What to know
A series of suspicious transactions involving SynapLogic has recently been detected on the Base network, raising concerns across the community. According to on-chain monitoring systems, an attacker was able to acquire around 144,000 SYP tokens through unusual activity. While the situation sounded alarming at first, the SynapLogic team has confirmed that the issue has now been fully resolved and that all user funds remain safe.
The activity was first flagged when several linked transactions showed abnormal behavior. The attacker’s wallet was originally funded through Tornado Cash on the Ethereum network. From there, the funds were moved to the Base network using a bridge service. Once on Base, the attacker carried out multiple transactions that resulted in the minting of roughly 144,000 SYP tokens. Importantly, even though the tokens were created, they were not sold or swapped on the market. The funds remain locked inside the attacker’s contract, which helped limit the damage and avoid sudden price impact for regular users.
Early analysis suggests that the problem did not come from stolen private keys or a hack in the traditional sense. Instead, the issue appears to be caused by a business logic fault in the token purchase system. When users bought SYP tokens using ETH or USDC, the system allowed them to enter a list of referral addresses. Each referral address could receive 10% of the user’s spending as a reward. However, the contract did not properly check this input.
The attacker exploited this by setting the referral list to their own address repeated many times. In one case, the attacker listed themselves 31 times, allowing them to receive about 310% of the amount spent. This drained funds from the purchasing contract, with the estimated loss coming to around $88,000.
Even though a large number of SYP tokens were minted, the attacker was unable to freely move or sell them. This is because SYP balances are split into two parts: vesting tokens and exchange tokens. Vesting tokens are locked and cannot be transferred or sold until certain conditions are met. The attacker’s newly minted SYP fell into this locked category. As a result, the tokens could not be dumped on the market, which helped protect other holders.
Later, another attacker attempted a similar trick by listing their own address fewer times so they would not need to pay anything at all. Once again, the tokens were minted but remained unsold due to the same restrictions. Security monitors also reported 193 suspicious transactions linked to an unverified contract connected to SynapLogic. In these transactions, attackers repeatedly used flash-loaned funds to mint around 16,000 SYP per attempt, then returned the borrowed ETH immediately after. The function used in these calls lacked proper checks on incoming parameters, allowing attackers to receive more value than expected. While this sounds serious, most of the activity was contained, and the contract has since been paused.
SynapLogic acted quickly once the issue was identified. The affected contract was paused, and fixes were applied to prevent the same behavior in the future.
In a public statement, the team said, “The issue has been fully resolved. SynapLogic systems are now operating normally, and all user funds remain completely safe. We remain committed to transparency, security, and putting our community first.”
This incident is a reminder that even small logic oversights can lead to big problems in smart contracts. While no user funds were lost and the tokens were not sold, the event highlights the importance of careful testing and monitoring. For now, SynapLogic appears to be back to normal operations, and users have been reassured that their assets were never at risk. As always in crypto, staying informed and cautious remains key.
