Prisma Finance: An Evergreen Guide to the LST-Backed Stablecoin Protocol

A decentralized borrowing protocol on Ethereum, Prisma Finance lets users mint overcollateralized stablecoins such as mkUSD and ULTRA against liquid staking and liquid restaking tokens, aiming to maximize the capital efficiency of staked ETH positions. Built as a fork of Liquity and deeply integrated with Curve, Convex, and Yearn, the protocol later became a high‑profile case study in LSDFi innovation, governance games, and smart contract risk following a major exploit and an eventual transition plan toward a new project called Resupply.

Background: Liquid Staking, LSDFi, and the Rise of Prisma

Understanding Prisma starts with the structural shift Ethereum underwent when it moved to proof‑of‑stake and enabled users to earn yield by staking ETH. Liquid staking protocols such as Lido, Rocket Pool, Coinbase’s staking product, and Frax Ether stacks emerged to help users stake without running their own validators, issuing liquid staking tokens (LSTs) like stETH, rETH, cbETH, and sfrxETH that can circulate freely in DeFi while still accruing staking rewards on the underlying ETH. This created a large base of yield‑bearing collateral that was capital‑inefficient if simply held, inviting a new wave of protocols—often dubbed LSDFi—that were designed to unlock additional leverage and yield on top of LSTs.

Prisma Finance positioned itself squarely in this LSDFi segment by allowing users to deposit LSTs as collateral and borrow a dollar‑pegged stablecoin against them, effectively turning staking positions into productive, levered capital without sacrificing staking yield. The protocol launched on the Ethereum mainnet in August 2023 as a non‑custodial and decentralized borrowing platform, with its core contracts designed to be immutable and censorship‑resistant, reflecting lessons from earlier collateralized stablecoin systems. At launch, the protocol supported a curated set of LSTs, including Lido’s wrapped stETH (wstETH), Rocket Pool’s rETH, Coinbase’s cbETH, and Frax’s sfrxETH, and it allowed users to mint a stablecoin then called acUSD against these assets.

Over time, acUSD was rebranded as mkUSD, but the core idea did not change: mkUSD is an overcollateralized stablecoin fully backed by liquid staking tokens deposited into Prisma vaults, with mechanisms borrowed and adapted from Liquity’s design around collateralized debt positions. To expand beyond staking into the emerging restaking narrative, Prisma later introduced ULTRA, a separate stablecoin that can be minted against liquid restaking tokens (LRTs) representing restaked ETH in systems like EigenLayer. With mkUSD and ULTRA, Prisma sought to sit at the intersection of staking, restaking, and stablecoins, offering a way to squeeze multiple layers of yield out of ETH while maintaining collateralization standards.

From the outset, Prisma’s architecture was inseparable from the rest of the Ethereum DeFi stack. mkUSD and later ULTRA were designed to be immediately useful in liquidity pools and yield strategies, particularly on Curve Finance, whose stablecoin automated market makers became primary venues for trading and yield generation. Incentives in PRISMA, CRV, and CVX were layered on top of Curve pools via Convex and other aggregators, giving Prisma a central role in ongoing “gauge wars” for voting power and emissions across multiple protocols. That deep integration with Curve and Convex later extended into Yearn’s yLocker system and the yPRISMA liquid locker, embedding Prisma even more deeply within the governance and yield‑maximization meta‑game of DeFi.

At the same time, Prisma’s story became a cautionary tale about the risks of rapid iteration in complex smart‑contract ecosystems. In March 2024, a vulnerability in a migration helper contract was exploited via a flash loan to drain thousands of wstETH, resulting in losses of roughly 3,258 wstETH, or around 11 million dollars at the time, and a sharp drop in the protocol’s total value locked. Although mkUSD and ULTRA remained overcollateralized and the core borrowing system stayed solvent, the exploit triggered a sequence of emergency measures, governance changes, emissions cuts, repayment plans, and ultimately a community‑led move to wind down Prisma Finance and transition governance and incentives into a successor project called Resupply.

CurveCap

Mar 15, 2025

View article →

Resupply posts instructions for vePRISMA holders to be eligible for the airdrop

𝕏/@resupplyfi • Mar 15, 2025

Core Architecture: Vaults, Troves, and Stablecoin Mechanics

At its heart, Prisma Finance is a collateralized debt protocol. Users deposit one of the supported LSTs or, later, an eligible liquid restaking token into a smart contract that tracks their position; this position functions much like a DeFi “vault,” although in Prisma’s Liquity‑derived terminology these positions are often called Troves. When a user opens a Trove, they lock collateral and can mint a corresponding amount of mkUSD (or ULTRA for LRTs) up to a maximum loan‑to‑value ratio defined by the collateral type and risk parameters approved through governance. Because the collateral is itself yield‑bearing—staked ETH or restaked ETH—the user can earn staking or restaking rewards on the locked assets while deploying the borrowed stablecoins into trading, liquidity provision, or other strategies.

The design of Troves in Prisma is heavily influenced by Liquity, which pioneered a model in which users maintain individual collateralized debt positions that are always at least partially overcollateralized, with automatic liquidations triggered when collateral ratios fall below preset thresholds. In Liquity, these positions back the LUSD stablecoin; in Prisma, analogous mechanisms back mkUSD and ULTRA. Each supported collateral type in Prisma has its own Trove Manager contract, risk parameters, and stability mechanisms, allowing the protocol to tailor minimum collateral ratios, fees, and liquidation incentives to the specific behavior and liquidity profile of each LST or LRT.

When a user mints mkUSD, they incur a debt that must be repaid, typically including a one‑time borrowing fee and, depending on governance, ongoing interest or stability fees shared between the protocol and governance token holders. The overcollateralization is enforced by a series of checks that ensure a user’s collateralized value, priced via oracles, remains above the required threshold. If the value of the collateral declines or the value of mkUSD rises such that the collateral ratio falls below the minimum, the Trove becomes eligible for liquidation, at which point liquidators can repay the debt and seize collateral at a discount. This mechanism is central to ensuring that mkUSD remains backed by collateral that is worth more than the total outstanding supply, providing a buffer against market moves and de‑pegs.

The same logic applies to ULTRA, which is minted against liquid restaking tokens. In this case, the collateral represents claims on ETH that has not only been staked on Ethereum but also re‑used (“restaked”) in security markets such as EigenLayer, potentially earning additional yield and risk premia. By allowing users to mint a stablecoin against these LRTs, Prisma extended its collateral universe to assets whose value and risk profile depend both on Ethereum’s base layer and on the performance and security of restaked services, such as actively validated services (AVSs) in EigenLayer’s ecosystem. This expanded the protocol’s reach but also introduced new, systemically correlated risks to the collateral backing ULTRA.

In practice, a Prisma user interacts with Troves much like they would with vaults in protocols such as MakerDAO or Liquity. They choose a supported LST, deposit it, mint mkUSD, and then can adjust their position over time by adding or removing collateral, repaying mkUSD, or closing the Trove entirely. The health of each position is visible on‑chain via its collateral ratio, and Prisma’s liquidation bots and stability pools are incentivized to keep the system solvent by monitoring Troves and stepping in when they fall below safety thresholds.

A key design principle in Liquity and inherited by Prisma is that core borrowing logic is immutable once deployed, reducing governance risk and preventing unilateral changes that could compromise collateral safety. In Prisma’s case, the protocol also introduced additional tooling such as migration “zap” contracts to automate upgrades between Trove managers and facilitate collateral movements, as well as governance‑controlled parameters for supporting new collaterals and managing incentives. The exploit in 2024 would later show how these peripheral components can become critical points of failure if not subjected to the same rigorous audit and design standards as the immutable core.

From a stablecoin perspective, mkUSD is intended to track the value of one U.S. dollar by virtue of its redeemability for collateral and the economic incentives around borrowing and liquidation. Because mkUSD is overcollateralized and backed by LSTs that are themselves liquid, arbitrage opportunities should align its market price with the target peg: if mkUSD trades above one dollar, users are incentivized to borrow more mkUSD, sell it, and later repay at a lower price; if it trades below, users can buy mkUSD on the market, redeem or repay debt, and withdraw more valuable collateral. Unlike fiat‑backed stablecoins, no centralized entity holds reserves; instead, collateral remains in smart contracts, and risk is distributed among borrowers and liquidity providers.

ULTRA uses a similar peg mechanism but with LRTs as collateral, tying its stability to both the value of ETH and the performance of the restaking ecosystem. In both cases, Prisma’s vaults—whether you call them Troves or borrowing positions—serve as the substrate that connects the value of ETH staking and restaking to dollar‑denominated liquidity in DeFi.

mkUSD, ULTRA, and Prisma’s Stablecoin Suite

mkUSD is Prisma’s flagship stablecoin and the asset around which much of its early ecosystem grew. Fully or over‑collateralized by LSTs such as wstETH, rETH, cbETH, and sfrxETH, mkUSD is minted when users lock these tokens in Prisma’s Troves and borrow against them. Prisma’s documentation and third‑party descriptions emphasize that mkUSD (formerly acUSD) is always backed by more collateral value than the total supply of mkUSD, subject to the volatility and liquidity of the underlying LSTs. This design is intended to provide a robust buffer against normal market fluctuations, in contrast with undercollateralized or purely algorithmic stablecoins that rely more heavily on reflexive market dynamics.

The economic role of mkUSD within DeFi is shaped by its integrations rather than by its issuance mechanics alone. Immediately after launch, mkUSD’s predecessor acUSD was routed into Curve Finance pools where it could be paired with other stablecoins and trade at low slippage, effectively bootstrapping liquidity and creating a primary venue for its market price to track the dollar. To attract liquidity, Prisma coordinated with Curve and Convex, enabling users who deposited mkUSD liquidity on Curve to earn multiple reward streams in PRISMA, CRV, and CVX in addition to trading fees. This layered incentives structure made mkUSD a central piece in a broader LSDFi strategy: users could earn staking yield on LST collateral, borrow mkUSD, deploy it into Curve pools, and then earn additional protocol incentives, compounding their returns from a single initial stake.

ULTRA represents Prisma’s second‑generation stablecoin concept, designed to capitalize on the rapid growth of the restaking narrative. Where mkUSD is backed by LSTs linked to Ethereum’s base staking layer, ULTRA is backed by liquid restaking tokens (LRTs), which are claims on ETH that has been restaked via protocols such as EigenLayer or Karak to secure additional services. According to coverage at the time of its introduction, ULTRA allowed users to borrow a stablecoin against these novel LRT assets, again using a Prisma‑style Trove model but with different collateral parameters suited to the additional risks of restaking. The idea was to provide similar capital efficiency to mkUSD but in an even more yield‑dense collateral universe, where the underlying ETH is simultaneously earning staking rewards and restaking incentives.

One important characteristic shared by mkUSD and ULTRA is their overcollateralization and the isolation of collateral within Troves. During the March 2024 exploit, Prisma communicated that the protocol had been paused by an emergency multisig and that remaining funds were safe, stressing that mkUSD and ULTRA were overcollateralized and not at risk of insolvency even though a migration contract had been abused to siphon collateral from affected users. Subsequent post‑mortems and analysis confirmed that the core Trove mechanics remained functional and that the exploit was concentrated in a peripheral MigrateTroveZap contract rather than in the stablecoin’s accounting logic itself. This distinction is critical for understanding how the stablecoin layer can remain solvent even when individual users suffer losses through auxiliary contract vulnerabilities.

mkUSD, in particular, became deeply embedded in DeFi’s yield strategies. Borrowers used mkUSD to provide liquidity on Curve, where the token’s trading pairs were supported by gauge emissions and bribes, making them attractive destinations for capital. Some users also looped positions by borrowing mkUSD, swapping into more LST collateral, and depositing back into Prisma to mint additional mkUSD, increasing leverage on the underlying staking yield but also amplifying liquidation risk during market drawdowns. The presence of mkUSD in other protocols’ vaults and strategies, including Yearn’s, meant that mkUSD was not just a borrowing asset but also a building block for higher‑level yield products.

In the ULTRA ecosystem, similar patterns began to emerge, with ULTRA pools and LRT‑backed strategies appearing as the restaking narrative gained momentum. ULTRA’s design implicitly assumed that LRTs would remain liquid and well‑priced, but its overcollateralization and liquidation mechanisms were meant to provide a backstop against restaking‑specific shocks, such as AVS slashing events or liquidity squeezes in LRT markets. Although the exploit and Prisma’s subsequent wind‑down interrupted ULTRA’s long‑term trajectory, the stablecoin serves as an example of how quickly DeFi builders sought to financialize restaked ETH exposure.

Taken together, mkUSD and ULTRA illustrate Prisma’s attempt to generalize the Liquity model from plain ETH collateral to more complex, yield‑bearing derivatives. mkUSD mapped the model onto LSTs; ULTRA mapped it onto LRTs. Both relied on vault‑like Troves, overcollateralization, liquidations, and deep Curve liquidity, making Prisma a hub where staked and restaked ETH could be transformed into dollar liquidity without leaving the chain.

Ecosystem Integrations: Curve, Convex, Yearn, and Beyond

Prisma’s influence was never limited to its own contracts; from the beginning it was designed as a DeFi lego embedded in a wider network of protocols. The most important of these relationships was with Curve Finance, whose stablecoin pools provided the liquidity backbone for mkUSD and later ULTRA. By pairing mkUSD against other dollar‑pegged assets on Curve, Prisma tapped into Curve’s stable swap invariant to enable efficient trading and arbitrage, which in turn helped maintain mkUSD’s peg. To make these pools attractive, Prisma and its partners directed incentives in the form of CRV, CVX, and PRISMA, allowing liquidity providers to earn multiple reward streams on top of swap fees.

Convex Finance amplified this model by offering a simplified interface for users to stake their Curve LP tokens and benefit from pooled voting power in Curve’s gauge system. Through the “Convex for Prisma” integration, users who provided liquidity to Prisma‑related pools on Curve could stake those LP tokens on Convex and enjoy socialized boosting mechanics, increasing their share of CRV emissions without having to hold and lock CRV themselves. Convex’s documentation highlights that this integration effectively extended its established model for Curve to Prisma LP positions, further entrenching Prisma within the ecosystem’s incentive and governance infrastructure.

This multi‑layered setup—LSTs locked in Prisma, mkUSD deployed to Curve, LP tokens staked on Convex—turned a simple borrowing position into a complex yield stack. A user could stake ETH through an LST provider, earn staking rewards, borrow mkUSD against the LST on Prisma, deposit mkUSD into a Curve pool, stake the LP tokens on Convex, and collect CRV, CVX, and PRISMA rewards along the way. The strategy demonstrated DeFi’s composability but also illustrated how interdependent protocols could become: a shock in any one component, whether in Prisma, Curve, or Convex, could cascade through the entire stack.

Yearn Finance added another layer of composability by building yLockers that tokenized locked governance positions in external protocols, including Prisma. Yearn’s yLockers system allows users to permissionlessly max‑lock governance tokens to Yearn in exchange for a transferrable yLocker token, such as yCRV or yPRISMA, at a one‑to‑one rate. The benefit for users is that they can access the governance and yield streams associated with a locked position while holding a liquid ERC‑20 representing that lock, which can be traded, used as collateral, or deposited into Yearn’s own strategies.

In the context of Prisma, Yearn’s yPRISMA product became a significant vector for aggregating PRISMA governance power. Users could deposit their PRISMA tokens into Yearn’s contracts, which would then lock them in Prisma’s vote‑escrow system to obtain vePRISMA, while minting yPRISMA as a liquid representation of the locked stake. Within Yearn’s ecosystem, yPRISMA holders could stake their tokens in dedicated vaults or auto‑compounding strategies to earn a share of governance rewards, protocol revenue, and bribes derived from vePRISMA’s participation in Prisma’s gauge votes. When Yearn prepared to launch a new Prisma staking system, it announced that the existing yPRISMA staking contract would be deprecated at a scheduled time, underscoring the ongoing evolution of these integrations.

This pattern—liquid lockers for governance tokens—reflected a broader meta‑governance trend in DeFi, where protocols like Yearn, Convex, and others accumulate and manage large vote‑escrowed positions in foundational governance tokens in order to direct emissions and influence ecosystem incentives. In Prisma’s case, vePRISMA voting was central to deciding how PRISMA emissions would be allocated among different collateral types and liquidity pools, making vePRISMA powerfully valuable for protocols that depended on mkUSD or ULTRA liquidity.

Beyond Curve, Convex, and Yearn, Prisma also featured in cross‑protocol campaigns and point systems, such as Napier Finance’s “Llama Race” program, which included Prisma alongside protocols like Curve, Stake DAO, Convergence, Silo, Yearn, and Paladin in eligibility criteria for its points. Such campaigns reinforced Prisma’s status as a recognized LSDFi building block and offered yet another layer of incentives for users who engaged with the protocol’s stablecoins and vaults.

Centralized exchanges also acknowledged Prisma’s governance token. Listings such as Poloniex’s PRISMA markets, accompanied by promotional campaigns and airdrops, highlighted the token’s role not only as an on‑chain governance asset but also as a tradable instrument in its own right. These listings provided additional liquidity routes for PRISMA holders and helped distribute the governance token beyond on‑chain yield farmers and DeFi insiders.

Altogether, these integrations show that Prisma was not an isolated borrowing protocol but an embedded component of a complex network of vaults, gauges, bribes, liquid lockers, and cross‑protocol incentives. This tight coupling with the broader DeFi stack amplified Prisma’s growth during its ascent but also magnified the consequences when security issues emerged.

CurveCap

Jan 30, 2025

View article →

While shutting down Prisma Finance, the Resupply team discovered the contracts were littered with multiple high severity bugs

wavey.info • Jan 30, 2025

Governance, Tokenomics, and the Road Toward Resupply

Prisma’s governance and tokenomics were built around the PRISMA token and a vote‑escrow model inspired by Curve’s veCRV and widely imitated across DeFi. The basic idea was that holders could lock PRISMA for a specified period to receive a non‑transferable vePRISMA balance that decayed over time as the lock approached expiration. vePRISMA holders, including aggregators like Yearn via yPRISMA, could then vote on gauge allocations that determined how new PRISMA emissions would be distributed across borrowing markets and liquidity pools, effectively shaping where the highest yields accrued within Prisma’s ecosystem.

This mechanism created a familiar “gauge war” dynamic: protocols and large holders competed to accumulate vePRISMA and influence emissions in favor of their preferred collaterals or pools, often by offering external bribes or boosted yields to vePRISMA voters. The result was a fluid political economy in which stablecoin liquidity, collateral onboarding, and even fee policies could be influenced by an evolving coalition of stakeholders, from LST issuers to yield aggregators and LP managers. While this model was powerful for bootstrapping liquidity and aligning incentives, it also incentivized rapid feature deployment and complex integrations, sometimes at the expense of conservative security practices.

As Prisma matured, its governance processes extended beyond gauge allocations to questions of protocol risk management, fee structures, and emission schedules. Following the March 2024 exploit, governance activity intensified, with proposals and discussions about pausing fees, cutting emissions by half, and redirecting portions of revenue or token supply toward victim compensation and security improvements. Community debates highlighted tensions between continuing to grow the protocol, restoring user trust after the exploit, and recognizing the reputational damage that might limit Prisma’s long‑term viability as a borrowing platform.

One major governance thread centered on the protocol’s future direction. Over time, a plan emerged to wind down Prisma Finance and transition community, incentives, and governance into a new protocol initially referenced as Resupply. Snapshot votes were held on whether to shut down Prisma and formally introduce Resupply, and governance discussions outlined how vePRISMA holders might be treated in this transition, including proposed airdrops, conversion mechanisms, and timelines. Parallel communications explained how users with open loans on Prisma should manage their debt positions during the wind‑down, emphasizing the need to repay or close Troves under the existing system as stablecoin supply gradually contracted.

Resupply was framed as a chance to rebuild with a cleaner architecture, fresh audits, and a security‑first ethos while still leveraging the lessons and governance network built around Prisma. Instructions and eligibility criteria for vePRISMA holders to participate in the Resupply airdrop were circulated, underscoring the importance of accurately snapshotting locked governance balances and LP positions. At the same time, a developer‑led review of Prisma’s public code concluded that the exploit had been “the inevitable consequence of the team behavior regarding security,” a stark assessment that reinforced the argument for a new codebase and a culture reset in the successor protocol.

Prisma’s governance story also intersected with broader LSDFi and restaking ambitions. The protocol publicly expressed interest in acquiring Moebius, a universal meta‑restaking protocol designed to unify restaking across multiple providers and enable anyone to mint liquid restaking tokens starting with platforms like Karak and EigenLayer. This proposed acquisition reflected Prisma’s intent to move deeper into the LRT space and to operate at the meta‑layer of restaking liquidity, consistent with ULTRA’s positioning as an LRT‑backed stablecoin. Though Prisma’s wind‑down changed the context for this strategy, the episode illustrates how governance tokens in this ecosystem increasingly mediate not just internal parameter choices but also strategic mergers and acquisitions across DeFi.

As the transition to Resupply advanced, the role of PRISMA shifted from a governance token for an active borrowing platform to a legacy asset whose primary remaining function was to mediate claims on the new system via airdrops or redemption mechanisms. For vePRISMA holders and yPRISMA participants, this meant that the value proposition of their locked positions now depended as much on the execution of the Resupply plan as on any residual fee flows from Prisma itself. For observers, Prisma’s governance arc—from high‑velocity gauge politics to orderly wind‑down—offers a rare longitudinal example of how a DeFi protocol can attempt to unwind and reboot after a serious security incident.

The March 2024 Exploit: Timeline, Mechanics, and Impact

The pivotal event in Prisma’s history occurred on March 28, 2024, when the protocol suffered a significant exploit that targeted a migration helper contract rather than the immutable core contracts. Prisma had deployed a contract called MigrateTroveZap to make it easier for users to migrate their Troves—that is, their collateralized debt positions—between different versions of Trove manager contracts for the same collateral type. The intention was to abstract away the complexity of closing a position in one Trove manager and reopening it in another, allowing users to move seamlessly as new collateral configurations or contract versions were introduced.

However, the MigrateTroveZap contract contained a critical vulnerability in its onFlashloan() function. According to the post‑mortem, the function lacked sufficient input validation, allowing attackers to manipulate the parameters passed in through a flash loan and cause the contract to execute unintended sequences of calls. By carefully crafting the input data, the attacker was able to bypass the intended migrate flow and instead trigger calls that closed and reopened Troves within the same Trove manager, but in a way that reallocated collateral to the zap contract itself.

In simplified form, the attack involved taking a flash loan, invoking the vulnerable zap contract with maliciously structured data, and causing it to close a victim’s Trove and immediately reopen a new Trove with the same debt but less collateral, with the difference in collateral being diverted to the zap contract. The attacker then opened new Troves, leveraged the misdirected collateral, and ultimately closed their own Troves, extracting the stolen collateral as profit. Because the exploit used a flash loan, it could be executed in a single atomic transaction, making it difficult to detect or interrupt in real time.

Rekt’s analysis of the incident noted that PrismaFi—an umbrella name used for Prisma Finance and its restaking extensions—lost approximately 3,258 wstETH in the attack, valued at roughly 11.6 million dollars at the time. Coinspeaker’s reporting similarly cited a loss of about 3,257.7 ETH, approximately 11 million dollars, and noted that Prisma’s total value locked dropped from around 220 million dollars before the exploit to about 115 million afterwards, reflecting both the direct loss and users’ withdrawal of funds in response to the incident.

In the hours following the exploit, Prisma’s emergency multisig paused the protocol, halting new activity and reassuring users that remaining funds were safe and that mkUSD and ULTRA, as overcollateralized stablecoins, were not at risk of insolvency. This swift action prevented further exploitation via the same vector but could not reverse the losses incurred by users whose Troves had been impacted by the MigrateTroveZap vulnerability.

A key point emphasized by both Prisma’s post‑mortem and external observers was that the exploit did not arise from Liquity’s core architecture but from Prisma’s own modifications and extensions. Liquity itself issued a statement asserting that the exploit on Prisma was not replicable on Liquity, underscoring that the vulnerable zap contract was unique to Prisma and that Liquity’s own contracts did not use the same pattern. This distinction was important not only for Liquity’s reputation but also for understanding the boundary between inherited and newly introduced risk in forked protocols.

On the investigative front, blockchain sleuth ZachXBT identified the Prisma attacker as an address known as 0x77, allegedly tied to an individual named Trung and linked to multiple other exploits across DeFi. Coinspeaker reported that this identification came after weeks of tracing on‑chain movements and cross‑referencing patterns across incidents, situating the Prisma exploit within a broader pattern of opportunistic attacks by a sophisticated adversary. Subsequent on‑chain activity showed the attacker transferring more than one thousand ETH through Tornado Cash, further obfuscating the trail and complicating any potential recovery efforts.

Negotiations between Prisma’s team and the exploiter took an unusual turn. Publicly shared terms from the exploiter reportedly demanded that Prisma’s team hold an online press conference in which all team members would show their faces with identification—essentially a kind of public KYC—while offering apologies and thanks to users, investors, and the exploiter. This theatrical set of conditions blurred the line between a traditional black‑hat exploit and elements of a so‑called “whitehat rescue,” though the overall tone and the laundering of funds through privacy tools like Tornado Cash raised serious doubts about any benign intent.

In the aftermath, Prisma published a detailed post‑mortem explaining the exploit mechanics, taking responsibility for the insufficient input validation in MigrateTroveZap, and outlining steps to improve security processes. The Prisma Risk team also conducted a broader historical analysis of price oracles and MEV behavior, observing that implementing a Curve‑based oracle in certain parts of the system would have reduced front‑running opportunities for bots and provided better exchange rates for users, even though this was not the direct cause of the exploit. External developer reviews of Prisma’s code concluded that the vulnerability was symptomatic of deeper cultural issues around security, describing the incident as the “inevitable consequence” of lax practices rather than an isolated oversight.

The exploit had immediate financial and reputational consequences. Prisma’s TVL was roughly halved, and its native token PRISMA suffered a sharp drop in price in the immediate aftermath, although it later partially recovered as markets reassessed the residual value of the protocol and its governance token. For many users, however, the damage to trust was more lasting than any temporary price impact, especially given the complexity of the exploit and the fact that it was facilitated by a contract meant to simplify user experience.

From Recovery to Wind‑Down: Vaults Reopened, Emissions Cut, and the Move to Resupply

Following the emergency pause and initial post‑mortem, Prisma’s focus shifted to stabilizing the protocol, compensating victims, and deciding its long‑term fate. One of the first practical steps was to unpause vaults and resume operations in a controlled manner, which occurred only after governance‑mandated audits and code reviews provided sufficient confidence that no similar vulnerabilities remained in active contracts. Communications advised vault owners to disable certain delegate approvals and to carefully manage their positions as operations gradually resumed, reflecting a heightened sensitivity to the dangers of over‑permissive contract hooks and delegated calls.

In parallel, governance proposals addressed economic parameters. Prisma proposed pausing protocol fees as a gesture toward users, effectively foregoing revenue in the short term to simplify the distribution of value and prioritize user recovery. Another governance initiative recommended a significant cut to protocol emissions—on the order of a 50 percent reduction—recognizing that the original hyper‑growth emission schedule was no longer appropriate for a protocol grappling with reduced TVL and a damaged brand. Cutting emissions was also seen as a way to reduce sell pressure on PRISMA and to slow the dilution of existing holders while longer‑term plans were discussed.

Central to the recovery blueprint was PIP‑038, a governance proposal constituting a victim repayment plan. The plan aimed to use a combination of treasury assets, future protocol revenues, and adjusted emissions to make affected users whole or at least substantially compensated over time. While details evolved through community feedback, the general thrust was to formalize restitution within the on‑chain governance framework, acknowledging both a moral and practical obligation to attempt recovery. The plan did not fully erase the losses, but it signaled a serious attempt to align protocol resources with user protection, which is still relatively rare in a DeFi landscape where “code is law” is often invoked to avoid responsibility.

As these measures unfolded, broader conversations crystallized around whether Prisma should continue operating as a borrowing protocol at all. Some community members argued that the core design remained sound, that the exploit was limited to a peripheral contract, and that improved practices could restore confidence. Others countered that the reputational damage, combined with the complexity of the system and the emergence of rivals in LSDFi and restaking, made a clean break more appealing. For this latter camp, the exploit was not just a bug but a signal that the protocol needed to reboot under a new banner with a renewed security culture.

Out of these debates emerged a plan to wind down Prisma Finance and transition to a new protocol, Resupply. Snapshot votes and governance forums laid out the contours: Prisma’s operations would be gradually unwound, with users encouraged to repay mkUSD and ULTRA loans and close Troves, thereby shrinking the outstanding stablecoin supply and collateral footprint. vePRISMA holders would be central in the transition, with Resupply planning to recognize their locked governance positions through an airdrop or other conversion mechanism into a new token, RSUP. Instructions circulated for vePRISMA holders to ensure eligibility, including on‑chain snapshots and timing considerations.

The wind‑down plan also involved reassessing integrations. Yearn’s yPRISMA locker, for example, prepared to migrate to a new staking contract before deprecating the old one, ensuring that users could continue to earn yields and governance influence even as the underlying protocol transitioned. Convex and Curve integrations were similarly reconsidered in light of shrinking mkUSD and ULTRA liquidity, and incentives were recalibrated to avoid over‑subsidizing pools for a protocol on a sunset trajectory.

Meanwhile, Prisma’s ambitions in the restaking space surfaced in the proposed acquisition of Moebius, a universal meta‑restaking protocol designed to unify restaking across multiple platforms and mint LRTs starting with Karak and EigenLayer. Although the exploit and wind‑down forced a reevaluation of this strategy, the attempted acquisition illustrated the direction of travel: a move toward becoming a higher‑order coordination layer for restaking, rather than merely a borrowing protocol for LSTs. Resupply, as the successor, inherits this strategic backdrop and the question of how to balance ambitious integrations with the hard lessons of Prisma’s security incident.

As Resupply’s design took shape, Prisma’s governance token PRISMA transitioned into a legacy asset primarily useful for securing rights in the new system. For users with open vaults, the focus remained operational: repay debt, withdraw collateral, and exit the system in an orderly fashion as liquidity incentives gradually faded. For vePRISMA holders and DeFi integrators, the challenge was to navigate the migration without exposing users to unnecessary risk, managing complex vaults and multi‑protocol strategies that had been built around mkUSD and ULTRA.

Ktodjam

Dec 31, 2024

View article →

The plan for shutting down $PRISMA and transitioning to $RSUP. Those with open loan positions on Prisma, please read carefully!

𝕏/@ResupplyFi • Dec 31, 2024

Broader Lessons: Stablecoin Design, Vault Safety, and Oracle Choices

Prisma’s lifecycle offers a rich set of lessons for DeFi builders and users, extending beyond the specifics of one exploit. At a structural level, the protocol demonstrates both the power and the peril of building on top of yield‑bearing derivatives like LSTs and LRTs. On the one hand, LST‑backed stablecoins such as mkUSD unlock substantial capital efficiency: users can earn ETH staking rewards while simultaneously deploying a dollar‑denominated asset into DeFi, creating multiple layers of yield from a single underlying position. On the other hand, this stacking creates complex, correlated risks: a de‑peg or liquidity crunch in an LST market can ripple through the stablecoin’s backing, while an AVS failure or restaking shock could jeopardize ULTRA’s LRT collateral.

Prisma’s design, derived from Liquity, shows that overcollateralized stablecoins based on decentralized collateral can be robust to certain classes of risk, especially when liquidation mechanisms, stability pools, and immutable core contracts are carefully designed. Yet the exploit underscores that robustness at the core is not enough if peripheral contracts—such as helper zaps, migrations, or vault wrappers—are not subjected to equally rigorous engineering and review. The MigrateTroveZap vulnerability arose precisely because the team extended the system’s functionality in a way that interacted with sensitive Trove operations but lacked proper input validation, creating an unexpected path for attackers to exfiltrate collateral.

The incident also highlights the importance of oracle design and MEV awareness in DeFi protocols. While the exploit did not stem directly from oracle manipulation, Prisma Risk’s later analysis that a Curve‑based oracle would have reduced MEV and given users better execution underscores the degree to which even benign price discrepancies can be harvested by bots and contribute to hidden costs for users. For yield‑maximizing protocols like Prisma, which rely heavily on Curve for liquidity, aligning on‑chain price feeds with pool prices can reduce arbitrage leakage and improve user outcomes, though it also introduces dependencies on AMM health and liquidity.

In terms of governance, Prisma’s trajectory illustrates both the strengths and limitations of ve‑style tokenomics. The vePRISMA model successfully attracted liquidity and engagement by rewarding long‑term lockers with influence over emissions, but it also incentivized rapid growth and complex integrations to maintain competitive yields, potentially outpacing the protocol’s security capacity. The subsequent need to cut emissions, pause fees, and redirect resources toward victim repayment shows how quickly governance priorities can flip when a protocol’s risk profile changes, and how ve‑style locks can tie user capital to systems whose risk is not static.

From a user perspective, the Prisma episode reinforces basic but often overlooked principles of DeFi risk management. Vaults and Troves are not risk‑free simply because they are overcollateralized; users must also consider contract upgradeability, auxiliary contract interactions, and the governance track record of the team. The fact that the exploit affected users through a migration helper rather than directly through their Troves shows that using convenience features can materially change one’s risk profile, even if the underlying protocol is solid. This is particularly relevant in ecosystems where “zaps” and aggregators aim to simplify complex interactions but may add additional layers of smart contract risk.

Finally, the debate around whether the Prisma exploit was a “whitehat rescue” or a straightforward theft, along with the exploiter’s theatrical demands for public KYC and apologies, has reignited discussions about the term smart contract itself and the expectations users should have when interacting with autonomous code. While DeFi culture sometimes leans on the idea that “code is law,” Prisma’s community response—including post‑mortems, governance‑driven repayment plans, and a full protocol wind‑down and reboot—demonstrates that social and legal norms still play a significant role in shaping outcomes after a hack. The social layer can mitigate, though not fully reverse, the consequences of contract vulnerabilities.

Viewed in the context of the broader DeFi ecosystem, Prisma’s story is ultimately about the diffusion of risk across tightly coupled protocols and the ongoing search for architectures that can safely harness increasingly complex forms of collateral. LSDFi and restaking are likely to remain central narratives in Ethereum’s evolution, but the Prisma experience suggests that sustainable growth in these areas will require not only clever economic design and rich integrations but also disciplined engineering, adversarial testing, and transparent governance capable of responding quickly and credibly to failures.

Conclusion

Prisma Finance began as an ambitious LSDFi protocol that sought to unlock the full potential of Ethereum’s liquid staking tokens by allowing users to mint an overcollateralized stablecoin, mkUSD, backed by LST collateral, and later extended this model to restaking via ULTRA and LRTs. Architecturally, it adapted Liquity’s Trove‑based borrowing system to a more complex collateral set, relying on immutable core contracts, overcollateralization, and liquidations to maintain the solvency and peg of its stablecoins. Through deep integrations with Curve, Convex, and Yearn’s yLockers, Prisma became a central node in DeFi’s yield‑stacking economy, with mkUSD and ULTRA at the heart of multiple vaults, strategies, and gauge wars.

The protocol’s trajectory, however, was dramatically altered by the March 2024 exploit, which exploited a vulnerability in the MigrateTroveZap contract’s flash loan callback to siphon thousands of wstETH from user positions. Although the core Trove mechanism remained intact and mkUSD and ULTRA stayed overcollateralized, the exploit halved the protocol’s TVL and severely damaged user trust, prompting emergency pauses, audits, and a comprehensive governance response. Through measures such as PIP‑038’s victim repayment plan, fee pauses, and emission cuts, Prisma’s community attempted to mitigate harm and realign incentives, while acknowledging that the incident reflected deeper shortcomings in security practices.

Ultimately, Prisma’s stakeholders chose to wind down the protocol and transition toward a new project, Resupply, using on‑chain governance and airdrop mechanisms to carry forward the governance relationships embodied in vePRISMA while drawing a line under the legacy codebase. Along the way, the protocol’s experience offered the DeFi ecosystem valuable lessons about the management of LST and LRT‑backed stablecoins, the risks of auxiliary contract complexity, the importance of rigorous security culture, and the intertwined nature of social and technical layers in managing the fallout from smart contract exploits.

Outlook

Looking ahead, Prisma’s legacy is likely to influence LSDFi, restaking, and stablecoin design far beyond the lifespan of its own contracts. The concept of borrowing overcollateralized stablecoins against yield‑bearing LSTs and LRTs remains compelling, and future protocols—Resupply among them—will almost certainly continue to iterate on this model, armed with Prisma’s hard‑won lessons about security, governance, and risk disclosure. Curve, Convex, and Yearn’s yLocker frameworks will continue to provide the liquidity and meta‑governance infrastructure that makes such protocols viable, even as their integration standards and due‑diligence processes evolve in response to past incidents.

For users and builders, Prisma’s story underscores the importance of evaluating not only a protocol’s headline features and yields but also the details of its vault contracts, auxiliary zaps, oracle choices, and governance culture. As LSDFi and restaking mature, the most resilient systems are likely to be those that pair economic innovation with conservative engineering and transparent, responsive governance. In that sense, Prisma serves both as a warning and as a guidepost: a vivid example of what is possible when LSTs, vaults, Curve liquidity, and governance tokens are combined, and a reminder of the discipline required to make such combinations sustainable over time.