AI Support for DeFi

227 posts

AI Support for DeFi

@TxDesk

Your support tools can't read a transaction. I'm fixing that. Building AI support agents for DeFi protocols. website: https://t.co/8m2Z0WhLlf

Beigetreten Şubat 2026

132 Folgt23 Follower

Angehefteter Tweet

AI Support for DeFi@TxDesk·20 Mar

Bought a plan, added Discord and Telegram bots, and had both installed and answering blockchain questions in under 2 minutes. No developer needed. No complex setup. No config files. TxDesk gives your protocol AI support that reads live onchain data across 46 chains, wherever your community already is. txdesk.io

English

187

AI Support for DeFi@TxDesk·20h

After the KelpDAO loss, Aave users frantically refreshed their dashboards. You shouldn't have to. Now you can ask "will my Aave position get liquidated if ETH drops 20%?" and get a one-sentence answer with the exact price and the dollars to repay. txdesk.io

English

AI Support for DeFi@TxDesk·20h

Clean breakdown. The part that's always missing from these post-mortems is what the users experienced during the exploit window. The team wallets got drained across four chains. How many users interacting with ZetaChain's gateway contracts in those hours had any idea something was wrong? The post-mortem tells the technical story perfectly. Nobody ever writes the user story: "I tried to bridge, it failed, I had no idea why, I asked in Discord, nobody answered for 6 hours."

English

ddimitrov22@ddimitrovv22·1d

1/ Spent the morning unwinding the ZetaChain GatewayEVM hack from Apr 24. ~$334k drained from team wallets across ETH, Base, Arbitrum, BSC. No keys leaked. No multisig fail. This was a pure smart contract exploit, and the design flaw is wild once you see it. Breakdown below🧵

English

118

7.6K

AI Support for DeFi@TxDesk·20h

The recovery side gets all the attention. The part nobody talks about: during the 10 days between exploit and recovery, every Aave depositor on Ethereum was sitting in a pool that had been used as an exit route for stolen funds. Most of them had no idea. They couldn't check whether their health factor was affected. They couldn't tell if the pool's liquidity had shifted. They just waited and hoped. $318M raised to fix the protocol side. $0 spent on telling individual depositors what was happening to their positions in real time.

English

149

jfab.eth@josefabregab·1d

DPRK drained ~$292M through the LayerZero + Kelp exploit before using them to take loans from @aave DeFi United raised ~$318M. That’s ~$24M above the estimated loss. What will be done with these funds? Data by @EntropyAdvisors.

English

2.8K

AI Support for DeFi@TxDesk·1d

The logical explanation nobody mentions: every single one of these protocols had internal monitoring that caught the exploit. Every single one paused contracts within hours. And in every single case, the depositors found out last. Not from the protocol. From Twitter. The security tooling for protocols has improved dramatically. The communication tooling for users hasn't moved at all. Users don't need to remove their money from DeFi. They need a way to know what's happening to their money before they read about it in someone else's thread.

English

Sensei@senseii_gg·2d

Remove your money from DeFi protocols! With the amount of hacks we've seen in only the month of April, there are only two logical explanations. 1. DeFi was built on glass and hackers are going from one project to the other to find out how fragile they are. and they are finding out they are all fragile. 2. Team members from some teams are utilizing the mass hacks to destabilize their own platform and claim hacks. Whatever the case may be, do not leave your money in any protocol.

emilios.eth@emilios_eth

Unbelievable, shut down your protocols or something new victim: @syndicateio

English

474

AI Support for DeFi@TxDesk·1d

The security setup is the precondition but the user experience after the exploit is the part nobody talks about. Wasabi users on Berachain were told "use revoke.cash" which assumes they know what token approvals are, how to find the right contract, and how to submit a revoke transaction. Most of them found out from a stranger's tweet hours after the drain started. The weak security allowed the hack. The nonexistent user communication layer is why losses kept compounding after detection.

English

jussy@jussy_world·2d

I don't think DeFi is broken because of these hacks Look at Wasabi: - no multisig - no timelock - one wallet controlling every vault How such a weak security even allowed? Team didn't updated their security after watching everything that's happened in the space for the last month It's nonsense These hacks aren't exposing DeFi as a whole They're exposing the weak teams from the ones actually doing the work

Mando@rektmando

Wasabi hurts, i know a number of people who used it DeFi expected yields were already low, now they starting to feel negative

English

5.6K

AI Support for DeFi@TxDesk·1d

Every single protocol on this list had monitoring that detected the exploit. Every single one paused contracts within hours. And every single one left their users to figure out "am I affected?" by reading Twitter threads. The security side of DeFi is improving fast. The user communication side hasn't moved at all. $635M in April and not one protocol had a system that told its depositors "your position is safe" or "you need to act now" in real time

English

Hercules | DeFi@Hercules_Defi·2d

At the middle of April, over $400m has been drained from Crypto all year. This number has increased to over $700m. April alone had $635.24m exploited. These are the exploits since mid April 👇 ----------------- > Rhea Lend lost $18.4M because a fake collateral exploit inflated asset value, allowing the attacker overborrow and drain liquidity ----------------- > Grinex lost $15M because a hot wallet compromise exposed private keys, allowing the attacker gain direct access and drain funds ----------------- > KelpDAO lost $293M because a LayerZero OFT bridge exploit was leveraged, allowing the attacker manipulate cross-chain messaging and drain funds at scale ----------------- > Juicebox V3 lost $52K because a borrowFrom spoof attack bypassed validation checks, allowing the attacker borrow funds without proper collateral ----------------- > ThetanutsFi lost $50K because a first depositor attack manipulated initial pool conditions, allowing the attacker gain unfair advantage and extract funds ----------------- > Volo Vault lost $3.5M because a protocol logic vulnerability was exploited, allowing the attacker manipulate vault mechanics and drain funds ----------------- > Kipseli lost $80K because flawed quoting logic mispriced assets, allowing the attacker exploit pricing inefficiencies and extract value ----------------- > Giddy lost $1.3M because incomplete EIP-712 signature validation was exploited, allowing the attacker forge approvals and move funds ----------------- > Purrlend lost $1.5M because a fake bridge address was used, allowing the attacker trick users/protocol flows and redirect funds ----------------- > Litecoin lost $0 because a zero-day bug combined with a DDoS vector disrupted the network, though no direct funds were stolen ----------------- > Scallop Lend lost $150K because a protocol logic flaw was exploited, allowing the attacker manipulate lending conditions and withdraw excess funds ----------------- > ZetaChain lost $300K because flaws in Gateway EVM contract logic were exploited, allowing the attacker abuse cross-chain interactions and drain funds ----------------- > Singularity Finance lost $413K because a misconfigured oracle fed incorrect data, allowing the attacker manipulate pricing inputs and extract value ----------------- > JUDAO lost $228K because a flashloan exploit manipulated protocol logic, allowing the attacker execute transactions with temporary capital and drain funds ----------------- > Quant lost $138K because an access control vulnerability allowed unauthorized actions, enabling the attacker execute restricted functions and move funds ----------------- > Syndicate lost $380K because a bridge exploit in Commons was abused, allowing the attacker manipulate cross-chain transfers and withdraw assets ----------------- > Sweat Foundation lost $3.5M because refund logic was flawed, allowing the attacker repeatedly claim refunds and drain funds ----------------- > Aftermath Perps lost $1.14M because a fee-accounting logic flaw was exploited, allowing the attacker manipulate fee calculations and extract value ----------------- > Wasabi Perps lost $5.5M because admin keys were compromised, allowing the attacker gain privileged control and withdraw funds

Hercules | DeFi@Hercules_Defi

Over $421 M has been drained from crypto this year. April saw the highest amounts drained, as £288.35 has been drained so far. This is the list of drain events that have happened since the beginning of this year. -------------------- ➢ 𝐉𝐚𝐧𝐮𝐚𝐫𝐲 > @StepFinance_ lost $30M because several treasury and fee wallets got compromised. On-chain activity on Solana pointed to compromised private keys. > @Truebitprotocol lost $26.4M because an error in an old forgotten contract allowed attackers to mint TRU tokens for free, then burn them to drain protocol value. > @SagaEVM lost $7M because of a supply chain hack, inherited vulnerabilities in EVM precompile bridge logic from Ethermint that the protocol never patched. > @ApertureFinance lost $4M because their V3/V4 contracts contained an arbitrary call vulnerability, similar to the SwapNet exploit that same month. > @makinafi lost $4.1M because attackers exploited flaws in the execution logic of its DUSD/USDC CurveStable pool to drain funds. > TMX lost $1.4M because an attacker used USDT to mint TMX LP tokens, swapped USDC for USDG, then looped unstaking and selling USDG on Arbitrum. -------------------- ➢ 𝐅𝐞𝐛𝐫𝐮𝐚𝐫𝐲 > @iotex_io lost $8.8M because an attacker compromised the private key managing the Validator contract on the Ethereum side of their cross-chain bridge, stealing reserves and minting 111M CIOTX tokens. > @crosscurvefi lost $4.95M because validation bugs in their bridge's smart contracts allowed attackers to spoof Axelar messages, tricking the PortalV2 contract into releasing funds for a fake cross-chain deposit. > @MoonwellDeFi lost $1.78M because AI-generated code used only the cbETH/ETH exchange rate as its price, skipping the ETH/USD multiplication, valuing cbETH at $1.12 instead of $2,200. > @blend_capital yieldBlox pool was exploited using price manipulation of the USTRY asset. They lost $10m in a mixture of USDC and XLM > Ploutos Money lost $390K due to an oracle misconfiguration. The oracle was mistakenly configured to use the BTC/USD Chainlink price feed to price USDC. They've had their socials deleted since then -------------------- ➢ 𝐌𝐚𝐫𝐜𝐡 > LMI/USDT staking protocol lost $950K because a price manipulation attack exploited flawed pricing logic, allowing the attacker distort valuations and withdraw inflated staking rewards > GoonFi lost $254K because mispricing arbitrage exploited incorrect asset valuation, letting the attacker repeatedly profit from price discrepancies across pools > @Cyrus_Finance lost $5M because a flashloan attack manipulated pool share calculations, allowing the attacker mint excess shares and redeem more assets than deposited > @ResolvLabs lost $24.5M because a private key was compromised, giving the attacker privileged access to drain protocol funds > @dTRINITY_Defi dLEND lost $257K because a deposit inflation attack manipulated accounting logic, allowing the attacker inflate deposits and withdraw more than contributed > @VenusProtocol Pool lost $3.7M because a donation attack skewed internal accounting, allowing the attacker withdraw more funds than their actual share > @Goosedefi lost $8,435 because a share accounting flaw miscalculated balances, letting the attacker withdraw funds. > @StakeDAOHQ lost $176K because oracle message spoofing allowed attacker to extract funds > @Gondixyz V3 lost $230K because a PurchaseBundler exploit bypassed transaction checks, allowing the attacker manipulate bundled operations and gain unauthorized assets > M0lt EVM lost $127K because a flawed token modifier allowed unauthorized actions, enabling the attacker bypass restrictions and extract funds > @SolvProtocol lost $2.7M because a mint reserves logic exploit allowed tokens to be minted without proper collateral, draining protocol liquidity > @FOOMCash lost $2.26M because a fake proof spam attack bypassed verification logic, allowing the attacker mint or withdraw funds without valid proofs -------------------- ➢ 𝐀𝐩𝐫𝐢𝐥 > @zerion lost $100K because a hot wallet compromise exposed private keys, allowing the attacker gain direct access and drain funds > @dango lost $410K because attacker exploited a bug in the insurance fund's logic and drained USDC collateral held in the perps contract. > @SubQueryNetwork lost $60K because an access control exploit bypassed permission checks, allowing the attacker execute restricted functions and move funds > @hyperbridge lost $237K because fake state proof validation failed, allowing the attacker submit forged proofs and withdraw assets illegitimately > @AethirCloud lost $423K because an access control vulnerability allowed unauthorized privileged actions, enabling the attacker drain funds from protected contract functions > @SiloFinance lost $392K because a misconfigured oracle fed incorrect pricing data, allowing the attacker manipulate collateral values and overborrow assets > @DriftProtocol lost $285M because compromised admin credentials enabled unauthorized control, allowing the attacker upgrade contracts or withdraw funds at scale > Mona lost $60,950 because a burn address accounting flaw miscalculated supply, enabling the attacker manipulate balances and extract excess tokens It has been a crazy year so far and I hope protocols can work more on security. Daily bug checks, dedicated security team and so much more to make sure users don't lose funds.

English

7.6K

AI Support for DeFi@TxDesk·1d

The KelpDAO exploit is the perfect case study for why security monitoring alone isn't enough. The exploiter used Aave as the exit route. 8,000+ Aave users had no idea their lending pool was being used to launder exploit proceeds until the post-mortem came out days later. They were sitting in positions wondering "is my health factor affected?" with no way to get a fast answer. The protocol had monitoring. The users had nothing.

English

PeckShieldAlert@PeckShieldAlert·1d

#PeckShieldAlert In April 2026, the crypto space saw 40 major hacks totaling $647M—a📈 1,140% MoM surge from March ($52.2M). @DriftProtocol & @KelpDAO exploits now rank among the Top 10 hacks since 2021. The KelpDAO exploiter supplied rsETH to @aave to borrow massive amounts of ETH before laundering the loot into #BTC. This has exposed the Aave ecosystem to bad debt risk. In response, DeFi United is coordinating an effort to absorb the liquidity shortfall and prevent further systemic contagion. #Top5 hacks - KelpDAO: $292M (Ranked #7, Jan 2021 – Apr 2026) - Drift: $285M (Ranked #9, Jan 2021 – Apr 2026) - Rhea Finance: $20M - Grinex: $13.74M - Wasabi Protocol

English

AI Support for DeFi@TxDesk·1d

"Security still the biggest alpha" is right but it's only half the picture. Every one of those 28 incidents followed the same user experience: protocol pauses, team investigates internally, users find out hours later from a stranger's tweet. The security side is getting more investment than ever. The communication side is completely ignored. Nobody is building the layer that tells depositors "your position may be affected, here's what to do" before they have to piece it together from post-mortems. That's not a security problem anymore. That's a support problem.

English

Whitelist Media@Whitelist1Media·2d

🚩 DeFi just got cooked in April: ~$635M lost across 28 hacks/exploits in 30 days. That makes April 2026 the worst month in DeFi history. For context: the entire Q1 2026 lost only $165.5M. April alone was nearly 4x that. Security still the biggest alpha in crypto. Stay safe out there.

English

6.6K

AI Support for DeFi@TxDesk·2d

30 incidents in one month. Every single one followed the same user experience: team finds out, team pauses contracts, team posts a thread, users find out hours later from someone else's tweet. The security side is getting more attention than ever. The support side is completely ignored. Nobody is building the layer that tells a depositor "your funds may be at risk, here's what to do" before they have to piece it together from Twitter threads. That's not a monitoring problem. It's a communication problem.

English

chrisdior@chrisdior777·3d

One of the toughest months Web3 has faced. April 2026: • 30+ security incidents • ~$630m drained This chart shows the hacked projects, estimated losses, and the cause behind each incident.

English

9.9K

AI Support for DeFi@TxDesk·2d

"Use revoke.cash" is the standard advice after every exploit. But think about what that actually requires: a user has to see this tweet, understand what token approvals are, navigate to revoke.cash, connect their wallet, find the right contract, and submit a revoke transaction. Most users in Wasabi vaults don't follow Berachain Foundation on Twitter. They'll find out tomorrow when they check their balance. The gap between "protocol team knows" and "user knows what to do" is where the real losses pile up. That's not a security problem anymore. That's a support problem.

English

489

Berachain Foundation 🐻⛓@berachain·3d

Wasabi across all chains including Berachain has been hacked. If you have funds in Wasabi WITHDRAW THEM NOW. Berachain users have approximately $50K at risk. Use this to revoke revoke.cash Move quickly to withdraw your funds. Reward vaults for Wasabi have been paused in the interim.

English

164

36.9K

AI Support for DeFi@TxDesk·2d

@cryptothedoggy That list keeps growing and the root cause keeps repeating: admin key compromise. Wasabi, Volo, and now five others this month alone. The precondition is always the same, a single keypair controlling upgrade authority. This is checkable before you deposit. Nobody checks.

English

cryptothedoggy@cryptothedoggy·3d

🚨EXPLOIT ALERT🚨 Wasabi Protocol hacked $5M+ drained. Attacker gained ADMIN_ROLE via deployer wallet. DeFi is bleeding again. Past few weeks damage: • Kelp DAO — $292M • Drift — $285M • Grinex — $13.7M • Rhea — $7.6M • Wasabi — $5M • Volo — $3.5M • Purrlend — $1.5M • CoW Swap — $1.2M • Aethir — $423K • Silo — $392K • Scallop — 150K SUI What happened at Wasabi? Compromised deployer wallet. Attacker got admin control. Upgraded contracts. Drained everything. Over $805M wiped in 27 days. This isn’t volatility. It’s vulnerability.

English

5.5K

AI Support for DeFi@TxDesk·2d

The pattern that connects all of these isn't the size or the sector. It's that every single one followed the same user experience: users found out on Twitter hours after the exploit started. The protocols that survive the next cycle won't just be the ones with better security. They'll be the ones that can tell their users "you are affected" before a stranger's thread does.

English

254

Ignas | DeFi@DefiIgnas·3d

Multiple hacks per day in crypto. Many recent hacks involve (1) small amounts, (2) niche sectors, and (3) relatively older protocols. Sweat, for example, launched in 2022 as a walk-to-earn app. The exploit targeted the SWEAT token contract on NEAR. Their GitHub update history shows they weren't actively maintaining their public repositories before the hack. Their core DeFi/growth feature was last updated 7 months ago. I bet other hacks share similar patterns. Just like I look for protocols to farm for airdrops that fit my criteria, hackers likely use the latest AI models to target protocols that are: • rarely updated • share similar vulnerabilities as previously hacked projects • have $100k+ in their contracts Using AI lowered the effort needed to find these targets. This will likely last until old, unmaintained projects are milked out of their last cents or the industry improves security.

English

164

43.6K

AI Support for DeFi@TxDesk·2d

This checklist is exactly right but it's aimed at protocol operators. The missing piece is the other side: what can users check before depositing? Most users have no way to verify whether a protocol's admin keys are held by a single address or a multisig. We just shipped a tool that checks this on Sui ran it against Cetus CLMM and it flagged single-key upgrade authority in 4 seconds. The same check should exist for every chain.

English

bartek.eth@bkiepuszewski·2d

As more and more admin keys are compromised to drain protocols, here's your check list if you are running one: 1) Learn as much as you can about your external dependencies. Once you learn about them, monitor their setup for upgrades 24/7. It's ridiculous to rely on an audit to tell you "hey, the doors to your house are locked, we checked it on 23rd of March". Today the external token that you may depend on could be L0 4/4 DVN; tomorrow, it may be 1/1 DVN. You should get an alert of a change and react to the news 2) As you should monitor your external dependencies, anyone relying on you should monitor you - for them, you are their external dependency. They should monitor every single MultiSig that you run, every single EOA that you set up - it's potentially their liability. Once an unsafe setup is detected, they may (and frankly should) refuse to use your protocol. So make sure you don't have these freaking EOAs that you set up just for operational efficiency 3) The first people spotting your weak points will be hackers. Then, external teams. Finally, your internal ops team. You need to reverse that order 4) Don't rely on AI slop for risk analysis. This current trend, where we see dozens of "risk-mgmt dashboards that I vibe-coded over the weekend" is frankly beyond scaring and outright irresponsible. You will get beautiful-sounding report, but you will never be sure if it is correct or bullshit or something in between The above you should do on top of code audits of your protocol and impeccable internal opsec, circuit-breaker infra, and whatnot. If you think that's frankly too much or too expensive - gtfo of DeFi And if you are overwhelmed with the complexity of the task - talk to @l2beat 💕

PeckShield Inc.@peckshield

It seems the admin key of @wasabi_protocol has been compromised with the estimated loss of $5.5m across multiple chains, including ETH, BASE, BLAST, and BERA chains. Here is the related tx to add the malicious admin: etherscan.io/tx/0x11ff84ffb…

English

11.1K

AI Support for DeFi@TxDesk·2d

Three Sui protocols exploited in nine days. Volo ($3.5M, admin key), Scallop ($142K, deprecated contract still callable), AftermathFi ($1.14M, missing auth check). So I built 5 security tools for Sui: - Package risk scanner (catches the exact Scallop deprecated-contract pattern) - Failed transaction diagnosis - Object inspector - Coin metadata + scam detection - Account risk analysis Ran it against Cetus CLMM on mainnet. Tool flagged two CRITICAL issues in 4 seconds: deprecated package version and single-key upgrade authority. If you're building on Sui or using Sui DeFi, you can now check before you sign. txdesk.io

English

AI Support for DeFi@TxDesk·3d

Every DeFi support team has the same workflow: user asks "what happened to my transaction?" Moderator opens Etherscan. Moderator spends 10 minutes decoding logs. Moderator translates it into English. Moderator pastes it back into Discord. Repeat 50 times a day. TxDesk does that in 5 seconds. Automatically. On 46 chains. txdesk.io

English

AI Support for DeFi@TxDesk·3d

$600M+ in April and every single post-mortem will recommend the same things: better audits, better monitoring, better access controls. None of them will recommend better user communication during the incident. The protocol side is getting addressed. The user side is completely ignored. Nobody is building the layer that tells a depositor "your funds may be at risk" before they read about it on Twitter three hours later.

English

emilios.eth@emilios_eth·3d

What a terrible time to own a DeFi protocol - Drift Protocol $285M - Silo Finance $392K - Rhea Finance $7.6M - Kelp DAO $293M - Volo $3.5M - Purrlend $1.5M - Scallop Lend $142K - ZetaChain $320K - Singularity Finance $413K - JUDAO $464K $600 M+ in losses … in April only

Aftermath Finance (🥚, 🥚)@AftermathFi

Attention Aftermath community - We’ve identified an exploit affecting the protocol. Our team is actively investigating alongside leading security partners. As a precaution, the protocol has been paused and measures are being taken to minimize potential impact to user funds. We’ll continue to share updates as we learn more. Thank you for your patience.

English

110

13.1K

AI Support for DeFi@TxDesk·3d

Locking down the protocol is one side. The other side nobody talks about: what happens to users in the 30 minutes between "exploit starts" and "team pauses the contract." That window is where the real damage compounds. Users keep interacting with a compromised protocol because nobody told them to stop. The protocols that survive the next wave won't just be the ones with better security. They'll be the ones that can communicate with their users in real time during a crisis.

English

119

chase@therealchaseeb·3d

At this point, everyone should just immediately assume that your protocol is next in line, and do whatever possible to lock it down NOW

Blockaid@blockaid_

🚨Community Alert: Ongoing exploit on @SweatEconomy on @NEARProtocol. Exploiter: 3be304b2151870b2be88b9de0b80acab921337ad152584138bd852fc6e9ae018 Largest exploit tx: DvrSMfY85Anc6AuLUmoEDkDdab7qX5NUZLu76HN8NoPn

English

14.1K

AI Support for DeFi@TxDesk·3d

25 protocols, $624M, one month. At this point the question isn't "will your protocol get hacked" it's "when." And every single time the pattern is identical: team finds out, team pauses, team investigates, users find out on Twitter hours later. $624M in losses and not a single protocol had a system that told its users "you are affected" before they had to find out from a stranger's thread.

English

459

MrBreadSmith@MrBreadSmith·3d

📅 Worst month for DeFi, 25 protocols hacked in past 30 days ($624,000,000 total) KelpDAO — $293,000,000 Drift — $285,000,000 Rhea Lend — $18,400,000 Grinex — $15,000,000 Volo Vault — $3,500,000 Hyperbridge — $2,500,000 BSC TMM/USDT — $1,665,000 Giddy — $1,300,000 Purrlend — $1,500,000 Aftermath Finance — $1,140,000 LML/USDT Staking — $950,000 Aethir — $423,000 Singularity Finance — $413,000 Dango — $410,000 Silo V2 — $392,000 ZetaChain — $300,000 Judao — $228,000 Scallop Lend — $150,000 Zerion Wallet — $100,000 Kipseli — $80,000 MONA — $60,950 SubQuery Network — $60,000 Juicebox V3 — $52,000 Thetanuts Finance — $50,000 Someone needs to stop this 🙏

English

368

115.1K

AI Support for DeFi@TxDesk·3d

"The SC let users set negative fees so you could pay yourself to trade." That's not a sophisticated attack. That's a missing input validation that any code review should catch. Three hacks in 30 days on the same chain and each one is a basic vulnerability, not some novel zero-day. The ecosystem is growing faster than the security practices can keep up. And the users depositing into these protocols have no way to distinguish between the ones that have been properly audited and the ones that haven't.

English

DBCrypto@DBCrypt0·3d

SUI just had its 3rd DeFi hack in 30 days 🤯 Aftermath Finance just got drained for $1.14M The bug? The SC let users set negative fees on perps so you could pay yourself to trade This was handling 1 in 8 transactions on Sui Protocol's now paused. Exploit season is here. 😕

Aftermath Finance (🥚, 🥚)@AftermathFi

English

149

18.5K

AI Support for DeFi@TxDesk·3d

This is the stat that should be on every protocol's risk assessment. No bug bounty means the only people looking for vulnerabilities are the ones planning to exploit them. But even with a bounty program, the users sitting in those protocols had no way to check whether the protocol they deposited into had a bounty, an audit, or any security infrastructure at all. The information asymmetry isn't just between attacker and protocol. It's between protocol and user.

English

103

0x15.eth@0x15_eth·3d

Who else noticed that out of all DeFi/smart contract hacks and security incidents in 2026 so far, the overwhelming majority did not have a pre-existing public bug bounty program??

English

2.8K

Entdecken

@aave @EntropyAdvisors @DriftProtocol @KelpDAO @cryptothedoggy @elonmusk @BarackObama @taylorswift13