On September 4, Pendle released an analysis report on the Penpie attack. "Pendle immediately suspended our contract after discovering the security vulnerability, protecting the security of approximately $105 million, which could be further lost from Penpie. At 01:45 today, the attacker deployed the first contract used for the attack. Our real-time internal monitoring system detected it as a suspicious contract, which was funded by Tornado Cash and interacted with the Pendle contract. At 01:46, the team was aware of this danger signal and remained alert, while launching an investigation to check whether this posed a real security threat to Pendle. At 02:23, the first attack occurred on Penpie, an independent protocol built on Pendle. At 02:25 (approximately 2 minutes after the Penpie security vulnerability occurred), the Pendle team made every effort to protect Pendle and Pencosystem from any subsequent attacks. At 02:34, Pendle also contacted security expert Seal911 to help assess the situation and evaluate options and put strategies in place to thwart any subsequent related attacks. At 02:45, we managed to suspend all contracts on Pendle. Thereafter, the team contacted protocols that used PendlePT as collateral and notified them of the contract suspension. At 02:52, our development team confirmed that the Pendle contracts were secure and the attack was due to an issue unique to Penpie. The vulnerability was found to be related to a unique feature that allowed the unpermissioned listing of Pendle markets on Penpie. At 08:50, after rigorous review and coordination with all relevant parties to confirm steps 1 and 2, the Pendle contracts were safely unsuspended and resumed normal operation. ”