Pods Finance develops decentralized protocol intended to hedge crypto using decentralized finance. The company's platform offers tailor-made Defi options, put options, and call options, helping users to hedge crypto and protect a portfolio with pods protocol.

Whitehat Csanuragjain submitted a vulnerability to Immunefi regarding Pods Finance. The vulnerability was given a severity rating of “high”, as it is a logic error that allows for theft of yield or abuse of the rewards system on the protocol. The contract was not deployed on mainnet, so there were no funds at risk. Pods Finance received the report, evaluated it, and paid out $4,000 USDC to the whitehat in just 13 minutes, winning the award by far for the fastest ever bug bounty response and pay-out on Immunefi.

Pods Finance has a rewards system that mints rewards for users who issue options, but the reward calculation logic itself, present in both AavePodPut.sol and AavePodCall.sol, allows a malicious attacker to claim rewards owed to other users and drain the entire contract.