hodler

9 Jun 2026, 18:05

Attacker drains $1.58M from Token of Power pool via Aragon DAO governance exploit

An attacker has exploited a governance misconfiguration in the Token of Power (TOP) Aragon DAO. They reportedly used majority voting power to mint tokens and drain roughly 944 WETH, which is worth around $1.58 million, from a Balancer V1 liquidity pool on Ethereum. Various blockchain security firms flagged the incident, relying on the effective vector, which showed that TOP’s total token supply was just 16,384 tokens, and the attacker held slightly more than half of them. How did the TOP token exploit work? TOP is a MiniMeToken governed through Aragon’s voting infrastructure. According to Blockaid’s analysis , the attacker accumulated 8,192.000001 TOP, and this was more than enough to help them to clear the 50% threshold needed to pass governance proposals unilaterally. As a result of the Aragon Voting app on TOP’s DAO having no timelock, the attacker was able to create a proposal, vote it through, and execute it within a single transaction. BlockSec Phalcon confirmed that the passed proposal minted a large quantity of new TOP tokens to the attacker’s address. The attacker then used those freshly minted tokens to drain the TOP/WETH Balancer V1 BPool, extracting 944.2 WETH. It was noted that Balancer’s protocol was not itself vulnerable. The pool was simply the place where the attacker converted inflated TOP holdings into WETH. How did the attacker move the funds? The attacker’s wallet, 0xff8eF7bC455a57e5893232203052Ce0232b39Fa2, was funded through Tornado Cash . The exploit was executed in a single transaction through a dedicated contract, per Blockaid’s on-chain breakdown. A textbook governance-takeover scenario The root cause of the exploit was not a smart contract bug in the traditional sense. TOP’s token has a relatively small supply and low market capitalization, which made acquiring a controlling stake cheap. When that was combined with Aragon’s voting configuration, which allows same-block proposal creation, voting, and execution, the attacker faced no major barrier between gaining majority power and draining funds. Aragon’s own documentation on DAO security highlights access controls and the importance of restricting who can call sensitive functions on smart contracts. In that same documentation, the organization stated that onchain functions are accessible by all by default and that authorized access “must be restricted to authorized addresses” when token minting or fund movements are involved. However, TOP’s configuration did not enforce a timelock or quorum delay that could have given other token holders time to react. What to watch Neither the Token of Power team nor Aragon has issued any statement concerning the exploit as of publication. While the stolen WETH is still traceable onchain, the Tornado Cash funding of the attacker’s wallet complicates recovery prospects. The incident is a reminder that governance parameters (timelocks, quorum thresholds, proposal delays) are not optional safety features for low-supply tokens with meaningful treasury exposure. The smartest crypto minds already read our newsletter. Want in? Join them .

9 Jun 2026, 15:07

Governance takeover lets attacker mint 10B TOP tokens in $1.5m exploit

Security researchers said the exploit targeted an Aragon DAO governance setup rather than Balancer itself.

21 May 2026, 21:24

a16z-Backed Syndicate Labs Blames Shrinking Rollup Ecosystem for Shutdown Decision

Syndicate Labs, an on-chain development startup backed by Andreessen Horowitz, announced that it is winding down operations after five years of building infrastructure for on-chain developers. It cited major shifts in the rollup market as the primary reason behind the decision. EVM Rollups No Longer the Standard In a statement on X, Syndicate Labs said its main focus had been giving developers better tools to build and scale on-chain apps. But according to the company, the rollup market has changed sharply in recent years. It noted that fewer new rollups are entering the space, while several older projects have slowly disappeared. The company said the market had moved away from the type of technology it was building, and added that EVM rollups are no longer viewed as the industry standard. Instead, it said developers are increasingly choosing to build custom chains from scratch through consulting teams, which has resulted in less reusable infrastructure and reduced network effects across the ecosystem. Syndicate Labs said it had spent years trying to support the growth of on-chain applications and wished the outcome had been different. Despite the shutdown of the development company, the group stressed that the broader Syndicate ecosystem will continue to exist separately through the Syndicate Network Collective, a Wyoming-based DUNA that holds governance authority over SYND tokens. The company also clarified that the collective operates independently from Syndicate Labs, which essentially means that governance over the SYND token is not immediately impacted. It explained that a successor organization could continue maintaining the DUNA structure, though it also outlined plans for an orderly wind-down if no successor emerges. The Syndicate Commons Bridge on Base was compromised in late April after attackers gained access through a leaked private key, which eventually drained 18.5 million SYND tokens worth nearly $330,000. However, Syndicate Labs stated that the shutdown decision was unrelated to the incident. The affected customer and all SYND holders on Commons Chain have already been reimbursed using treasury reserves specifically set aside for such events. The company further stated that team members and investors remain subject to token lockups and that no affiliated individual has been able to access allocations for short-term benefit. Syndicate Labs said its vesting structure was designed around long-term incentives. Two DeFi Projects Falter Syndicate Labs is not the only crypto project to struggle after security incidents and changing market conditions this year. This year, two DeFi projects moved toward shutdowns after struggling with the fallout from major security and financial problems. In February, Solana-based DeFi aggregator Step Finance, along with SolanaFloor and Remora Markets, ceased operations after a wallet compromise led to roughly $30 million in losses. The teams said fundraising and acquisition talks failed to produce a recovery plan. A month later, Balancer Labs proposed restructuring the Balancer protocol after months of financial strain, declining TVL, and a November exploit that accelerated liquidity outflows across the platform. The post a16z-Backed Syndicate Labs Blames Shrinking Rollup Ecosystem for Shutdown Decision appeared first on CryptoPotato .

14 May 2026, 06:00

Crypto Superapp Legend Announces Shutdown As Industry Shakeout Continues

Mainstream crypto users don’t care whether a product runs on a blockchain or not. That blunt observation came from Legend CEO Jayson Hobby as he announced the closure of the DeFi mobile app he helped build — and it may be the most honest thing said about crypto consumer products in years. A Costly Lesson in Crypto User Behavior Legend, a mobile-first DeFi aggregator founded by former Compound Finance executives, will go offline on July 12 after roughly two years in operation. The app will continue running normally for 60 days before the shutdown takes effect. Hobby said the product found an audience but failed to grow to the scale needed to keep the company financially viable. Closing, he said, was the right call for the team and its investors. The app let users earn, trade, borrow, and swap assets like stablecoins and Ether through integrations with major DeFi protocols including Aave, Compound, and Uniswap — all from a single interface. The idea was to spare users from juggling multiple wallets and applications. Legend operated as a non-custodial aggregator, meaning it never held user funds directly. https://t.co/geLqLg7SuY — JSON (@jaysonhobby) May 12, 2026 Backed By Big Names, Still Not Enough In February 2025, Legend closed a $15 million funding round led by Andreessen Horowitz and Coinbase Ventures. The backing gave it credibility. It wasn’t enough to overcome the growth gap. No active user counts or total value locked figures were disclosed, partly because the aggregator model makes those numbers harder to pin down. What users want, according to Hobby, is simple: better yield, faster payments, more control over their money. Whether those outcomes come from a blockchain or a traditional bank account is beside the point. “The product that wins,” he said, “is the one that hides it completely. The benefits are felt, not explained.” The broader DeFi market has not made things easier. Total value locked across the DeFi ecosystem has fallen 50% since October, weighed down by a prolonged crypto bear market. A Wave Of Closures Sweeps The Sector Legend is far from alone. More than 20 DeFi, NFT, crypto, GameFi protocols have announced shutdowns so far this year. ZeroLend closed in February after three years, calling its model unsustainable. Solana aggregator Step Finance wound down the same month following a $40 million treasury wallet breach. DeFi derivatives platform Polynomial also ceased operations in February. Balancer Labs shut down in March after mounting pressure following a $116 million hack late last year. And in April, Base-based lending protocol Seamless Protocol cited volatile market conditions as the reason for its closure. Featured image from Unsplash, chart from TradingView