News linked to both this project and an event.
Michael Egorov (@newmichwill), founder of Curve Finance, posted that recent security incidents in the DeFi space—triggered by centralized failure points—have occurred frequently and severely damaged the industry’s reputation. Citing examples such as Aave users being unable to withdraw funds following the rsETH exploit and the LayerZero cross-chain bridge hack, he emphasized that problems must be prevented *before* they occur—not addressed only after damage is done. He called on the industry to jointly establish DeFi security standards, proposing that the Ethereum Foundation and Solana Foundation take the lead in collaborating with projects across ecosystems, auditing firms, and risk-assessment teams to develop principles and specifications for secure system design—and suggesting that lessons could be drawn from traditional finance’s approaches to safeguarding centralized nodes.
According to an official announcement by Orca, Vercel—the frontend hosting provider for Solana’s liquidity protocol Orca—recently experienced a security incident involving unauthorized access to its internal systems. Orca stated that, as a precautionary security measure, it has proactively rotated all keys and deployment credentials potentially compromised in the incident. Orca emphasized that this incident affected only the frontend hosting layer; the on-chain protocol and user funds remain unaffected. The team is currently monitoring the situation closely and will provide timely updates.
According to Cointelegraph, stablecoin issuer Circle faces a class-action lawsuit in the U.S. District Court for the District of Massachusetts for failing to freeze stolen funds during the Drift Protocol hack on April 1. Plaintiffs allege that attackers transferred approximately $230 million worth of USDC from Solana to Ethereum via Circle’s cross-chain transfer protocol (CCTP) within hours—and that Circle failed to intervene. The lawsuit accuses Circle of aiding and abetting conversion and of negligence. Cryptocurrency analytics firm Elliptic previously suspected the attack may be linked to North Korea–backed hackers; the stolen funds were subsequently converted into ETH and laundered through Tornado Cash.
According to CoinDesk, Drift Protocol—the largest decentralized perpetual futures exchange on Solana—announced it has secured up to $147.5 million in funding from Tether and its partners (including $127.5 million from Tether and $20 million from other partners) following a hack that stole over $270 million. The funds will be used to restore user assets and relaunch the protocol. The attack was carried out on April 1 by a North Korea–linked group that had posed as a quantitative trading firm and infiltrated the protocol for approximately six months, causing the DRIFT token’s value to plummet roughly 70%. The funding structure combines revenue-linked credit, ecosystem subsidies, and market-maker loans, aiming to cover approximately $295 million in user losses. Upon relaunch, the protocol will replace USDC with USDT as its core settlement layer; Tether will simultaneously provide fee waivers, user incentives, and liquidity support.