Fuse

The new Fuse is here. A new home page. Four unified accounts. One seamless experience. It’s a redesign of how personal finance should work, setting the foundation for what’s next.

Some Fuse users allocated funds to @DriftProtocol via the Fuse wallet interface and are affected by the recent Drift security incident. We are in communication with the Drift team and monitoring the situation as it develops. The ability to allocate additional funds to Drift has been paused for users who allocated assets to Drift before the incident. For all other users the Drift option has been removed. For the avoidance of doubt: only users who elected to allocate funds to Drift through the Fuse interface are affected. We understand this is a difficult situation for affected users. We will share updates here as more information becomes available.

Our investigation into the @DriftProtocol incident remains ongoing. Early evidence points to two compromised signers on Drift's admin multisig, which were used to execute a transaction modifying Drift's program configuration. Squads programs were not compromised. We have also found no evidence of compromise to Squads infrastructure, though we are actively investigating to confirm this with full confidence. We will share further findings as they become available. Best Practices for Operationally Critical Multisigs Thresholds: Any multisig with operational or administrative control over a program should have a signing threshold of 3 or above. This requires an attacker to concurrently compromise multiple independent signers, significantly raising the difficulty of this type of attack. Where possible, signers should also be geographically and organizationally dispersed. Signers sharing the same location, devices, or org structure introduce correlated risk. Timelocks: Multisigs with program-level control should implement a timelock (can be set up in Settings of your Squads multisig). It won't prevent a malicious transaction from being proposed, but it creates a window to detect and reject it before execution. The tradeoff: timelocks also slow down legitimate emergency responses to bugs or active exploits, so teams should factor this into their operational setup. Alerts & Monitoring: We encourage all operationally critical multisigs to set up monitoring and alerts through our security partner @RangeSecurity. Range provides two key things: an alternative interface for independently verifying transaction content outside of the Squads UI, and proactive Slack alerts so signers are notified before a proposal moves forward. If you want help getting set up, reach out and we'll connect you directly. A high threshold, a timelock, and monitoring are the foundation for any multisig with program-level control. Signing Process: Signers should use dedicated devices and hardware wallets, never a general-purpose machine. Additionally, signatures are only valid for approximately 2 minutes each, so introduce at least a 2 minute delay between each signer taking actions to ensure signatures cannot be collected & bundled by an attacker. Always verify transaction content independently across all three available sources: the Squads UI, Range's alternative interface, and Solana Explorer or Solscan On Durable Nonces 
The Drift attack exploited durable nonces to collect signatures without time pressure, bypassing the 2-minute transaction expiry that would otherwise limit this type of attack. We are actively exploring ways to block durable nonce usage across all of our programs, both at the program level and through other enforcement mechanisms, to ensure this protection extends to our immutable programs V3, V4, and our current Smart Account Program. Beyond this, the broader Solana ecosystem is taking steps to address this at the protocol level, with a new transaction format that drops durable nonces as a feature entirely. We will follow up with more information on this soon.

Beyond Multisig, Operational Security Technical controls only go so far. Most high-profile compromises lately have been social engineering attacks targeting the people behind the keys, not the contracts themselves. If you are running mission-critical protocol operations, invest in your internal opsec processes and team culture accordingly, how proposals are initiated, communicated, and approved all matter. We recommend engaging dedicated security advisors. @zeroshadow_io and @0xGroomLake are trusted starting points, and we are happy to connect you directly.

Due to an ongoing security incident with @DriftProtocol all deposits into Drift have been paused.

You moved your treasury to USDC. Every bill still pulls you back into a bank account. Altitude Bill Pay closes the gap. Pay directly from your stablecoin balance and deliver via ACH, wire, SEPA, or SWIFT.

not talked about enough that you don't need a bank anymore i) get paid in USDC ii) use a wallet that has card integration iii) use the card to spend iv) earn yield v) transfer anywhere one such example is @fusewallet no this is not paid, just think this is underrated

SWIFT transfers are live. Pay any bank account, anywhere in the world. Directly from your Altitude account. 200 countries. 11,000 banks. 1 balance.

Happy 6th birthday to @Solana. Proud to contribute the payments part of the @toly prophecy.

Altitude Bill Pay is live. Pay bills directly from your stablecoin balance. → Email-forwarded bills for auto-ingestion → OCR AI populates every detail → Pay in USDC or via fiat rails your vendor prefers → Payouts from one account make reconciliation simple No more patchwork. One account. All your bills. Closing your books has never been easier.

Squads Multisig is the leading multisig solution on Solana securing billions in value for most teams in the ecosystem (including Helius, DZ, Kamino, Ellipsis and many more). @multisig is also the largest protocol on Solana by value secured, the code is open source, multiple times formally verified and immutable. If you are looking to set up a Squads Multisig for personal use you can do it via the main app or if you are on iOS via @fusewallet. Guides and links in second xeet, if you need any support or guidance - DMs are open.

While everyone else is chasing wires, your CFO is already done. Use Altitude and close the books at @solana speed.

The 2025 Expo App of the Year. It’s a beauty 🧑‍🍳💋

crafted this year

Of all the things you can give out at a conference, @fusewallet takes the cake with fresh protein shakes

Altitude is coming to @SolanaConf Breakpoint as a headline sponsor. All week we will be unveiling our roadmap to make global business banking run on @solana. Find us at our indoor and outdoor exhibits to meet the team and get limited edition gear. See you in Abu Dhabi.

Introducing Grid Smart Transactions. A new primitive to ship safe, autonomous money movement on @solana.

Hide My Wallet is available for sending and receiving USDC transfers. All activity remains transparent and verifiable onchain.

Introducing Hide My Wallet Sending and receiving stablecoins shouldn't always mean exposing your wallet address. Hide My Wallet transfers route though a @Stablecoin relay address, removing the direct link to your wallet. Available now for all Fuse Plus members.

1/3 We’ve been heads down building and Bridge card issuing is leveling up. New card program launches. New markets. New functionality. More ways for users to turn stablecoins into everyday spend. From remittances to crypto wallets, Bridge customers are redefining how people use digital assets, launching innovative card programs that bring real-world utility to stablecoins. Zepz (@WorldRemit + @sendwaveapp) @phantom @chippercashapp @paywithgrateful @airtminc @SlingMoney @roqqupay @gigbanc @SolidYield @fusewallet