Superform provides no guarantee of the underlying security or functionality of a vault. The Superform Protocol is permissionless and anyone can list any vault, including broken or risky ones. Superform has no control over vaults.
Even if a vault:
Is associated with an authenticated protocol
Is associated with a protocol you trust
Passes simulations
Passes vault checks
Has been audited
Has lots of TVL
It can still be hacked.
What happened to my tokens?
If a vault you deposited into through Superform was hacked, you will be subject to the same effects as someone who deposited directly into the vault outside of Superform. That could mean partial or complete loss of deposited tokens, or inability to withdraw. If tokens from the hacked vault are ever recovered by the vault's protocol, best effort will be made to distribute those tokens to Superform depositors into the vault.
What should you do?
Follow up with the protocol that was hacked. That is where you will be able to learn of any recoveries made for the vault.
If the exploit hasn’t already been flagged by Superform, please file a ticket in the Help Center.
Wait for the protocol or vault that was hacked to provide you with a resolution.