AI Support for DeFi

229 posts

AI Support for DeFi

@TxDesk

Your support tools can't read a transaction. I'm fixing that. Building AI support agents for DeFi protocols. website: https://t.co/8m2Z0WhLlf

انضم Şubat 2026

132 يتبع23 المتابعون

تغريدة مثبتة

AI Support for DeFi@TxDesk·20 Mar

Bought a plan, added Discord and Telegram bots, and had both installed and answering blockchain questions in under 2 minutes. No developer needed. No complex setup. No config files. TxDesk gives your protocol AI support that reads live onchain data across 46 chains, wherever your community already is. txdesk.io

English

187

AI Support for DeFi@TxDesk·1h

No signatures, no approvals, funds just moved. The scariest part isn't the exploit itself. It's that the wallet owners have no way to know it happened until they manually check their balance. Some of those wallets were dormant for 5-7 years. The owners probably don't follow crypto Twitter. They'll open MetaMask in six months and see zero with no explanation and no trail they can read. The entire industry has real-time monitoring for protocols. Individual users get nothing.

English

GoPlus Security 🚦@GoPlusSecurity·1d

1️⃣3️⃣ hours. 5️⃣7️⃣4️⃣ wallets. $760K mysteriously drained. What’s unusual: 84 wallets had been dormant for 5–7 years, about half had activity within the past 12 months, and some were even active just hours before the theft. No signatures. No approvals. Funds were silently wiped. 🕵️ There is only one explanation — private key compromise. According to @the_smart_ape, possible vectors include LastPass database leakage, fake wallets, and malicious trading/sniping bots. 🔐In response to the above risks, #GoPlus provides the following security recommendations: (1) Private keys or mnemonics should NEVER be exposed to any online environment and must be stored offline only (2) If a tool or scenario requires inputting a private key or mnemonic, use a newly created isolated wallet and test with small amounts of funds only

The Smart Ape 🔥@the_smart_ape

x.com/i/article/2050…

English

2.8K

AI Support for DeFi@TxDesk·1h

This is exactly the problem. People approve delegations, forget about them, and have no way to check unless someone reminds them on Twitter. The bot's Twitter account was suspended but the delegation is still active on-chain. The approval doesn't care if the company behind it disappeared. It sits there until someone either revokes it or uses it. Most users have no idea how to check what they've approved across chains, and the tools that exist assume you already know what you're looking for.

English

Ēl ChĀPø@CARTOONIST_MC1·10h

Yesterday I explained Solana delegations. A few people DMed me saying they checked and actually found one they forgot about. One person found a delegation from a trading bot they used three months ago. The bot's Twitter account had been suspended. No idea if the wallet was still safe. They revoked it immediately. This is exactly why I'm writing these posts. Not to scare you. To show you what's actually sitting in your wallet that you probably don't remember approving. Most people think they're safe because they "don't click weird links" or "only use major protocols." But here's the thing. Major protocols can get hacked. Trading bots can turn malicious. Legitimate platforms you used six months ago can have exploits discovered today. That delegation you gave to a DEX last year? If the that DEX got acquired by a new firm. The new owners now control that delegate wallet. Did anyone tell you that? No. Did they ask for new permission? No. They just have access now. Because you approved it once and never thought about it again. This isn't FUD. This is how the token program was designed. Delegations are useful. They enable better UX, faster trades, automated strategies. But useful doesn't mean safe. And safe doesn't mean permanent. The only way to stay safe is to check regularly. Know what's active. Revoke what you don't need. @CerbAgent Shield Agent automates this across six chains. One click. Full report. You decide what stays. The relaunch timeline is coming. But you can check your delegations and approvals right now. Etherscan for Ethereum. Solscan for Solana. Both have revoke tools. Go look. Revoke anything you don't recognize or don't use anymore. Future you will thank present you.

Ēl ChĀPø@CARTOONIST_MC1

Quick question. Do you know if you have a Solana token delegation active right now? Most people don't. Here's what a delegation means. You give another address permission to move your tokens. Not a contract. An actual wallet that someone controls. You approve it once. Maybe you used a trading bot. Maybe a DeFi platform asked for it. Maybe you clicked something you didn't fully read. Then you forgot about it. That delegate address still has permission. Right now. While you're reading this. If that wallet gets hacked? Your tokens are gone. If that wallet was always malicious? Your tokens were always at risk. No new signature needed. Just a drain that happens silently whenever they decide to take it. This isn't theoretical. Delegation exploits are real. They're just not talked about as much as Ethereum approvals because Solana's token program works differently. Same risk. Different name. This is exactly what @CerbAgent Shield Agent scans for. All it takes is one click. It checks every delegation on Solana. Every approval on Ethereum, Base, Arbitrum, Polygon, and BSC. Shows you exactly who has permission to move your money. What they can take. When you gave it. Then you decide. Revoke or keep. Most people revoke once they see the list. The $CERB relaunch is coming, that's when the shield agent will be live. The product works. But you don't have to wait to check your delegations. Go look. You might be surprised at what you find.

English

220

3.4K

AI Support for DeFi@TxDesk·1d

After the KelpDAO loss, Aave users frantically refreshed their dashboards. You shouldn't have to. Now you can ask "will my Aave position get liquidated if ETH drops 20%?" and get a one-sentence answer with the exact price and the dollars to repay. txdesk.io

English

AI Support for DeFi@TxDesk·1d

Clean breakdown. The part that's always missing from these post-mortems is what the users experienced during the exploit window. The team wallets got drained across four chains. How many users interacting with ZetaChain's gateway contracts in those hours had any idea something was wrong? The post-mortem tells the technical story perfectly. Nobody ever writes the user story: "I tried to bridge, it failed, I had no idea why, I asked in Discord, nobody answered for 6 hours."

English

ddimitrov22@ddimitrovv22·1d

1/ Spent the morning unwinding the ZetaChain GatewayEVM hack from Apr 24. ~$334k drained from team wallets across ETH, Base, Arbitrum, BSC. No keys leaked. No multisig fail. This was a pure smart contract exploit, and the design flaw is wild once you see it. Breakdown below🧵

English

120

7.8K

AI Support for DeFi@TxDesk·1d

The recovery side gets all the attention. The part nobody talks about: during the 10 days between exploit and recovery, every Aave depositor on Ethereum was sitting in a pool that had been used as an exit route for stolen funds. Most of them had no idea. They couldn't check whether their health factor was affected. They couldn't tell if the pool's liquidity had shifted. They just waited and hoped. $318M raised to fix the protocol side. $0 spent on telling individual depositors what was happening to their positions in real time.

English

153

jfab.eth@josefabregab·1d

DPRK drained ~$292M through the LayerZero + Kelp exploit before using them to take loans from @aave DeFi United raised ~$318M. That’s ~$24M above the estimated loss. What will be done with these funds? Data by @EntropyAdvisors.

English

2.9K

AI Support for DeFi@TxDesk·1d

The logical explanation nobody mentions: every single one of these protocols had internal monitoring that caught the exploit. Every single one paused contracts within hours. And in every single case, the depositors found out last. Not from the protocol. From Twitter. The security tooling for protocols has improved dramatically. The communication tooling for users hasn't moved at all. Users don't need to remove their money from DeFi. They need a way to know what's happening to their money before they read about it in someone else's thread.

English

Sensei@senseii_gg·2d

Remove your money from DeFi protocols! With the amount of hacks we've seen in only the month of April, there are only two logical explanations. 1. DeFi was built on glass and hackers are going from one project to the other to find out how fragile they are. and they are finding out they are all fragile. 2. Team members from some teams are utilizing the mass hacks to destabilize their own platform and claim hacks. Whatever the case may be, do not leave your money in any protocol.

emilios.eth@emilios_eth

Unbelievable, shut down your protocols or something new victim: @syndicateio

English

477

AI Support for DeFi@TxDesk·1d

The security setup is the precondition but the user experience after the exploit is the part nobody talks about. Wasabi users on Berachain were told "use revoke.cash" which assumes they know what token approvals are, how to find the right contract, and how to submit a revoke transaction. Most of them found out from a stranger's tweet hours after the drain started. The weak security allowed the hack. The nonexistent user communication layer is why losses kept compounding after detection.

English

jussy@jussy_world·2d

I don't think DeFi is broken because of these hacks Look at Wasabi: - no multisig - no timelock - one wallet controlling every vault How such a weak security even allowed? Team didn't updated their security after watching everything that's happened in the space for the last month It's nonsense These hacks aren't exposing DeFi as a whole They're exposing the weak teams from the ones actually doing the work

Mando@rektmando

Wasabi hurts, i know a number of people who used it DeFi expected yields were already low, now they starting to feel negative

English

5.6K

AI Support for DeFi@TxDesk·2d

Every single protocol on this list had monitoring that detected the exploit. Every single one paused contracts within hours. And every single one left their users to figure out "am I affected?" by reading Twitter threads. The security side of DeFi is improving fast. The user communication side hasn't moved at all. $635M in April and not one protocol had a system that told its depositors "your position is safe" or "you need to act now" in real time

English

Hercules | DeFi@Hercules_Defi·2d

At the middle of April, over $400m has been drained from Crypto all year. This number has increased to over $700m. April alone had $635.24m exploited. These are the exploits since mid April 👇 ----------------- > Rhea Lend lost $18.4M because a fake collateral exploit inflated asset value, allowing the attacker overborrow and drain liquidity ----------------- > Grinex lost $15M because a hot wallet compromise exposed private keys, allowing the attacker gain direct access and drain funds ----------------- > KelpDAO lost $293M because a LayerZero OFT bridge exploit was leveraged, allowing the attacker manipulate cross-chain messaging and drain funds at scale ----------------- > Juicebox V3 lost $52K because a borrowFrom spoof attack bypassed validation checks, allowing the attacker borrow funds without proper collateral ----------------- > ThetanutsFi lost $50K because a first depositor attack manipulated initial pool conditions, allowing the attacker gain unfair advantage and extract funds ----------------- > Volo Vault lost $3.5M because a protocol logic vulnerability was exploited, allowing the attacker manipulate vault mechanics and drain funds ----------------- > Kipseli lost $80K because flawed quoting logic mispriced assets, allowing the attacker exploit pricing inefficiencies and extract value ----------------- > Giddy lost $1.3M because incomplete EIP-712 signature validation was exploited, allowing the attacker forge approvals and move funds ----------------- > Purrlend lost $1.5M because a fake bridge address was used, allowing the attacker trick users/protocol flows and redirect funds ----------------- > Litecoin lost $0 because a zero-day bug combined with a DDoS vector disrupted the network, though no direct funds were stolen ----------------- > Scallop Lend lost $150K because a protocol logic flaw was exploited, allowing the attacker manipulate lending conditions and withdraw excess funds ----------------- > ZetaChain lost $300K because flaws in Gateway EVM contract logic were exploited, allowing the attacker abuse cross-chain interactions and drain funds ----------------- > Singularity Finance lost $413K because a misconfigured oracle fed incorrect data, allowing the attacker manipulate pricing inputs and extract value ----------------- > JUDAO lost $228K because a flashloan exploit manipulated protocol logic, allowing the attacker execute transactions with temporary capital and drain funds ----------------- > Quant lost $138K because an access control vulnerability allowed unauthorized actions, enabling the attacker execute restricted functions and move funds ----------------- > Syndicate lost $380K because a bridge exploit in Commons was abused, allowing the attacker manipulate cross-chain transfers and withdraw assets ----------------- > Sweat Foundation lost $3.5M because refund logic was flawed, allowing the attacker repeatedly claim refunds and drain funds ----------------- > Aftermath Perps lost $1.14M because a fee-accounting logic flaw was exploited, allowing the attacker manipulate fee calculations and extract value ----------------- > Wasabi Perps lost $5.5M because admin keys were compromised, allowing the attacker gain privileged control and withdraw funds

Hercules | DeFi@Hercules_Defi

Over $421 M has been drained from crypto this year. April saw the highest amounts drained, as £288.35 has been drained so far. This is the list of drain events that have happened since the beginning of this year. -------------------- ➢ 𝐉𝐚𝐧𝐮𝐚𝐫𝐲 > @StepFinance_ lost $30M because several treasury and fee wallets got compromised. On-chain activity on Solana pointed to compromised private keys. > @Truebitprotocol lost $26.4M because an error in an old forgotten contract allowed attackers to mint TRU tokens for free, then burn them to drain protocol value. > @SagaEVM lost $7M because of a supply chain hack, inherited vulnerabilities in EVM precompile bridge logic from Ethermint that the protocol never patched. > @ApertureFinance lost $4M because their V3/V4 contracts contained an arbitrary call vulnerability, similar to the SwapNet exploit that same month. > @makinafi lost $4.1M because attackers exploited flaws in the execution logic of its DUSD/USDC CurveStable pool to drain funds. > TMX lost $1.4M because an attacker used USDT to mint TMX LP tokens, swapped USDC for USDG, then looped unstaking and selling USDG on Arbitrum. -------------------- ➢ 𝐅𝐞𝐛𝐫𝐮𝐚𝐫𝐲 > @iotex_io lost $8.8M because an attacker compromised the private key managing the Validator contract on the Ethereum side of their cross-chain bridge, stealing reserves and minting 111M CIOTX tokens. > @crosscurvefi lost $4.95M because validation bugs in their bridge's smart contracts allowed attackers to spoof Axelar messages, tricking the PortalV2 contract into releasing funds for a fake cross-chain deposit. > @MoonwellDeFi lost $1.78M because AI-generated code used only the cbETH/ETH exchange rate as its price, skipping the ETH/USD multiplication, valuing cbETH at $1.12 instead of $2,200. > @blend_capital yieldBlox pool was exploited using price manipulation of the USTRY asset. They lost $10m in a mixture of USDC and XLM > Ploutos Money lost $390K due to an oracle misconfiguration. The oracle was mistakenly configured to use the BTC/USD Chainlink price feed to price USDC. They've had their socials deleted since then -------------------- ➢ 𝐌𝐚𝐫𝐜𝐡 > LMI/USDT staking protocol lost $950K because a price manipulation attack exploited flawed pricing logic, allowing the attacker distort valuations and withdraw inflated staking rewards > GoonFi lost $254K because mispricing arbitrage exploited incorrect asset valuation, letting the attacker repeatedly profit from price discrepancies across pools > @Cyrus_Finance lost $5M because a flashloan attack manipulated pool share calculations, allowing the attacker mint excess shares and redeem more assets than deposited > @ResolvLabs lost $24.5M because a private key was compromised, giving the attacker privileged access to drain protocol funds > @dTRINITY_Defi dLEND lost $257K because a deposit inflation attack manipulated accounting logic, allowing the attacker inflate deposits and withdraw more than contributed > @VenusProtocol Pool lost $3.7M because a donation attack skewed internal accounting, allowing the attacker withdraw more funds than their actual share > @Goosedefi lost $8,435 because a share accounting flaw miscalculated balances, letting the attacker withdraw funds. > @StakeDAOHQ lost $176K because oracle message spoofing allowed attacker to extract funds > @Gondixyz V3 lost $230K because a PurchaseBundler exploit bypassed transaction checks, allowing the attacker manipulate bundled operations and gain unauthorized assets > M0lt EVM lost $127K because a flawed token modifier allowed unauthorized actions, enabling the attacker bypass restrictions and extract funds > @SolvProtocol lost $2.7M because a mint reserves logic exploit allowed tokens to be minted without proper collateral, draining protocol liquidity > @FOOMCash lost $2.26M because a fake proof spam attack bypassed verification logic, allowing the attacker mint or withdraw funds without valid proofs -------------------- ➢ 𝐀𝐩𝐫𝐢𝐥 > @zerion lost $100K because a hot wallet compromise exposed private keys, allowing the attacker gain direct access and drain funds > @dango lost $410K because attacker exploited a bug in the insurance fund's logic and drained USDC collateral held in the perps contract. > @SubQueryNetwork lost $60K because an access control exploit bypassed permission checks, allowing the attacker execute restricted functions and move funds > @hyperbridge lost $237K because fake state proof validation failed, allowing the attacker submit forged proofs and withdraw assets illegitimately > @AethirCloud lost $423K because an access control vulnerability allowed unauthorized privileged actions, enabling the attacker drain funds from protected contract functions > @SiloFinance lost $392K because a misconfigured oracle fed incorrect pricing data, allowing the attacker manipulate collateral values and overborrow assets > @DriftProtocol lost $285M because compromised admin credentials enabled unauthorized control, allowing the attacker upgrade contracts or withdraw funds at scale > Mona lost $60,950 because a burn address accounting flaw miscalculated supply, enabling the attacker manipulate balances and extract excess tokens It has been a crazy year so far and I hope protocols can work more on security. Daily bug checks, dedicated security team and so much more to make sure users don't lose funds.

English

7.6K

AI Support for DeFi@TxDesk·2d

The KelpDAO exploit is the perfect case study for why security monitoring alone isn't enough. The exploiter used Aave as the exit route. 8,000+ Aave users had no idea their lending pool was being used to launder exploit proceeds until the post-mortem came out days later. They were sitting in positions wondering "is my health factor affected?" with no way to get a fast answer. The protocol had monitoring. The users had nothing.

English

PeckShieldAlert@PeckShieldAlert·2d

#PeckShieldAlert In April 2026, the crypto space saw 40 major hacks totaling $647M—a📈 1,140% MoM surge from March ($52.2M). @DriftProtocol & @KelpDAO exploits now rank among the Top 10 hacks since 2021. The KelpDAO exploiter supplied rsETH to @aave to borrow massive amounts of ETH before laundering the loot into #BTC. This has exposed the Aave ecosystem to bad debt risk. In response, DeFi United is coordinating an effort to absorb the liquidity shortfall and prevent further systemic contagion. #Top5 hacks - KelpDAO: $292M (Ranked #7, Jan 2021 – Apr 2026) - Drift: $285M (Ranked #9, Jan 2021 – Apr 2026) - Rhea Finance: $20M - Grinex: $13.74M - Wasabi Protocol

English

5.1K

AI Support for DeFi@TxDesk·2d

"Security still the biggest alpha" is right but it's only half the picture. Every one of those 28 incidents followed the same user experience: protocol pauses, team investigates internally, users find out hours later from a stranger's tweet. The security side is getting more investment than ever. The communication side is completely ignored. Nobody is building the layer that tells depositors "your position may be affected, here's what to do" before they have to piece it together from post-mortems. That's not a security problem anymore. That's a support problem.

English

Whitelist Media@Whitelist1Media·2d

🚩 DeFi just got cooked in April: ~$635M lost across 28 hacks/exploits in 30 days. That makes April 2026 the worst month in DeFi history. For context: the entire Q1 2026 lost only $165.5M. April alone was nearly 4x that. Security still the biggest alpha in crypto. Stay safe out there.

English

6.6K

AI Support for DeFi@TxDesk·3d

30 incidents in one month. Every single one followed the same user experience: team finds out, team pauses contracts, team posts a thread, users find out hours later from someone else's tweet. The security side is getting more attention than ever. The support side is completely ignored. Nobody is building the layer that tells a depositor "your funds may be at risk, here's what to do" before they have to piece it together from Twitter threads. That's not a monitoring problem. It's a communication problem.

English

chrisdior@chrisdior777·3d

One of the toughest months Web3 has faced. April 2026: • 30+ security incidents • ~$630m drained This chart shows the hacked projects, estimated losses, and the cause behind each incident.

English

9.9K

AI Support for DeFi@TxDesk·3d

"Use revoke.cash" is the standard advice after every exploit. But think about what that actually requires: a user has to see this tweet, understand what token approvals are, navigate to revoke.cash, connect their wallet, find the right contract, and submit a revoke transaction. Most users in Wasabi vaults don't follow Berachain Foundation on Twitter. They'll find out tomorrow when they check their balance. The gap between "protocol team knows" and "user knows what to do" is where the real losses pile up. That's not a security problem anymore. That's a support problem.

English

493

Berachain Foundation 🐻⛓@berachain·3d

Wasabi across all chains including Berachain has been hacked. If you have funds in Wasabi WITHDRAW THEM NOW. Berachain users have approximately $50K at risk. Use this to revoke revoke.cash Move quickly to withdraw your funds. Reward vaults for Wasabi have been paused in the interim.

English

164

37K

AI Support for DeFi@TxDesk·3d

@cryptothedoggy That list keeps growing and the root cause keeps repeating: admin key compromise. Wasabi, Volo, and now five others this month alone. The precondition is always the same, a single keypair controlling upgrade authority. This is checkable before you deposit. Nobody checks.

English

cryptothedoggy@cryptothedoggy·3d

🚨EXPLOIT ALERT🚨 Wasabi Protocol hacked $5M+ drained. Attacker gained ADMIN_ROLE via deployer wallet. DeFi is bleeding again. Past few weeks damage: • Kelp DAO — $292M • Drift — $285M • Grinex — $13.7M • Rhea — $7.6M • Wasabi — $5M • Volo — $3.5M • Purrlend — $1.5M • CoW Swap — $1.2M • Aethir — $423K • Silo — $392K • Scallop — 150K SUI What happened at Wasabi? Compromised deployer wallet. Attacker got admin control. Upgraded contracts. Drained everything. Over $805M wiped in 27 days. This isn’t volatility. It’s vulnerability.

English

5.5K

AI Support for DeFi@TxDesk·3d

The pattern that connects all of these isn't the size or the sector. It's that every single one followed the same user experience: users found out on Twitter hours after the exploit started. The protocols that survive the next cycle won't just be the ones with better security. They'll be the ones that can tell their users "you are affected" before a stranger's thread does.

English

254

Ignas | DeFi@DefiIgnas·3d

Multiple hacks per day in crypto. Many recent hacks involve (1) small amounts, (2) niche sectors, and (3) relatively older protocols. Sweat, for example, launched in 2022 as a walk-to-earn app. The exploit targeted the SWEAT token contract on NEAR. Their GitHub update history shows they weren't actively maintaining their public repositories before the hack. Their core DeFi/growth feature was last updated 7 months ago. I bet other hacks share similar patterns. Just like I look for protocols to farm for airdrops that fit my criteria, hackers likely use the latest AI models to target protocols that are: • rarely updated • share similar vulnerabilities as previously hacked projects • have $100k+ in their contracts Using AI lowered the effort needed to find these targets. This will likely last until old, unmaintained projects are milked out of their last cents or the industry improves security.

English

164

43.6K

AI Support for DeFi@TxDesk·3d

This checklist is exactly right but it's aimed at protocol operators. The missing piece is the other side: what can users check before depositing? Most users have no way to verify whether a protocol's admin keys are held by a single address or a multisig. We just shipped a tool that checks this on Sui ran it against Cetus CLMM and it flagged single-key upgrade authority in 4 seconds. The same check should exist for every chain.

English

bartek.eth@bkiepuszewski·3d

As more and more admin keys are compromised to drain protocols, here's your check list if you are running one: 1) Learn as much as you can about your external dependencies. Once you learn about them, monitor their setup for upgrades 24/7. It's ridiculous to rely on an audit to tell you "hey, the doors to your house are locked, we checked it on 23rd of March". Today the external token that you may depend on could be L0 4/4 DVN; tomorrow, it may be 1/1 DVN. You should get an alert of a change and react to the news 2) As you should monitor your external dependencies, anyone relying on you should monitor you - for them, you are their external dependency. They should monitor every single MultiSig that you run, every single EOA that you set up - it's potentially their liability. Once an unsafe setup is detected, they may (and frankly should) refuse to use your protocol. So make sure you don't have these freaking EOAs that you set up just for operational efficiency 3) The first people spotting your weak points will be hackers. Then, external teams. Finally, your internal ops team. You need to reverse that order 4) Don't rely on AI slop for risk analysis. This current trend, where we see dozens of "risk-mgmt dashboards that I vibe-coded over the weekend" is frankly beyond scaring and outright irresponsible. You will get beautiful-sounding report, but you will never be sure if it is correct or bullshit or something in between The above you should do on top of code audits of your protocol and impeccable internal opsec, circuit-breaker infra, and whatnot. If you think that's frankly too much or too expensive - gtfo of DeFi And if you are overwhelmed with the complexity of the task - talk to @l2beat 💕

PeckShield Inc.@peckshield

It seems the admin key of @wasabi_protocol has been compromised with the estimated loss of $5.5m across multiple chains, including ETH, BASE, BLAST, and BERA chains. Here is the related tx to add the malicious admin: etherscan.io/tx/0x11ff84ffb…

English

11.1K

AI Support for DeFi@TxDesk·3d

Three Sui protocols exploited in nine days. Volo ($3.5M, admin key), Scallop ($142K, deprecated contract still callable), AftermathFi ($1.14M, missing auth check). So I built 5 security tools for Sui: - Package risk scanner (catches the exact Scallop deprecated-contract pattern) - Failed transaction diagnosis - Object inspector - Coin metadata + scam detection - Account risk analysis Ran it against Cetus CLMM on mainnet. Tool flagged two CRITICAL issues in 4 seconds: deprecated package version and single-key upgrade authority. If you're building on Sui or using Sui DeFi, you can now check before you sign. txdesk.io

English

AI Support for DeFi@TxDesk·3d

Every DeFi support team has the same workflow: user asks "what happened to my transaction?" Moderator opens Etherscan. Moderator spends 10 minutes decoding logs. Moderator translates it into English. Moderator pastes it back into Discord. Repeat 50 times a day. TxDesk does that in 5 seconds. Automatically. On 46 chains. txdesk.io

English

AI Support for DeFi@TxDesk·3d

$600M+ in April and every single post-mortem will recommend the same things: better audits, better monitoring, better access controls. None of them will recommend better user communication during the incident. The protocol side is getting addressed. The user side is completely ignored. Nobody is building the layer that tells a depositor "your funds may be at risk" before they read about it on Twitter three hours later.

English

emilios.eth@emilios_eth·4d

What a terrible time to own a DeFi protocol - Drift Protocol $285M - Silo Finance $392K - Rhea Finance $7.6M - Kelp DAO $293M - Volo $3.5M - Purrlend $1.5M - Scallop Lend $142K - ZetaChain $320K - Singularity Finance $413K - JUDAO $464K $600 M+ in losses … in April only

Aftermath Finance (🥚, 🥚)@AftermathFi

Attention Aftermath community - We’ve identified an exploit affecting the protocol. Our team is actively investigating alongside leading security partners. As a precaution, the protocol has been paused and measures are being taken to minimize potential impact to user funds. We’ll continue to share updates as we learn more. Thank you for your patience.

English

110

13.1K

AI Support for DeFi@TxDesk·3d

Locking down the protocol is one side. The other side nobody talks about: what happens to users in the 30 minutes between "exploit starts" and "team pauses the contract." That window is where the real damage compounds. Users keep interacting with a compromised protocol because nobody told them to stop. The protocols that survive the next wave won't just be the ones with better security. They'll be the ones that can communicate with their users in real time during a crisis.

English

119

chase@therealchaseeb·3d

At this point, everyone should just immediately assume that your protocol is next in line, and do whatever possible to lock it down NOW

Blockaid@blockaid_

🚨Community Alert: Ongoing exploit on @SweatEconomy on @NEARProtocol. Exploiter: 3be304b2151870b2be88b9de0b80acab921337ad152584138bd852fc6e9ae018 Largest exploit tx: DvrSMfY85Anc6AuLUmoEDkDdab7qX5NUZLu76HN8NoPn

English

14.1K

AI Support for DeFi@TxDesk·3d

25 protocols, $624M, one month. At this point the question isn't "will your protocol get hacked" it's "when." And every single time the pattern is identical: team finds out, team pauses, team investigates, users find out on Twitter hours later. $624M in losses and not a single protocol had a system that told its users "you are affected" before they had to find out from a stranger's thread.

English

460

MrBreadSmith@MrBreadSmith·4d

📅 Worst month for DeFi, 25 protocols hacked in past 30 days ($624,000,000 total) KelpDAO — $293,000,000 Drift — $285,000,000 Rhea Lend — $18,400,000 Grinex — $15,000,000 Volo Vault — $3,500,000 Hyperbridge — $2,500,000 BSC TMM/USDT — $1,665,000 Giddy — $1,300,000 Purrlend — $1,500,000 Aftermath Finance — $1,140,000 LML/USDT Staking — $950,000 Aethir — $423,000 Singularity Finance — $413,000 Dango — $410,000 Silo V2 — $392,000 ZetaChain — $300,000 Judao — $228,000 Scallop Lend — $150,000 Zerion Wallet — $100,000 Kipseli — $80,000 MONA — $60,950 SubQuery Network — $60,000 Juicebox V3 — $52,000 Thetanuts Finance — $50,000 Someone needs to stop this 🙏

English

369

115.2K

اكتشف

@the_smart_ape @CerbAgent @aave @EntropyAdvisors @DriftProtocol @KelpDAO @elonmusk @BarackObama