaller losses.
  • Multiple Cronje-tagged contracts across Fantom and Avalanche received millions in deposits before official launches.

The deeper, less-charitable lesson the community has only partially absorbed: a famous developer's name on a contract does not constitute an audit, a launch, or a guarantee of safety. Cronje's reputation was — by his own design — a brand that attracted capital faster than his security review could keep up with. Eminence was the first major instance; it has not been the last.

Sources & on-chain evidence

  1. [01]theblock.cohttps://www.theblock.co/post/79061/yfi-eminence-defi-protocol-exploited
  2. [02]decrypt.cohttps://decrypt.co/43203/hackers-drain-15-million-from-unreleased-yearn-finance-project
  3. [03]cryptotips.euhttps://cryptotips.eu/en/news/bizarre-15-million-eminence-hack-an-unfinished-project-by-andre-cronje/

Related filings