DeFi

خلاصہ: NEAR Protocol Achieves 1M TPS, Yet Revenue Merely Touches $5KKey Highlights NEAR Protocol announced it reached 1 million transactions per second (TPS) using its Nightshade 2.0 sharding architecture. The 1M TPS milestone is driven by the network’s focus on meeting the high-volume needs of future decentralized AI agents and micropayments. The community is questioning whether this development will help the network generate more fees, which is currently about $5K in 24 hours. NEAR Protocol, a decentralized Layer-1 blockchain, announced on December 8 that it has achieved a speed of over 1 million transactions per second (TPS). The achievement leverages the network’s specialized sharding technology and validates NEAR’s long-standing architectural vision for horizontal scalability. NEAR protocol has achieved 1 million transactions per second (TPS) in a publicly verifiable benchmark, a monumental milestone for blockchain scalability 🧵 pic.twitter.com/zhbRwDagMT — NEAR Protocol (@NEARProtocol) December 8, 2025 Despite this performance, the crypto community is noticing the network’s current daily revenue. While the platform has raised millions in funding and has notable traction, its chain revenue remains at an extremely low level, raising a question about the gap between technical capacity and economic utilization. Experts are now asking if this development would help the protocol gain more active users and raise its chain revenue. The revenue contradiction The achievement of 1 million TPS should place NEAR Protocol at the forefront of crypto ecosystems, focusing on sharpening its infrastructure. Typically, protocols with high transaction volume capabilities drive millions of users and essentially an increase in transaction fees. As per DeFiLlama data, the NEAR blockchain currently records a daily network revenue of only around $4,982 at the time of writing. The network’s current processing capacity is not in line with its real economic activity and user demand, as this figure shows. Onchain data also shows that NEAR Protocol currently holds $158.02 million in Total Value Locked (TVL) in DeFi, reflecting a 24-hour increase of 6.92%. Despite this growth in locked value, the network’s financial activity remains relatively low. The protocol’s native token, NEAR, is priced at $1.75, contributing to a market capitalization of $2.24 billion, as per CoinMarketCap data. High-volume adoption and AI NEAR’s future vision focuses heavily on an onchain AI economy, which is expected to be accelerated by the recently confirmed scalability. The capacity for a million transactions per second opens the door for AI agents to execute thousands of micro-transactions rapidly and autonomously on the blockchain. Moreover, this base is essential in supporting the increase of cross-chain volume through initiatives such as NEAR Intents. The next steps for the protocol include deploying the optimizations on mainnet in version 2.12 and continuing development on dynamic resharding. The 1 million TPS establishes the NEAR Protocol as a leader. However, it is yet to be seen whether this speed can finally attract the applications and activity required to match its achievements with meaningful economic scale. Also Read: Zcash Fee Revenue Surges 560% to $47.5M in 30 DaysSource InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Hackers Exploit USPD Stablecoin via Proxy Deployment Vulnerability Key Highlights USPD.io’s stablecoin suffered a critical exploit on September 16, with attackers minting 98M tokens and draining 232 stETH. The attack targeted the proxy deployment process using CPIMP and shadow implementations, bypassing audits and detection. USPD.io is working with authorities, flagged attacker addresses, and offered a whitehat rescue, promising a full post-mortem soon. USPD.io, a stablecoin pegged to the US dollar, has confirmed a critical exploit in its protocol that allowed attackers to mint tokens without authorization and drain millions in liquidity. The team immediately warned users not to buy USPD and to revoke all approvals. USPD.io emphasized that the exploit was not caused by any flaw in the smart contract itself but was the result of a sophisticated attack that targeted the deployment process. It confirmed that its protocol had undergone audits by top security firms Nethermind and Resonance, and its smart contract code is fully unit-tested. Details of the attack The breach took place on September 16 during the deployment of USPD’s proxy system. USPD.io said the attackers used a method called CPIMP (Clandestine Proxy In the Middle of Proxy). They executed a ‘Multicall3’ transaction to gain administrative rights before the deployment script had finished. 3/ Instead, we were targeted by the highly sophisticated "CPIMP" (Clandestine Proxy In the Middle of Proxy) attack vector.On Sept 16, during deployment, an attacker front-ran our proxy initialization via a `Multicall3` transaction, silently seizing admin rights before our…— USPD.IO | The Dollar of the Decentralized Nation (@USPD_io) December 4, 2025 Once they had control, the attackers set up a “shadow” implementation. This hidden version forwarded calls to the legitimate, audited contract while altering storage slots and event data.  Because of this, blockchain explorers such as Etherscan showed the verified contract as normal, hiding the attackers’ control. Using this hidden access, they upgraded the proxy, minted roughly 98 million USPD tokens, and drained around 232 stETH from the protocol. Response from USPD.io USPD.io said it is working closely with law enforcement and whitehat security groups to recover the stolen funds. The attacker’s addresses have been flagged with major centralized and decentralized exchanges to prevent further movement.  The addresses involved are 0x7C97313f349608f59A07C23b18Ce523A33219d83 and 0x083379BDAC3E138cb0C7210e0282fbC466A3215A. The team also offered the attacker a chance to return the funds. USPD.io said that if 90% of the stolen assets are returned, all law enforcement action would be halted. Attackers can keep 10% of stolen funds as a bug bounty. The team described this as a potential whitehat rescue. In a statement, USPD.io said: “We are devastated that despite rigorous audits and adherence to best practices, we fell victim to this emerging and highly complex attack vector. We are doing everything in our power to recover assets.” A full technical post-mortem is expected to be released soon to explain how the exploit happened and what measures will prevent future attacks. Implications The exploit demonstrates just how sophisticated attacks in the crypto space have become. According to USPD.io, the attackers focused on the deployment process rather than the smart contract itself, using proxy manipulation and shadow implementations to remain undetected. The incident also underscores the value of transparency and fast action. By openly communicating what happened and working with authorities, USPD.io is showing how teams can respond effectively to major security breaches in decentralized finance. Also Read: Yearn Finance Recovers $2.4M After $9M yETH Exploit Shakes DeFi Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Attacker Steals $9M from Yearn Finance, Routes $3M to Tornado Cash Key Highlights Yearn’s yETH hack exploited a token bug, showing DeFi users face real risks from coding errors and vault mismanagement. Nearly $9M was lost as attackers minted near-infinite yETH, highlighting how small technical flaws can lead to massive DeFi losses. Governance and treasury decisions can amplify risks in DeFi, making careful oversight as crucial as technical security. Decentralized finance (DeFi) protocol Yearn Finance was hit by a serious security breach after a hacker exploited its yETH pool, making off with around $9 million in Ethereum. The attack focused on yETH, Yearn’s token that bundles multiple popular liquid staking tokens (LSTs), and relied on minting an almost unlimited number of yETH tokens in just one transaction.  Onchain data reveal that attackers minted nearly infinite yETH, emptying the pool in a single transaction. Roughly 1,000 ETH, worth $3 million, was routed through Tornado Cash, obscuring the trail. Yearn confirmed on X, “We are investigating an incident involving the yETH LST stableswap pool. Yearn Vaults (both V2 and V3) are not affected.”  We are investigating an incident involving the yETH LST stableswap pool. Yearn Vaults (both V2 and V3) are not affected.— yearn (@yearnfi) November 30, 2025 The incident came to public attention when observers first noticed unusual large transfers. X user Togbe stated, “Some other Balancer-related activity looks like an exploit, especially given heavy interactions with Tornado. Yearn, Rocket Pool, Origin, Dinero, and other LSTs are moving around.” Meanwhile, analyst Weilin (William) Li highlighted two key causes. “A rounding error led to minting near-infinite yETH,” he noted.  Li added that the attacker also exploited the “update_rate” function, burning yETH from st-yETH vaults and causing significant losses. Consequently, the hacker profited around $9 million, combining sold yETH and vault losses.  Just took some time checking the $9M @yearnfi yeth attack. While most people points out that the hacker minted a huge amount of yeth with a few wei of tokens (P1), I think this is not the only root cause.The reason? The hacker actually DID NOT withdraw the minted yeth, only… pic.twitter.com/OEiXScWVS4— Weilin (William) Li (@hklst4r) December 1, 2025 Mechanics behind the hack The yETH exploit mirrors past DeFi vulnerabilities. Li explained, “The scaling factor, called rate, multiplies and divides numbers, breaking virtual balance invariants.” Essentially, the system miscalculated token balances, allowing near-unlimited minting.  The attacker combined precision timing with coding flaws for maximum gain and minimum visible activity. Only part of the minted yETH had been sold, thus keeping most of the profits off-chain, which created a very opaque flow of stolen funds. Besides, the governance dynamics of Yearn have also been under question lately. Wintermute Trading tried to borrow 350 YFI tokens, worth $2.18 million. Their plan involved leveraging CRV tokens while supporting the development of yCRV markets. However, Yearn voters mostly rejected the loan, seeing little benefit for the protocol.  Yearn’s past vulnerabilities and wider DeFi risks This is not the first operational setback for Yearn. In 2023, Yearn accidentally lost 63% of its treasury as a faulty automated script went haywire during a token swap.  Due to a lack of proper safeguards, the program could not limit the trade and thus resulted in huge price swings and unnecessary losses. Users who benefited from the slippage were asked to return reasonable amounts of the funds. Thankfully, no user funds were lost in that incident. The broader DeFi sector continues to face significant security threats. CertiK reported that hacks and exploits led to $127 million in losses in November alone, with total affected funds surpassing $172 million before some were recovered.  #CertiKStatsAlert 🚨Combining all the incidents in November we’ve confirmed ~$127M lost to exploits, hacks and scams after ~$45M was frozen or returned.More details below 👇 pic.twitter.com/sOunnk1pEK— CertiK Alert (@CertiKAlert) November 30, 2025 The largest blow hit Balancer, which lost over $116 million in a sophisticated cross-chain attack. Incidents like Yearn’s yETH token rounding and calculation errors are keeping DeFi users on high alert. Technical and governance risks exposed The yETH hack has shown that DeFi platforms can contain serious technical weaknesses. People using yield-farming services need to understand that errors in smart contracts or mistakes made while managing vaults might come with big losses. Disagreements over governance or how treasuries are handled can make these risks even higher. Yearn is still investigating, but the incident is a clear warning: profits in DeFi come with real technical and management risks.  Also Read: Kazakhstan’s Central Bank Plans Up to $300M in Crypto Investments Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: UAE Debuts Digital Dirham in First Government Transaction Key Highlights The UAE conducted its first government transaction using the Digital Dirham through the mBridge platform. The Central Bank says the pilot showcases the country’s readiness for large-scale CBDC adoption. The transaction took less than two minutes, highlighting real-time settlement capabilities. The United Arab Emirates has officially entered a new phase in its financial evolution. On Tuesday, the Ministry of Finance and Dubai’s Department of Finance executed the nation’s first government-to-government transaction using the Digital Dirham, the Central Bank’s central bank digital currency (CBDC). The payment, as announced, was processed through mBridge, the UAE’s multi-CBDC settlement platform, and was completed in less than two minutes, demonstrating the system’s technical maturity and operational readiness.  The pilot marks the start of the Digital Dirham’s rollout under the Central Bank’s Financial Infrastructure Transformation (FIT) program, launched to modernize the country’s payment systems and expand digital inclusion. A milestone for national digital finance The transaction is more than a technological test; it represents a defining step toward a cashless, fully digital economy. The Digital Dirham allows instant settlements between federal and local entities, reducing costs, improving transparency, and eliminating intermediaries. Sheikh Maktoum bin Mohammed bin Rashid Al Maktoum, Deputy Prime Minister and Minister of Finance, called the pilot a “pivotal milestone in the history of government financial transformation.” He said it reflects the UAE’s commitment to transparency and efficiency in public finance management. Today, Ministry of Finance & Dubai Finance marked a pivotal milestone in the history of government financial transformation in the UAE, as we executed the first government transaction using the Digital Dirham issued by the Central Bank of the UAE, representing the future of the… pic.twitter.com/gYRiTC1Euh— Maktoum Bin Mohammed (@MaktoumMohammed) November 11, 2025 The Central Bank said the UAE’s first phase includes cross-border pilots with India and full participation in mBridge, a multi-CBDC network for faster and verified trade settlements. Building an integrated digital economy The Central Bank of the UAE (CBUAE) first outlined its CBDC strategy in 2023, partnering with R3 and G42 Cloud to develop a secure and scalable digital currency infrastructure. The Digital Dirham aims to improve payments, boost resilience, and ready the UAE for a tokenized economy. Sheikh Mansour bin Zayed Al Nahyan, Vice President and Chairman of the CBUAE, described the Digital Dirham as a “strategic pillar” of the nation’s digital economy. The Central Bank plans to expand CBDC use across commerce, banking, and trade. A wider digital strategy The move aligns with the UAE’s broader digital asset and transparency agenda. In September, the Ministry of Finance joined the OECD’s Crypto-Asset Reporting Framework (CARF), committing to share crypto tax data globally by 2028.  The UAE has also emerged as a Bitcoin holder, with roughly 6,333 BTC (worth $740 million) mined domestically through government-backed Citadel Mining. The move underscores the UAE’s focus on building digital assets over speculation, strengthening its pro-crypto stance. Why it matters The Digital Dirham’s first live use signals that central bank digital currencies are no longer theoretical. The UAE is turning blockchain-backed payments into real infrastructure, not just for efficiency, but for global competitiveness.  As the mBridge platform connects regional economies, the UAE’s strategy could offer a model for digitizing money while maintaining national control and financial stability. Also read: Bybit Becomes First Fully Licensed Crypto Exchange in UAE Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Trade.XYZ Expands Hyperliquid with Grabbing APPL, MSFT HIP-3 Tickers Key Highlights Trade.XYZ secures Apple and Microsoft HIP-3 tickers, showing growing community control over Hyperliquid’s permissionless market model. HIP-3 empowers deployers with market creation rights, requiring 500,000 HYPE deposits to ensure security and responsible management. Strong buybacks and Paradigm staking boost HYPE stability, while trading performance and ecosystem growth reflect sustained market activity. Hyperliquid’s growing ecosystem has received another boost with Trade.XYZ acquiring Apple ($AAPL) and Microsoft ($MSFT) HIP-3 tickers this week. With these stock-backed xyz tokens, Hyperliquid is preparing to unlock another growth phase while enabling trading for leading stocks of Apple, Microsoft, Tesla, Nvidia, and others.  In recent auctions, Trade.XYZ purchased Apple’s APPL ticker for 500 $HYPE, roughly $20,600 on November 9 and Microsoft’s MSFT for 527.83 $HYPE, about $21,006 on November 12. These acquisitions signal growing confidence in Hyperliquid’s decentralized ecosystem and its new permissionless market model. 🆕 NEW HIP-3 TICKER 🆕The ticker $AAPL (@Apple) has been bought for 500 $HYPE or 20,600$ by @tradexyz pic.twitter.com/YmbtAgjxY7— Hyperliquid News (@HyperliquidNews) November 9, 2025 Trade.xyz is a decentralized finance (DeFi) platform on the Hyperliquid blockchain, enabling 24/7 perpetual futures trading of diverse assets like stocks and cryptocurrencies with deep liquidity and low fees. Previously, Hyperliquid controlled which tokens reached market listings. The HIP-3 upgrade, introduced on October 13, hands control over to the community. Now, anyone can take part in a Dutch Auction where the winner earns the chance to launch a new market every 31 hours. Community-driven market expansion Each market creator has to lock up 500,000 HYPE as a safety deposit. This acts as protection against any unfair trading or manipulation, keeping the system fair and balanced. Hence, deployers take on responsibilities including oracle management, leverage parameters, settlement logic, and overall market integrity.  The HIP-3 framework democratizes the creation of markets. Anybody who secures a winning bid can launch a new perpetual contract. In addition to increasing transparency, this configuration incentivizes deployers to manage the markets responsibly because they receive half of the trading fees and any extra fees they decide to tack on.  This helps to drive more scrutiny and thoughtful planning. FelixProtocol already called dibs on Tesla’s ticker for free, demonstrating that some community members aren’t wasting any time staking their claim in the new system. Besides, the increasing token activity of Hyperliquid illustrates strong ecosystem support. The Assistance Fund has bought back more than $800 million in $HYPE within a single year, making it the biggest token buyback this year. The Assistance Fund bought back more than $800,000,000 worth of $HYPE in less than a year. pic.twitter.com/YmWedWGTuZ— Hyperliquid News (@HyperliquidNews) November 11, 2025 Alone, Hyperliquid accounts for 46% of all buyback spending in the year 2025, per Coingecko. The platform repurchased at least 21.36 million HYPE, which represents 2.1% of the total supply. Buybacks averaged $65.50 million month over month, with the highest amount in August at $110.62 million as a function of steady effort toward token price stabilization.  Rival growth and market context Hyperliquid operates in a competitive landscape. Lighter, a rival zk-rollup perpetual-futures exchange, raised $68 million at a $1.5 billion valuation. The platform offers zero-fee trading for retail users while expanding institutional infrastructure.  According to Fortune, Lighter plans derivatives on more chains, deeper liquidity pools, and monetization for institutional counterparties. Joey Krug of Founders Fund said, “Vlad and the team that he’s built is like 85% to 90% of why we made the investment.” Hyperliquid’s HIP-3 framework ensures it remains competitive by empowering community market deployers. Alongside these developments, Hyperliquid’s network has been growing steadily. Its open setup for launching perpetual markets lets users create new trading options while ensuring security through required deposits from market creators.  Regular token buybacks and ongoing staking activity have also added stability to the HYPE token. As a result, the platform continues to attract interest from both retail and institutional participants looking for consistent performance. Also Read: Coinbase Rolls Out Business Platform for Startups in Singapore Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Lido Proposes Automated LDO Buyback to Strengthen Liquidity Key Highlights Lido plans automated LDO buybacks using NEST, with trades limited to 2% market impact to reduce price fluctuations. The proposal includes a liquidity pool pairing LDO with wrapped stETH (wstETH) to improve on-chain trading and token utility. Buybacks are anti-cyclical, triggered only when Ethereum is above $3,000 and DAO revenue exceeds $40 million, with annual buybacks capped at $10 million. Ethereum staking platform Lido has unveiled a proposal aimed at supporting the market for its LDO token. The plan, which is being discussed right now on the Lido DAO Forum, is about setting up an automated system to buy back LDO tokens.  The idea is to take some of these tokens out of circulation while also making it easier for people to trade them on the blockchain. If the community agrees, this system could start running as soon as the first quarter of 2026. How would the buyback work Lido wants to use something called NEST to do the buybacks. NEST lets trades happen directly on the blockchain, without needing a central exchange. To avoid suddenly pushing the price up or down, the DAO would buy LDO in smaller amounts called “clips.”  A proposal to implement an automated LDO buyback mechanism is now live on the Lido DAO Forum. Opinions regarding mechanism, proposed parameters and more are welcome.https://t.co/Hve7cS405J— Lido (@LidoFinance) November 11, 2025 As per the proposal, the executions could occur 14 times a year in 350,000 LDO clips, and each trade would be designed so it doesn’t move the price more than 2%, not counting the transaction fees. The system tries to strike a balance. On one hand, there’s slippage, which is the difference between the price you expect and the price you actually get when you buy or sell. On the other hand, there are gas fees, which are the costs of making the transaction on Ethereum.  Buying smaller amounts more often reduces slippage but costs more in gas fees. Bigger trades save on fees but can move the price more than the DAO wants. LDO tokens are limited, so the DAO cannot buy large amounts all at once without affecting trading. To prevent disruptions on both decentralized exchanges and centralized exchanges, the buyback would only take place when certain conditions are met: Ethereum’s price must be above $3,000, and the DAO’s annual revenue must exceed $40 million. Proposed parameters The proposal sets out clear rules for how the buyback system would operate: Ethereum price threshold: Buybacks take place only if Ethereum trades above $3,000. Revenue threshold: The system activates only if annual revenue surpasses $40 million. Distribution rate: 50% of treasury inflows above $40 million would be used for buybacks. Market impact cap: Each trade would affect no more than 2% of LDO liquidity. Annual maximum: Total buybacks would be limited to $10 million over any rolling 12-month period. The system is designed to be anti-cyclical. This means that buybacks would increase when Ethereum prices and revenue are high, and reduce during market downturns to avoid removing too many tokens at once.  According to current estimates, this could result in about $4 million in buybacks over a year, carried out over at least 12 trades, with up to 100 stETH used per trade. Liquidity pool option The proposal also suggests setting up a liquidity pool that combines LDO with wrapped stETH, or wstETH. A liquidity pool is essentially a shared pool of tokens, which makes it easier for traders to buy and sell without depending entirely on other participants in the market.  Part of the LDO acquired through NEST would be paired with wstETH in a Uniswap v2-style pool. This would gradually increase the amount of LDO available for trading on the blockchain while still removing tokens from circulation. The initial pool could start with roughly $400,000 from the DAO treasury, combining 50 stETH with 200,000 LDO. The DAO would earn a small fee for managing the pool. Over time, trades could happen more frequently, reducing the impact on prices and making LDO easier to use on-chain. The pool is intended to improve token utility and liquidity rather than generate profit. How the process would work The NEST contract would be loaded using EasyTrack, which can run trades automatically or manually. Part of the DAO’s treasury would be used to buy LDO through Stonks v2, a trading platform. These LDO tokens would then be paired with wrapped stETH, or wstETH, to add liquidity to a pool. The liquidity pool tokens would be returned to the Aragon Agent, a smart contract managed by the DAO. If more wstETH is required, additional treasury funds could be added, and the process would repeat. The DAO would retain full ownership of the pool, making sure that token holders continue to have control. The proposal is now open for discussion on the Lido DAO Forum. Members of the community can share their opinions on how the system works, the proposed rules, and any alternative ideas. After the discussion period ends, the proposal could go to a formal vote on Snapshot, the DAO’s voting platform. Overall, this system provides the DAO with a straightforward and effective way to manage its treasury. By combining automated buybacks, liquidity pools, and rules that respond to market conditions, Lido seeks to maintain the stability of the LDO token, improve its use on the blockchain, and carefully control the total supply. Also Read: Uniswap’s Fee Switch Proposal Sparks 48% UNI Price Surge Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Lista DAO Executes $3.5M USDX Flash Loan Liquidation Key Highlights Lista DAO carried out a $3.5M flash loan liquidation after its USDX lending vault faced severe liquidity strain, with the move approved through an emergency one-hour community vote. The protocol recovered funds and collected penalty fees, while about $2.09M in remaining debt has been moved into a public liquidation pool for open participation. Analysts noted similar liquidity pressure across connected vaults, with utilization hitting 99%, highlighting how quickly lending markets can become unstable under heavy borrowing. Decentralized finance (DeFi) protocol Lista DAO took emergency action yesterday after its USDX/USD1 lending vault ran into a serious liquidity problem. The project said it carried out a flash loan liquidation worth 3,526,011 USDX to help stabilize the market.  This liquidity incident occurred as the vault became almost fully borrowed out, leaving little amount of USD1 stablecoin available to utilize on November 6.  Re7 Labs—a DeFi research, tooling, and trading firm—managed the vault and were involved in the response. The community passed a fast one-hour vote to approve the liquidation decision before the liquidation moved forward. This is to reduce the risk and not further deteriorate the situation, as heavy borrowing had already badly affected the liquidity across connected vaults. Re7 Vault (USDX market) Liquidation Summary Statistics by 2025/11/06 20:57 UTC+8:1️⃣ Flash Loan Liquidation– Liquidated: 3,526,011 USDX– Recovered: 2,927,163 USD12️⃣ Penalty Fees– Due to oracle adjustments, a wider price gap resulted in higher liquidation penalty fees.– A… https://t.co/LKeWhNMajj pic.twitter.com/xBnJBkBLQf— Lista DAO (@lista_dao) November 6, 2025 Besides the liquidation itself, Lista DAO recovered 2,927,163 USD1 through the flash loan mechanism. The protocol also collected 474,798.48 USD1 in penalty fees. The team confirmed that it will use these funds to repurchase collateral assets, supporting the recovery phase.  There is still about 2,090,459 USD1 in unpaid debt left in the vault. The team has now placed this remaining amount into a public liquidation pool, which means anyone in the community can help take on and clear the debt. So, the liquidation process is still ongoing and is now open for broader participation. Emergency vote and protocol safeguards Earlier, Lista DAO held an emergency vote called LIP022 that lasted one hour. The vote asked the community whether the protocol should move forward with forced liquidation. Most voters supported the move.  “As the ongoing vote showed an overwhelming consensus for YES of LIP022,” the DAO said, “we have proceeded with the liquidation process to minimize uncertainty and safeguard the protocol.” The decision shows how the team and community needed to act quickly while the vault was under heavy borrowing pressure. The protocol acknowledged Re7 Labs’ involvement, saying the curator “took proactive steps in users’ best interest.” Additionally, Lista DAO adjusted the USDX/USD1 market interest rate to 3%, because additional interest accumulation offered no benefit during liquidation. Liquidity pressure across linked vaults However, the issue wasn’t confined to one market. On-chain analyst Weilin (William) Li pointed out that a severe liquidity crunch had been taking place across vaults holding USD1 and USDT via Euler and Lista. According to Li, depositors can still withdraw their funds by moving positions into solvent markets like PT-satUSD. Regarding the recent @eulerfinance, @lista_dao , @MEVCapital and @Re7Labs lack of liquiity issue, here's my solution if you still have money in the USD1 / USDT vault! (other markets may also apply)there are still $5.3M can be withdrawn!!The current situation of $USDX… pic.twitter.com/pJ8fpQwxB3— Weilin (William) Li (@hklst4r) November 6, 2025 He described a strategy of depositing into PT-satUSD and withdrawing from MEV Capital’s vault for the shift in exposure. Li warned users to do so atomically in smart contracts to avoid frontrunning. Additionally, Lookonchain, which monitors on-chain activity, noted growing strain in the situation. The platform stated “Utilization on Lista DAO’s vaults managed by MEV Capital and Re7 Labs just hit 99%, triggering a forced liquidation.” This indicates that nearly all available liquidity had been borrowed. Market context and path forward Besides liquidation efforts, Lista DAO now focuses on transparent settlement and future stabilization. The team continues verifying final numbers and preparing follow-up recovery steps. Moreover, community participation in the open liquidation zone may speed up the clearing of remaining debt. This incident shows how lending markets can become unstable when too much liquidity is borrowed at the same time. When utilization rates rise sharply, the system faces more risk.  As of writing, according to CoinMarketCap, Lista DAO’s native token LISTA traded at $0.2481, up 2.6% in the past 24 hours but down 54% in the past month.  Also Read: Google Finance to Add Prediction Data from Kalshi, Polymarket Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Lista DAO Hosts Emergency Vote to Force Liquidate USDX Market Key Highlights Lista DAO initiated an hour-long emergency vote in light of spiking USDX market borrowing rates and ensuing liquidity tightening, pointing at deeper imbalance that required fast, collective action. The proposal, which Re7Labs requested, aims to trigger forced liquidations to prevent further losses. Lista warned it may intervene early if liquidity shifts before the vote concludes. Community discussions highlighted that the high yields were algorithmically driven, not set manually, and how automated lending systems can become unstable when market behavior changes quickly. Decentralized borrowing platform Lista DAO is taking urgent steps to address growing problems in its USDX lending market. The platform called for a one-hour emergency vote to decide whether to liquidate the USDX/USD1 market. This move follows several days of unusually high borrowing rates that haven’t shown signs of dropping, signaling deeper imbalances in the system. The urgent decision, shared through Lista DAO’s official X account, shows growing tension between the protocol and its vault partners, MEVCapital and Re7Labs, as they struggle to fix the situation. We are aware and has been closely monitoring the @MEVCapital USDT Vault and @Re7Labs USD1 Vault, where collateral assets ($sUSDX and $USDX) continue facing abnormally high borrowing rates without repayment activity.As an on-chain P2P lending protocol, Lista Lending has been…— Lista DAO (@lista_dao) November 6, 2025 According to Lista DAO, both teams have failed to act on the issue despite ongoing discussions. The DAO warned that “continued inaction and delay will not solve the issue.” Hence, it urged the vault operators to “take immediate responsibility: finalize decisions, communicate transparently, and work with us to protect users and restore market balance.” As per voting data from Snapshot, the proposal has gained 100% (94.6 million) votes in favor while 0% vote has been given against it. Users were able to participate in the vote with their veLISTA token, a vote locked derivative version of the DAO’s LISTA token.  Emergency proposal and vote details The governance proposal, labeled LIP 022, was submitted as an urgent measure at the request of Re7Labs. It aims to activate the forced liquidation mechanism for the USDX market to prevent deeper losses and maintain overall stability.  Lista DAO made it clear that the one-hour vote is final, and any votes cast after the deadline won’t count. The team also warned that they might take immediate action if the USDX market’s liquidity suddenly changes — even before the vote officially ends. 📢 LIP 022 – Emergency Vote: Enabling Forced Liquidation for USDX Market (re7 vault)This proposal is being put forward as an emergency one-hour vote, following a request from the vault curator, to enable forced liquidation mechanisms for the USDX/USD1 market.🔹The @Re7Labs… pic.twitter.com/cs9ynd3XOH— Lista DAO (@lista_dao) November 6, 2025 The rush comes from strange interest rate behavior in the USDX and sUSDX markets. Borrowing rates have jumped sharply, but almost no one is paying back their loans. This has put pressure on the lending system and caused liquidity problems. Because of that, Lista believes a forced liquidation might be necessary to restore balance before the situation gets worse. Community reactions and market context Earlier, a Lista community member who goes by Lista Intern spoke up about confusion about the high yields on the platform. He said, “Ever see USD1 on Lista DAO yield 10%+ while others can’t even hit 5%? Here’s the truth: it’s algorithmic, not manual.” Ever see USD1 on @lista_dao yield 10%+ while others can’t even hit 5%?Here’s the truth: it’s algorithmic, not manual.When users borrow USD1 to loop or farm, the protocol’s interest rate model automatically reacts — no buttons, no admins.More borrowing = higher supply yield.… pic.twitter.com/R4yXlInqPq— Lista Intern (@ListaIntern) October 30, 2025 This means the system automatically changes interest rates depending on how much people are borrowing, helping keep things balanced without anyone manually adjusting it.  As of writing, according to CoinMarketCap, Lista DAO’s token is priced at $0.243095, showing a 3.76% increase in the last 24 hours, with a trading volume of about $10.08 million. This situation shows that algorithmic lending can become unstable when borrowing behavior shifts suddenly. It also illustrates how decentralized systems rely on fast collective decision-making when market conditions change. Also Read: Lighter Onboards Chainlink as Oracle Partner Amid Growing Volumes Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Lighter Onboards Chainlink as Oracle Partner Amid Growing VolumesLighter, a leading zero-knowledge (ZK) rollup-based perpetual futures decentralized exchange (DEX) on Ethereum Layer 2, has announced a strategic partnership with Chainlink, the industry-standard oracle network.  This collaboration designates Chainlink as Lighter’s official oracle partner, integrating Chainlink Data Streams to power real-world asset (RWA) derivatives markets with high-fidelity pricing data, as noted in the announcement.  We are excited to partner with Chainlink as our official oracle partner for real-world asset derivatives!https://t.co/xQFddbFfUB pic.twitter.com/nYaVtANZws— Lighter (@Lighter_xyz) November 6, 2025 The integration will let Lighter access Chainlink’s real-time data feeds that provide pricing for commodities, equities, and foreign exchange (FX) markets. This data is critical for executing key protocol operations, including triggering liquidations, calculating margin consumption, and processing conditional and limit orders on Lighter.  Lighter’s rise as a leading perp DEX Launched as a ZK-rollup perpetual futures DEX, Lighter combines the security of Ethereum’s mainnet with the efficiency of Layer 2 scaling solutions. The official data from its explorer shows that Lighter has attracted over 430K users and processed more than 22 billion transactions so far.  Lighter has integrated zero-knowledge proofs to ensure transactions are verified with high accuracy and transparency, appealing to both seasoned traders and decentralized finance (DeFi) novices. The platform’s approach has driven its total value locked (TVL) to surge 2000x in the past six months, currently sitting at $1.14 billion, as per DeFillama data.  Market data further shows that Lighter has surpassed Hyperliquid in 24-hour perpetual trading volume, accumulating over $8.85 billion, positioning it at the first place among all decentralized perpetual trading platforms. Although the open interest is still highest on Hyperliquid.  The growing landscape of Perp DEXs  The perpetual DEX market is currently experiencing a transformative phase, with trading volumes soaring and challenging the dominance of centralized giants like Binance and Coinbase.  According to a recent report from 21Shares, a leading asset management firm, the perp DEX market grew from merely reaching a billion in monthly trading volume to over $100 billion. Throughout 2025, Hyperliquid was the leader due to its early-established market positioning, which had around 80% of total market share. However, by October 2025, its dominance had been challenged by emerging competitors like Aster and Lighter.  The shift toward decentralized derivatives trading is largely driven by increasing regulatory pressures on centralized exchanges and a demand for transparency and user control. Recent incidents like MEXC freezing user funds and its fallout—where the exchange witnessed huge withdrawals in funds—has further fueled the need for secure, decentralized platforms among crypto traders.  Also read: Balancer Releases Preliminary Incident Report Of $117M Exploit Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Balancer Releases Preliminary Incident Report Of $117M ExploitLess than 48 hours after confirming one of the largest decentralized finance (DeFi) breaches of the year, Balancer has released its preliminary incident report, detailing how a rounding error and batch-swap exploit drained more than $117 million from its V2 Composable Stable Pools across multiple networks. The report follows a chaotic week that shook the DeFi sector, exposing vulnerabilities in legacy smart contracts even as Balancer’s newest version, V3, remains unaffected. In parallel, Berachain, one of the networks hit during the exploit, announced the recovery of its entire $12.8 million loss, marking one of the rare full restitution cases in DeFi history. How the exploit unfolded According to Balancer’s report, the attack began at 07:46 UTC on Monday, when monitoring system Hypernative flagged abnormal behavior across V2 Composable Stable Pools on Ethereum, Base, Avalanche, Arbitrum, Optimism, Polygon, Gnosis, Berachain, and Sonic. The attacker exploited a flaw in the upscale function, specifically how EXACT_OUT swaps handled non-integer scaling factors, to manipulate pool balances.  Combined with the protocol’s batchSwap deferred settlement feature, the exploit allowed attackers to repeatedly drain funds while bypassing the minimum pool supply limit. While Balancer has not confirmed final loss figures, the $117 million estimate remains the most cited by independent analysts. The protocol emphasized that V3 and all non-stable pool types were unaffected and that containment measures, including automated pausing of v6 pools and white-hat recoveries, prevented further losses. Containment and partial fund recovery Rapid intervention helped stem the damage across networks. Balancer credits Hypernative, SEAL Safe Harbor, and multiple white-hat teams for recovering or freezing a portion of affected funds. Among the mitigations: StakeWise recovered roughly $19 million in osETH and $2 million in osGNO, totaling nearly 73% of affected assets. Just half an hour earlier, StakeWise DAO emergency multisig has executed a series of transactions, recovering ~5,041 osETH (~$19M) and 13,495 osGNO (~$1.7M) tokens from the Balancer exploiter.On Ethereum mainnet, this represents 73.5% of the ~6,851 osETH stolen earlier today,… pic.twitter.com/b43EGf92hm— StakeWise (@stakewise_io) November 3, 2025 Sonic Labs froze attacker wallets linked to Beets Finance, a Balancer fork on Sonic. At approximately 3:45 AM EST on November 3rd, 2025, the Sonic security team was notified of suspicious activity involving a potential exploit on the @Beets_Fi protocol.As a precautionary measure, the team deployed a safety mechanism planned to be implemented in an upcoming…— Sonic (@SonicLabs) November 3, 2025 BitFinding and Base MEV bots retrieved over $750,000 combined. All funds were returned back to the @Balancer DAO https://t.co/OgY3omfbYn pic.twitter.com/3qUBdb6hGw— BitFinding (@BitFinding) November 4, 2025 Balancer confirmed that a full post-mortem will follow, with independent auditors and partners verifying on-chain data, frozen assets, and recovery actions before publishing final figures. Berachain achieves full restitution Meanwhile, Berachain confirmed the complete recovery of its $12.8 million lost during the Balancer exploit, crediting swift validator coordination and assistance from a white-hat hacker who returned the funds. The network had halted block production within hours of detecting the exploit, freezing attacker activity and later issuing an emergency hard fork to prevent further transfers. Berachain’s Chief Smokey Officer, Smokey The Bera, defended the controversial network halt: “When roughly $12 million of user funds are at risk, our priority is protecting the community. Pausing operations wasn’t ideal, but it prevented total loss.” Berachain has since resumed all operations, including HONEY minting and redemption, and said it may issue a bounty reward to the white-hat contributor who helped return the assets. The bigger picture: DeFi’s recurring pain point While Balancer’s transparency and recovery coordination have been praised, the incident underscores a deeper issue within DeFi, complex smart contract design and fragmented auditing standards. Composable architecture, once touted as a key DeFi innovation, continues to introduce hidden attack surfaces and security risks. Balancer’s miscalculated rounding logic is just the latest example of how minor arithmetic flaws can cascade into multimillion-dollar exploits across chains. Balancer team cautioned that public estimates remain unofficial until reconciled through partner verification. It urged users to avoid interacting with affected pools and to monitor only its official X and Discord channels for updates. The company says recovery efforts under the SEAL Safe Harbor framework continue, with zeroShadow and BitFinding tracing assets. A full post-mortem and migration plan to V3 are next.  For DeFi, the saga is another warning: even in “trustless” systems, safety still depends on human vigilance, and white-hats fixing what code can’t. Also read: Balancer Attacker Begins Swapping Stolen Funds for ETH Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Berachain Recovers $12.8M Lost in Balancer Hack, Resumes OperationsEthereum-compatible Layer 1 blockchain Berachain has successfully recovered the approximate $12.8 million lost in the Balancer exploit, marking one of the rare full restitution cases in DeFi history. The recovery comes just days after the massive Balancer protocol hack that drained over $117 million across multiple blockchains. Berachain pulls off rare full recovery In an update posted on X, the Berachain Foundation confirmed that all funds drained from its BEX pools had been returned to the foundation’s deployer wallet. We are happy to confirm that all funds (approx $12.8m) from the BEX / Balancer v2 exploit have been returned to the Berachain Foundation Deployer (https://t.co/HjCONAGpOZ). Chain is live.We'd like to thank the white hat who worked with us to make this happen – we'll ensure that…— Berachain Foundation 🐻⛓ (@berachain) November 4, 2025 The recovery was achieved with the help of a white-hat hacker who cooperated following the network’s emergency restart. The foundation said it will consider issuing a bounty reward to the ethical hacker in appreciation for returning the assets. Berachain has since unpaused core network functions, such as HONEY minting and redemption, to normal operations following a few days of intense crisis management. Following the exploit, Berachain temporarily halted all swaps, deposits, and withdrawals to prevent further damage. This quick action helped contain the situation as developers and validators researched the vulnerability associated with the V2 protocol of Balancer. How Berachain’s emergency pause saved millions Berachain’s Chief Smokey Officer, Smokey The Bera, addressed the community on X, acknowledging the gravity of the decision to pause the blockchain.  “I’m sure that some won’t be happy about this, and we recognize that this could be seen as a contentious decision,” he said. “when approximately $12m of user funds are at risk from a malicious attacker, we attempted to coordinate the validator set to protect those users.” The network pause allowed developers to apply a deeper technical fix, as the exploit targeted the Ethena/Honey tripool through a complex transaction involving non-native assets. Validators later issued an emergency hard fork to freeze the attacker’s wallet, ultimately leading to the recovery of the stolen funds after negotiations with the MEV operator behind the exploit. Inside the $117 Balancer hack saga The Balancer exploit, which occurred on November 3, targeted its V2 Composable Stable Pools, and took advantage of an error in precision in the manageUserBalance function.  The attacker emptied approximately $117 million in various blockchains such as Ethereum, Arbitrum, Base, Optimism, Polygon, Sonic, and Berachain. Over 50% of stolen money was immediately exchanged to ETH, which plunged Balancer into recovery mode. The protocol provided a 20% white-hat bounty of approximately $25.6 million, and requested the attacker to provide the money back within 48 hours. The incident has reignited debate around the security limits of composable DeFi architectures. Interestingly, StakeWise, a liquid staking platform, also managed to recover nearly $20 million from the same exploit, further highlighting how coordinated responses can mitigate large-scale DeFi losses. Just half an hour earlier, StakeWise DAO emergency multisig has executed a series of transactions, recovering ~5,041 osETH (~$19M) and 13,495 osGNO (~$1.7M) tokens from the Balancer exploiter.On Ethereum mainnet, this represents 73.5% of the ~6,851 osETH stolen earlier today,… pic.twitter.com/b43EGf92hm— StakeWise (@stakewise_io) November 3, 2025 Crypto community divided over blockchain halt Although the decisive move by Berachain helped to avoid larger losses, it also led to the debate of the trade-off between decentralization and security. Some critics believe that the idea of stopping a blockchain is contrary to the very spirit of decentralization. Nevertheless, other people think that safeguarding the users is a feasible option during an emergency. “Decentralization isn’t really hard coded in many blockchains, it’s something we just preach & it’s implemented until there’s a big hack on-chain,” one X user noted. In contrast, Uttam Singh of Alchemy defended Berachain’s move, saying, “Yes, it goes against the ethos of crypto but prioritizing users’ funds is the right call here, imo.” @berachain halted their network to perform an emergency hard fork to de-risk Balancer forks’ potential drain on their chain.I’m sure this must’ve been a really tough call for the team, but at least they’re not pretending to be more decentralized than they actually are.Yes, it… pic.twitter.com/JrlWFGuXZV— Uttam (@uttam_singhk) November 3, 2025 The event has reignited conversations around how decentralized systems can respond to threats without compromising trust, a challenge that continues to test the boundaries of blockchain governance. Impact on Berachain’s ecosystem and market performance At the time of writing, Berachain (BERA) was trading at $1.55, down 2.84% in the past 24 hours, with a 24-hour trading volume of $53.28 million and a live market cap of $202.52 million, according to CoinMarketCap.  The token had previously fallen more than 10% in the course of the exploit but it has since recovered after the fund recovery news, which indicated that investors have regained their confidence. The timing of the attack was also sensitive to Berachain as it came two weeks after Greenlane Holdings Inc. (Nasdaq: GNLN) had raised funding of $110 million that was specifically aimed at the BERA ecosystem.  The round, which was managed by Polychain Capital and sponsored by Kraken, Blockchain.com, North Rock Digital, CitizenX, and dao5, had an investment of $50 million in cash and $60 million in BERA tokens. Berachain’s recovery sends strong message The complete recovery of Berachain is exceptional in a year of increasing DeFi adventures and partial recoveries. The openness in communication, rapid coordination and eventual restoration of funds by the foundation has assisted in regaining confidence in the resilience of the project. However, the event can be viewed as a wake-up call to DeFi protocols, as the developers were reminded that even a series of audits does not ensure maximum security.  With the industry expanding, the case of Berachain demonstrates the need to ensure community trust, timely response, and ethical cooperation in the protection of the decentralized ecosystems. Also Read: Garden Finance Suffers $5.5M Hack Across Multiple Chains Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: ZKsync Introduces Governance-to-Utility Shift for ZK TokenZKsync, the Layer-2 scaling network built on Ethereum, is moving its ZK token from governance toward active economic utility. This shift marks a new stage in how blockchain networks align usage with value. When the ZK token was launched in mid-2024, its sole purpose was governance: token holders could vote on proposals but had no direct claim on network activity. That model, typical among decentralized ecosystems, aimed to maintain neutrality while the architecture matured.  Now, with interoperability features and “Prividiums” (private, institution-ready ZKsync chains) entering real-world use, ZKsync’s founder Alex Gluchowski says the time has come to connect network economics to its native token. From governance to real utility In the proposed model, every transaction or service using the ZKsync network would generate value that flows back into a decentralized treasury governed by token holders. https://t.co/RRS64KHyam— ALEX | ZKsync ∎ (@gluk64) November 4, 2025 That treasury would then use the proceeds for three key purposes: buying back ZK from the market, distributing staking rewards to node operators, and funding ecosystem growth. Logic is straightforward: as the network grows in usage, value should circulate within it rather than dissipate externally.  Two revenue streams are proposed: on-chain interoperability fees for moving assets and messages between ZKsync and Prividiums, and off-chain licensing for enterprise modules tailored to banks and financial institutions. This design reflects a growing recognition across blockchain ecosystems that sustainability requires more than token issuance and hype. In simple terms, the model aims to make decentralization pay for itself, rewarding validators, developers, and governance participants based on real network demand. What is governance utility, and why it matter? Governance tokens originally emerged to decentralize decision-making. They gave holders the right to vote but no direct link to profits or cash flow, distinguishing them legally from securities.  Over time, this structure created a gap: networks could grow in users and volume without creating direct economic benefits for their token holders. ZKsync’s proposed shift toward “governance utility” bridges this gap. Instead of serving only as a symbolic voting tool, ZK would become a mechanism for distributing network value — without compromising decentralization. In practice, this means governance would remain community-driven but backed by measurable, on-chain activity. The next phase for $ZK token is real economic utility.As interop and Prividiums enter production, the network for incorruptible finance should capture the value it creates, channeling it towards ecosystem growth. https://t.co/cIGww7tL8D— ZKsync (@zksync) November 4, 2025 In other words, ZK would function as both a decision-making instrument and a reflection of the network’s health. A step toward what Gluchowski calls “economically sustainable decentralization.” How the model works Under the proposed framework, interoperability will be ZKsync’s main source of on-chain value capture. The network’s new cross-chain system, built on its Elastic Network architecture, will allow seamless asset and message transfers across public chains and private Prividiums. Each transfer will generate small protocol fees. While minor individually, these could add up significantly if financial institutions adopt ZKsync as a settlement layer. Gluchowski compares the potential scale to SWIFT, which handles over 50 million financial messages daily. Off-chain, the network will generate revenue through enterprise licensing. Modules like compliance dashboards, audit integrations, and reporting tools will be offered to financial institutions using ZKsync’s technology privately.  The fees from those licenses will then feed back into the same governance-controlled system that manages on-chain revenues, maintaining a unified economic loop. A growing foundation: interoperability and Atlas This proposal follows ZKsync’s Atlas upgrade, which redefined how Ethereum-based Layer-2 networks exchange liquidity. The upgrade allows assets to move between chains within seconds and gives institutions direct access to Ethereum liquidity without maintaining separate reserves. Together, Atlas and the new ZK utility model form a broader strategy: creating a self-sustaining, interoperable network capable of supporting both retail and institutional finance on-chain. What’s next for the ZK token The proposal will move to community review on the ZK Nation forum before a formal governance vote. If approved, it would represent one of the most advanced examples of “tokenized governance” evolving into full-scale “economic governance.” As Gluchowski summarized in his post, “When the network is used, the ecosystem should benefit.” The shift signals a larger trend across DeFi and Layer-2 ecosystems, where utility, rather than speculation, defines value. Also read: ZKsync Introduces Atlas Upgrade with Fast 1-Second ZK Finality Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Chainalysis Warns DeFi’s $150B Market Faces Growing Security RisksThe decentralized finance (DeFi) sector, long seen as the leading edge of open, borderless finance, is now entering a defining phase. With nearly $150 billion locked across protocols, it stands as both a driver of crypto innovation and a focal point for rising security and regulatory pressure. According to Chainalysis CEO Jonathan Levin, the industry’s rapid expansion has left fundamental vulnerabilities unaddressed. “When you’re building a protocol in your mum’s basement, you don’t have a chief security officer from GCHQ,” he told the Financial Times.  Levin warned that many start-ups remain focused on increasing token value rather than securing billions in user assets locked in smart contracts. Data from DefiLlama shows that while projects like Aave and EigenLayer have grown into multi-billion-dollar platforms, their open-source, permissionless design exposes them to constant attack risks.  The $128 million exploit on Balancer yesterday, following other high-profile breaches at Cetus Protocol and Curve Finance, shows how even long-standing, audited protocols can fail when legacy code meets sophisticated attackers. Decentralization without security isn’t freedom The Balancer hack hit one of DeFi’s most established projects, sending shockwaves through the community.  Curve Finance, itself a cornerstone of decentralized liquidity, issued a stark warning to developers: “Heartbreaking to see OG DeFi projects being exploited. Double-check your code. One mistake can cost millions.” For many in the industry, the message is clear: innovation alone is no longer enough. In an ecosystem built on transparency and automation, a single error in a smart contract can erase years of trust overnight.  As DeFi grows more interconnected across chains, a single breach can now cascade through multiple ecosystems within minutes. Regulators’ patience is wearing thin Governments are beginning to notice. In Washington, the U.S. Treasury is reviewing a proposal under the GENIUS Act to embed digital identity checks directly into DeFi smart contracts, effectively merging traditional Know-Your-Customer (KYC) rules with blockchain infrastructure. Supporters see it as a way to curb money laundering and sanctions evasion, while developers argue it undermines DeFi’s core principle: permissionless access. In Europe, regulators are issuing similar warnings. The European Stability Mechanism and the European Supervisory Authorities have cautioned that stablecoins and DeFi could pose “systemic risks” if left unchecked.  Their latest report, along with new requirements under the Digital Operational Resilience Act (DORA), calls for tougher cybersecurity standards as banks and funds increase their exposure to digital assets. The concern isn’t just about rogue developers — it’s about contagion. As traditional finance edges closer to blockchain-based systems, regulators fear that a DeFi meltdown could one day spill into mainstream markets. The illusion of decentralization The promise of transparency often masks DeFi’s biggest flaw, no one is accountable when things break. Regulators say the contagion risk is still contained, but the line between banks and digital assets is fading fast. The ESMA report shows that successful cyberattacks have increased since 2022, reaching a high in Q1 2025. The question now isn’t whether crypto will grow, but whether the system can handle the hit when volatility leaks into the mainstream. Cyber risk data from EU watchdogs shows threats climbing, and staying high, through late 2025. What comes next The DeFi ecosystem stands at a turning point. It can either mature into a regulated, security-conscious financial layer or remain an experimental zone where innovation and risk grow side by side. The Balancer exploit, along with the broader wave of attacks that followed, shows how fragile trust remains in a $150 billion market operating without central oversight.  DeFi’s future depends on showing that freedom and security can coexist. As regulators close in and industry voices call for stronger protections, the sector’s defining feature, decentralization, is increasingly being tested. Also read: Garden Finance Suffers $5.5M Hack Across Multiple Chains Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Balancer Confirms $116M Exploit, Announces 20% BountyThe decentralized finance protocol Balancer confirmed late Monday that an exploit drained more than $116 million from its V2 Composable Stable Pools, in what has become one of the largest DeFi breaches of the year. In an official post on X, the Balancer team said the attack occurred around 7:48 AM UTC, affecting only its V2 Composable Stable Pools, an older version of the protocol launched in 2021. The team stated that “any pools that could be paused have been paused and are now in recovery mode,” adding that Balancer V3 and other pools remain unaffected. Today, around 7:48 AM UTC, an exploit affected Balancer V2 Composable Stable Pools.Our team is working with leading security researchers to understand the issue and will share additional findings and a full post-mortem as soon as possible.Because these pools have been live… pic.twitter.com/LRLNNXogt3— Balancer (@Balancer) November 3, 2025 The statement came hours after blockchain investigators and security analysts sounded the alarm.  Lookonchain estimated that the total stolen funds had surged to $116.6 million, spread across multiple networks including Ethereum, Polygon, and Base.  Absolutely insane — the total stolen funds from the Balancer exploit have now surged to $116.6M. 💀https://t.co/mZSf2EK7K5 pic.twitter.com/yZIC6H9NB3— Lookonchain (@lookonchain) November 3, 2025 Other analysts, such as OnchainLens, confirmed that the attacker had begun moving the stolen funds, prompting fears that the assets could soon be laundered through secondary DeFi platforms. Update on @Balancer ExploitThe #Balancer has been exploited for $116M on multiple chains.You can track the exploiter here:https://t.co/1woRywcjmO https://t.co/ARvq49ba0l pic.twitter.com/CRz6Gpwxv3— Onchain Lens (@OnchainLens) November 3, 2025 Code flaw across multiple networks Preliminary findings suggest the attacker exploited a long-standing flaw in Balancer V2’s “manageUserBalance” function, a component that determines which addresses can initiate fund transfers during contract execution.  According to independent developer Suhail Kakar, the function misidentified the message sender, effectively giving attackers permission to move assets without proper validation. balancer went through 10+ audits. the vault was audited 3 separate times by different firmsstill got hacked for $110Mthis space needs to accept that 'audited by X' means almost nothing. code is hard, defi is harderit is unfortunate but hope the team recovers pic.twitter.com/nZzVzCdqDO— Suhail Kakar (@SuhailKakar) November 3, 2025 This flaw, buried deep in Balancer’s shared vault system, allowed the exploiter to drain funds linked across several blockchains.  The stolen tokens included 6,850 osETH, 6,590 WETH, and 4,260 wstETH, among others. Security firm Cyvers described the incident as “suspicious” early this morning. Balancer issues 20% bounty As part of its response, Balancer sent an on-chain message to the attacker offering a 20% white-hat bounty for the return of the remaining funds. The team said the offer would expire after 48 hours unless extended. The broader fallout has left multiple projects reeling. Beets Finance, one of the protocols built atop Balancer’s infrastructure, confirmed losses of over $3 million and said roughly $60 million in assets remain at risk until full remediation is achieved. At its peak, Balancer managed about $700 million in total value locked, according to DefiLlama, making this breach a major blow to one of DeFi’s most established automated market makers. Another day, another exploit The Balancer exploit comes just months after the team launched Balancer V3, marketed as a more secure and modular upgrade.  Analysts now point out that the recent website hijack, which saw hackers steal $238,000 in crypto by mimicking Balancer’s official frontend, further highlights the protocol’s ongoing security challenges.  The firm reiterated its warning to investors and users to avoid unofficial links or messages, noting that only updates shared via its verified X account and Discord server should be trusted. As Balancer works with auditors and law enforcement to trace both the $116+ million exploit and the newer website breach, the community remains on edge.  Ongoing DeFi security gaps The Balancer exploit and subsequent website hijack have reignited a debate that’s haunted decentralized finance since its inception: how much freedom is too much when billions in user assets are at stake?  The sector’s promise of open, permissionless systems continues to clash with its recurring vulnerability to human error and code exploits. As developers push for more automation and transparency, the latest incidents expose the limits of “trustless” systems in practice. Without stronger recovery tools and unified security standards, DeFi’s credibility risks eroding under the same openness that made it revolutionary. Also read: Berachain Validators Halt Network in Wake of $117M Balancer Exploit Source InformationPublisher: The Crypto TimesOriginal Source: Read more

خلاصہ: Balancer Confirms $116M  Exploit, Announces 20% BountyThe decentralized finance protocol Balancer confirmed late Monday that an exploit drained more than $116 million from its V2 Composable Stable Pools, in what has become one of the largest DeFi breaches of the year. In an official post on X, the Balancer team said the attack occurred around 7:48 AM UTC, affecting only its V2 Composable Stable Pools, an older version of the protocol launched in 2021. The team stated that “any pools that could be paused have been paused and are now in recovery mode,” adding that Balancer V3 and other pools remain unaffected. Today, around 7:48 AM UTC, an exploit affected Balancer V2 Composable Stable Pools.Our team is working with leading security researchers to understand the issue and will share additional findings and a full post-mortem as soon as possible.Because these pools have been live… pic.twitter.com/LRLNNXogt3— Balancer (@Balancer) November 3, 2025 The statement came hours after blockchain investigators and security analysts sounded the alarm.  Lookonchain estimated that the total stolen funds had surged to $116.6 million, spread across multiple networks including Ethereum, Polygon, and Base.  Absolutely insane — the total stolen funds from the Balancer exploit have now surged to $116.6M. 💀https://t.co/mZSf2EK7K5 pic.twitter.com/yZIC6H9NB3— Lookonchain (@lookonchain) November 3, 2025 Other analysts, such as OnchainLens, confirmed that the attacker had begun moving the stolen funds, prompting fears that the assets could soon be laundered through secondary DeFi platforms. Update on @Balancer ExploitThe #Balancer has been exploited for $116M on multiple chains.You can track the exploiter here:https://t.co/1woRywcjmO https://t.co/ARvq49ba0l pic.twitter.com/CRz6Gpwxv3— Onchain Lens (@OnchainLens) November 3, 2025 Code flaw across multiple networks Preliminary findings suggest the attacker exploited a long-standing flaw in Balancer V2’s “manageUserBalance” function, a component that determines which addresses can initiate fund transfers during contract execution.  According to independent developer Suhail Kakar, the function misidentified the message sender, effectively giving attackers permission to move assets without proper validation. balancer went through 10+ audits. the vault was audited 3 separate times by different firmsstill got hacked for $110Mthis space needs to accept that 'audited by X' means almost nothing. code is hard, defi is harderit is unfortunate but hope the team recovers pic.twitter.com/nZzVzCdqDO— Suhail Kakar (@SuhailKakar) November 3, 2025 This flaw, buried deep in Balancer’s shared vault system, allowed the exploiter to drain funds linked across several blockchains.  The stolen tokens included 6,850 osETH, 6,590 WETH, and 4,260 wstETH, among others. Security firm Cyvers described the incident as “suspicious” early this morning. Balancer issues 20% bounty As part of its response, Balancer sent an on-chain message to the attacker offering a 20% white-hat bounty for the return of the remaining funds. The team said the offer would expire after 48 hours unless extended. The broader fallout has left multiple projects reeling. Beets Finance, one of the protocols built atop Balancer’s infrastructure, confirmed losses of over $3 million and said roughly $60 million in assets remain at risk until full remediation is achieved. At its peak, Balancer managed about $700 million in total value locked, according to DefiLlama, making this breach a major blow to one of DeFi’s most established automated market makers. Another day, another exploit The Balancer exploit comes just months after the team launched Balancer V3, marketed as a more secure and modular upgrade.  Analysts now point out that the recent website hijack, which saw hackers steal $238,000 in crypto by mimicking Balancer’s official frontend, further highlights the protocol’s ongoing security challenges.  The firm reiterated its warning to investors and users to avoid unofficial links or messages, noting that only updates shared via its verified X account and Discord server should be trusted. As Balancer works with auditors and law enforcement to trace both the $116+ million exploit and the newer website breach, the community remains on edge.  Ongoing DeFi security gaps The Balancer exploit and subsequent website hijack have reignited a debate that’s haunted decentralized finance since its inception: how much freedom is too much when billions in user assets are at stake?  The sector’s promise of open, permissionless systems continues to clash with its recurring vulnerability to human error and code exploits. As developers push for more automation and transparency, the latest incidents expose the limits of “trustless” systems in practice. Without stronger recovery tools and unified security standards, DeFi’s credibility risks eroding under the same openness that made it revolutionary. Also read: Berachain Validators Halt Network in Wake of $117M Balancer Exploit Source InformationPublisher: The Crypto TimesOriginal Source: Read more