Sabitlenmiş Tweet
Benboy
6.1K posts
Benboy
@benboymoon
Neutrl maxi | Researcher | Analyst
Moon, PA Katılım Haziran 2015
991 Takip Edilen170 Takipçiler
This is what changed since 2022, you can just point to the actual proof instead of "steady lads".
Neutrl@Neutrl
Neutrl has no exposure to Resolv USR or wstUSR, and no allocations have been made to RLP. We are actively monitoring the situation for any second-order effects that may impact curators or broader ecosystem participants. All active positions and exposures, supported by ZK-verified attestations from @AccountableData, can be independently verified here: accountable.neutrl.finance
English
English
@behrin @Ikigaieuh Neutrl guys talking to themselves and being reply guys yet @Neutrl points until now is left unanswered. Pathetic really.
English
One of the first questions we asked @Ikigaieuh are you just going to fork another large protocol
He said No, and this is the reason
Ikigaieuh@Ikigaieuh
When we built Neutrl, we looked at how others in the space structured the issuance and redemption of their stablecoins. A common pattern: off-chain systems where a backend server signs orders, sets the price, and decides how much stablecoin you get for your collateral. The problem? If that server or signer key gets compromised, someone can mint millions of stablecoins out of thin air for pennies. We've seen it happen. We weren't comfortable with that. We believe well-designed smart contracts are harder to compromise than web2 infrastructure — servers get hacked, keys get leaked, infra goes down. So we went fully on-chain. When you mint NUSD, the contract queries Chainlink oracles directly at execution time, wrapped in the Euler ERC-7726 standard for additional safety checks. No backend decides your quote. No off-chain signer involved. There's no privileged role that can dictate how much NUSD gets minted for a deposit — the oracle gives the price, the contract does the math, that's it. We also don't blindly trust whatever the oracle returns. If the price of a collateral drops below a threshold we've set, the transaction reverts. We'd rather block a mint than risk giving someone a bad quote. But on-chain design alone isn't the full picture. Defense in depth matters. We use @HypernativeLabs for real-time threat monitoring — they are one of our pauser role on our contracts and can freeze operations the moment something looks off. tl;dr how we think about security at Neutrl: oracle pricing on-chain with no off-chain signers to compromise, price bounds that revert instead of giving bad quotes, per-block limits enforced in the contract, and Hypernative watching 24/7 with the ability to pause.
English
When we built Neutrl, we looked at how others in the space structured the issuance and redemption of their stablecoins. A common pattern: off-chain systems where a backend server signs orders, sets the price, and decides how much stablecoin you get for your collateral.
The problem? If that server or signer key gets compromised, someone can mint millions of stablecoins out of thin air for pennies. We've seen it happen.
We weren't comfortable with that. We believe well-designed smart contracts are harder to compromise than web2 infrastructure — servers get hacked, keys get leaked, infra goes down. So we went fully on-chain.
When you mint NUSD, the contract queries Chainlink oracles directly at execution time, wrapped in the Euler ERC-7726 standard for additional safety checks. No backend decides your quote. No off-chain signer involved. There's no privileged role that can dictate how much NUSD gets minted for a deposit — the oracle gives the price, the contract does the math, that's it.
We also don't blindly trust whatever the oracle returns. If the price of a collateral drops below a threshold we've set, the transaction reverts. We'd rather block a mint than risk giving someone a bad quote.
But on-chain design alone isn't the full picture. Defense in depth matters. We use @HypernativeLabs for real-time threat monitoring — they are one of our pauser role on our contracts and can freeze operations the moment something looks off.
tl;dr how we think about security at Neutrl: oracle pricing on-chain with no off-chain signers to compromise, price bounds that revert instead of giving bad quotes, per-block limits enforced in the contract, and Hypernative watching 24/7 with the ability to pause.
English
Getting some questions about whether @Neutrl is vulnerable to the same type of minting attack we saw today:
For NUSD, we have specific safeguards in place around minting logic.
Collateral is priced using onchain oracles with enforced bounds on acceptable pricing. Deposits are rejected if pricing deviates beyond defined thresholds. For example, USDC cannot be accepted below $0.97, and any deviation greater than 3% is treated as abnormal.
Contracts can also be paused with a single signature, as we did during the DNS incident.
Given that collateral remains fully intact, I’m hopeful that Resolv will be able to bounce back. Will wait for their full post-mortem before sharing more.
English
Neutrl has no exposure to Resolv USR or wstUSR, and no allocations have been made to RLP.
We are actively monitoring the situation for any second-order effects that may impact curators or broader ecosystem participants.
All active positions and exposures, supported by ZK-verified attestations from @AccountableData, can be independently verified here:
accountable.neutrl.finance
English
@liu_web3 @Neutrl @pendle_fi 💯"Earn amplified yield on YT-sNUSD with additional token rewards streaming over the next 2 weeks."
English
Benboy retweetledi
Boosted sNUSD rewards are now live on @pendle_fi.
Earn amplified yield on YT-sNUSD with additional token rewards streaming over the next 2 weeks.
Stack boosted yield on top of Limit Order Incentives while earning Neutrl Points.
English
How my day went yesterday:
> Be in Malaysia for wife’s birthday
> Wake up at 6am to go to an orangutang sanctuary
> Sanctuary is on an island 1.5 hours by car and a 30 minute boat ride away
> Hour into the drive I get a call from colleague saying possible DNS incident
> Scramble to draft announcements from my phone
> Connection is terrible
> Force taxi driver to let me hotspot to his phone to post announcements
> Get to the boat dock and tell my wife she needs to go see monkey alone
> Shes bigmad.exe
> Spend next 4 hours standing in an empty parking lot on war room call dealing with crisis from my phone
> Phone almost dead so walk on highway to random Malaysian gas station and beg them to use a phone charger
> Eventually get back to hotel
> Spend rest of day coordinating response and collecting incident reports
> Miss reservation for wife’s birthday dinner
English
On the @Neutrl DNS incident:
Accountable's data verification network confirms protocol reserves remain unaffected. The incident was isolated to the domain name and did not impact the protocol or its solvency.
Live data is available for anyone to verify:
accountable.neutrl.finance
Neutrl@Neutrl
Following the recent DNS hijacking incident, the Neutrl domain has been successfully migrated to neutrl.finance and is now secured on a new DNS provider. Neutrl smart contracts have been unpaused and are fully operational. ALL USER FUNDS ARE SAFE. Protocol NAV, including reserves and user funds, remains secure within Neutrl’s custodial wallets, supported by a custody framework and off-exchange settlement (OES) that isolates funds from front-end and infrastructure risks. Users should no longer interact with neutrl[.]fi under any circumstances and should only use the new domain moving forward. The .fi domain will be sunset. As an added precaution, users who interacted with the compromised domain are advised to review and revoke permissions via revoke[.]cash, including any Permit2 approvals associated with the following malicious addresses: 0x23f2741EaA0045038e9b52100CdcC890163dE53F 0xa0Adf074056E41dfB892aFC69881E15073b384b9 Please also revoke any approvals associated with addresses you do not recognize. We extend our sincere gratitude to the teams at @0xGroomLake and @SEAL_911, whose support and expertise were instrumental in our response. Their work in strengthening security across the ecosystem is invaluable. Additional updates will be shared as they become available, along with a full post-mortem.
English
Everyone’s funds and protocol reserves are safe.
Although not a smart contract hack, the use of institutional custodians and off-exchange settlement is key in Neutrl’s setup to protect reserves.
Team has worked tirelessly since the DNS hijacking to ensure no loss of funds or contagion, but this should not of happened in the first place.
It was too easy for the domain provider to be tricked even without access to emails, security codes or 2FA etc.
We have changed providers and migrated domains. The irony is we were currently engaging a full 3rd party phishing and hacking security test.
We have now increased professional scrutiny of this across all aspects of our operations, and especially when choosing new service providers.
Neutrl@Neutrl
Following the recent DNS hijacking incident, the Neutrl domain has been successfully migrated to neutrl.finance and is now secured on a new DNS provider. Neutrl smart contracts have been unpaused and are fully operational. ALL USER FUNDS ARE SAFE. Protocol NAV, including reserves and user funds, remains secure within Neutrl’s custodial wallets, supported by a custody framework and off-exchange settlement (OES) that isolates funds from front-end and infrastructure risks. Users should no longer interact with neutrl[.]fi under any circumstances and should only use the new domain moving forward. The .fi domain will be sunset. As an added precaution, users who interacted with the compromised domain are advised to review and revoke permissions via revoke[.]cash, including any Permit2 approvals associated with the following malicious addresses: 0x23f2741EaA0045038e9b52100CdcC890163dE53F 0xa0Adf074056E41dfB892aFC69881E15073b384b9 Please also revoke any approvals associated with addresses you do not recognize. We extend our sincere gratitude to the teams at @0xGroomLake and @SEAL_911, whose support and expertise were instrumental in our response. Their work in strengthening security across the ecosystem is invaluable. Additional updates will be shared as they become available, along with a full post-mortem.
English
Benboy retweetledi
⚡Neutrl just got hit (frontend exploit) ⚡
Looks like a DNS hijack via social engineering
→ Users could’ve been interacting with a malicious site.
Good news:
→ Smart contracts are SAFE
→ Protocol is paused
→ Team is investigating
What you NEED to do:
→ DO NOT use the website
→ Go to revoke.cash
→ Revoke approvals ASAP
These are contracts that may have access to your funds:
→ 0x23f2741EaA0045038e9b52100CdcC890163dE53F
→ 0xa0Adf074056E41dfB892aFC69881E15073b384b9
I checked all my wallets, didn't find these approvals, but revoked everything on Ethereum mainnet just in case
Neutrl@Neutrl
Update on the ongoing security incident: We are currently working with @0xGroomLake on the investigation. Initial findings suggest the DNS provider hosting the app domain was socially engineered, allowing an attacker to redirect the domain. Neutrl smart contracts remain secure and have been temporarily paused as a precaution. Please do not interact with the protocol until further notice is provided. We will continue to share updates as more information becomes available as well as a full post mortem.
English
Following the recent DNS hijacking incident, the Neutrl domain has been successfully migrated to neutrl.finance and is now secured on a new DNS provider.
Neutrl smart contracts have been unpaused and are fully operational.
ALL USER FUNDS ARE SAFE.
Protocol NAV, including reserves and user funds, remains secure within Neutrl’s custodial wallets, supported by a custody framework and off-exchange settlement (OES) that isolates funds from front-end and infrastructure risks.
Users should no longer interact with neutrl[.]fi under any circumstances and should only use the new domain moving forward. The .fi domain will be sunset.
As an added precaution, users who interacted with the compromised domain are advised to review and revoke permissions via revoke[.]cash, including any Permit2 approvals associated with the following malicious addresses:
0x23f2741EaA0045038e9b52100CdcC890163dE53F
0xa0Adf074056E41dfB892aFC69881E15073b384b9
Please also revoke any approvals associated with addresses you do not recognize.
We extend our sincere gratitude to the teams at @0xGroomLake and @SEAL_911, whose support and expertise were instrumental in our response. Their work in strengthening security across the ecosystem is invaluable.
Additional updates will be shared as they become available, along with a full post-mortem.
English