News
22 May 2026, 11:30
NEAR Protocol Jumps 28% on Privacy, AI, and Scaling Upgrades

NEAR rallied by 45% this week on a series of upgrades positioning it as a potential settlement layer for AI agents and confidential finance.
22 May 2026, 11:26
Polymarket Faces Fresh Security Crisis After $660,000 Exploit

The prediction market platform Polymarket is once more in the spotlight, this time for an exploit that reportedly siphoned off 660,000 from wallets associated with it. Onchain analysts identified dubious transactions from a contract expected to carry key responsibilities for market settlement operations shortly after the incident attracted industry-wide concern. According to blockchain investigators, the attacker remained relentless and moved stolen funds at an unprecedented rate across many wallets in a bid to muddy tracking efforts. Reports in crypto security channels said nearly 5,000 POL tokens per 30 seconds were drained through the exploit. According to analysts, the stolen assets were processed through at least 15 distinct wallets in the days immediately following extraction, a well-known practice by thieves to break trails of suspicious transactions before recycling revenues via balancer-like services or exchanges. Due to the fact that Polymarket is currently the worlds largest blockchain based prediction market platform, this exploit instantly turned into one of the most talked about, seismic events in the history of crypto. The episode led to a renewed focus on operational security practices for high value crypto applications that deal with very large amounts of user activity and liquidity. Warning: #Polymarket 's contract appears to be exploited, and the attacker is stealing funds. So far, more than $660K has already been stolen. Source: @zachxbt https://t.co/WXvRwtWEFs pic.twitter.com/sIa0FWEEzo — Lookonchain (@lookonchain) May 22, 2026 Onchain Investigators Trace The Attack According to several posts on social media and monitoring platforms, the suspicious activity associated with the exploit was noticed by crypto investigator ZachXBT among others. Researchers monitoring the attack noticed immediate fund transfers aligned with mechanical draining action. Wallets were drained at specific time intervals prior to the funds being split into thousands of different addresses, making it difficult to trace. As it unfolded quickly, our worry was amplified because the affected infrastructure involved functionality around settlement for on-chain prediction market operations. Settlement contracts are key components of prediction markets, as they define the settlement of events (by finalizing outcomes) and their respective awards to users after an event resolves. Initial responses from the crypto world raised concerns that Polymarket’s core protocol may have been directly compromised. Due to the sensitivity of settlement infrastructure in event-driven trading platforms, concerns soon arose as to how it would affect user balances and open market positions. At the same time, traders and users slammed the platform for its initial silence after the incident. With news of the exploit loosed into the wild, many in the market noted that an extension of time before disclosure introduced even greater uncertainty and deepened apprehensions about platform transparency when security crises arise. Polymarket Says Core Contracts Remain Safe Polymarket issued a public statement in response to ongoing speculation, stating that user funds were safe and the platform was still functioning correctly. We’re aware of the security reports linked to rewards payout. User funds and market resolution are safe. Findings point to a private key compromise of a wallet used for internal top-up operations, not contracts or core infrastructure. More updates to follow. — Polymarket Developers (@PolymarketDevs) May 22, 2026 The breach did not exploit Polymarket’s core smart contracts, protocol architecture. Instead, the hack was apparently tied to a compromised private key or an internal operational wallet. It is an important distinction since it fundamentally changes the character of a security event. The incident has therefore appeared to be more related to operational security management of delegate-controlled access to privilege wallets rather than directly exposing a vulnerability in the protocol core logic. Polymarket stated that its core contracts were never compromised and stressed that the structure of the overall architecture remains intact. The company described the exploit as an internal- rather than protocol-level security failure. However, the event has serious implications for how infrastructure is managed, which are not mitigated by a TLS migration without protocol compromise. Leaked private keys corresponding to a working wallet can expose an attacker to sensitive systems, treasury capabilities at least for the timespan during which that pair is alive, and even related operations depending on general wallet permission in crypto environments. Multiple Security Incidents Raise Concerns The new exploit has drawn particularly increased scrutiny due in part to being the latest blow in a series of security incidents that have beset Polymarket over a short time-frame. Some reports suggest that the platform experienced a compromised user account (breached through login). Two months later, in February 2026, alleged trading bots connecting to Polymarket were compromised. So this most recent attack is actually the third notable kind of security-related incident that Polymarket has seen in just about a six-month period. This trend elevates conversations within the industry from isolated incidents to more high-level issues of the safety culture at large in platform operations. While the technical causes are different, a repeat of incidents can sometimes shake user confidence when-in-fact, the underlining protocol works as intended. If you plan on being a trading and prediction platform layer decentralized, the key to upfront growth is trust. Users rely primarily on the belief that both code and protocols managing assets, payments, consulting system failures are resistant to external attacks as well as internal corruption. Well-publicized and repeat security incidents complicate branded reputation efforts, particularly for platforms with increasing trade volumes from speculative capital in a decentralized finance ecosystem facing growing international trading activity. Prediction Markets Face Growing Security Pressure This incident comes at a time of accelerated growth in blockchain prediction markets. Polymarket and similar platforms have gained major traction due to traders continuing to use event-based markets as a way of speculating on elections, macroeconomic developments, cryptocurrency movements, sports outcomes, and geopolitical events. The attractiveness of these platforms as targets from attackers due to rising liquidity and public visibility combined. With the prediction market sector maturing, operational security is becoming as much of a focus as protocol design. While smart contracts can be secured, weaknesses lie in wallet management or internal permissions, as well as infrastructure coordination. This exploit at Polymarket is just a small example of a more systemic reality with crypto: decentralized applications are often a collaborative system that allows onchain contracts and offchain operational systems to function, but some part of it can have malfunctions. However, security failures in either layer can cause downstream risks. In both insights and beliefs about users, the distinction between a protocol exploit and an operational compromise for platform functionality may be irrelevant to how reliable the platform will be for managing funds and positions. Although Polymarket stands firm that user funds were protected, and core systems were not breached, it is the latest reminder of just how critical infrastructure security must be for expanding crypto platforms. With so much latent adoption potential, and capital flowing into decentralized prediction markets, operational resilience, along with transparent incident response will become the new criteria for platforms to establish long-term user trust. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !
22 May 2026, 11:08
Attackers drain more than $520,000 from Polymarket contract

A Polymarket security incident drained more than $520,000 in collateral from the platform’s UMA CTF Adapter contract on Polygon on May 22, 2026. On-chain investigator ZachXBT flagged the incident in a community alert and pointed to a compromised deployer address as the likely entry point for the attack. The drain played out across a short window around 09:00 UTC. No official notice from Polymarket or UMA had been posted at the time of reporting. How the Polymarket drain played out? The hack targeted the Polymarket UMA CTF Adapter Admin Contract at address 0x91430C…E5c5, which is an upgradeable proxy that manages the main adapter that holds the market collateral. The blockchain reveals the initial events recorded on the Admin Contract at around 09:00:30 UTC. That should raise an alarm about a proxy pattern exploit. The initial events were quickly followed by transfer events for Polygon’s native currency, POL. At 09:00:49, the adapter admin received 5,000 POL from a Polymarket address. Five seconds later, it sent close to 9,994 POL out to the attacker-controlled account. The pattern repeated at 09:01:19 with another 5,000 POL inflow, followed by a transfer of close to 5,000 POL to the same attacker address at 09:01:26. The two-step transfer moved more than 10,000 POL out of the adapter in under a minute. The drained addresses listed by ZachXBT, 0x871D7c0f and 0xf61e39C7, had sent collateral into the adapter that the attacker then withdrew through the admin contract. The primary attacker address received the POL transfers and began consolidating the funds shortly afterward. A compromised key, not a smart contract bug In this way, the chain of initializing calls to the admin contract shows the risk of key theft and initialization vulnerability rather than any issue with the UMA optimistic oracle logic. The contract was based on the UMA oracle, but the breach occurred in the access control level, and the hacker received the ability to perform admin-only calls. It can be assumed that either the deployment process happened with the help of a key compromised by attackers or an uninitialized contract proxy was available for exploitation. After receiving administrator powers, the hacker could withdraw the whole collateral balance without any need for custom exploits. The Polymarket hack resembles similar events reported earlier in 2026. For instance, the Step Finance hack of about $27.3 million happened due to a breach of the executive key and the multi-sig mechanism at the beginning of 2026. A similar case is the Drift Protocol hack of about $285 million; it happened in April 2026 as a result of a socially engineered admin key, which enabled whitelisting worthless collateral. There were no software vulnerabilities in those smart contracts. Attacker wallet activity and tracing The address 0x8F98075d should be flagged as highly suspicious because it was the destination for both POL collateral transfers and is the greatest opportunity for movement of stolen value out of or into the Polygon network. Similarly, the intermediary address involved in initializing calls 0x65070BE9 can be assumed to be controlled by attackers and deserves similar monitoring. Based on past experiences, there is a possibility that the next step will involve cross-chain bridges and mixing. In the case of Drift , the stolen funds were partially bridged to Ethereum via the cross-chain protocol belonging to Circle prior to laundering. There were no reports as of reporting of large outgoing bridges from the suspect addresses. If you're reading this, you’re already ahead. Stay there with our newsletter .
22 May 2026, 11:06
Quantum Computing and Crypto: Is Blockchain Security Ready for the Next Threat?

Quantum computing is moving from theory to prototypes, rekindling a hard question for crypto: will tomorrow’s machines break today’s blockchains? The short answer is nuanced. Some core tools that secure wallets and consensus could be vulnerable to future quantum attacks. Others—especially hash-based primitives that defend proof-of-work and Merkle trees—look comparatively robust. If you hold assets, build wallets, or run infrastructure, you don’t need panic—you need a plan. The timelines are uncertain, but migration takes years. The teams that inventory their cryptography, add algorithm agility, and sketch a post-quantum (PQ) roadmap will be positioned to adapt without rushing under pressure. This article separates signal from noise: what quantum threatens, what likely survives, the readiness of major networks, and concrete steps to reduce risk now—without hype or fatalism. PointDetailsPrimary quantum riskShor’s algorithm could break widely used public-key signatures (ECDSA, Ed25519, Schnorr, BLS). That’s a long-term but high-impact risk.What likely holds upHash-based primitives (SHA-256, Keccak-256), Merkle trees, and STARK-style proofs remain comparatively resilient; Grover’s algorithm offers only a quadratic speedup.Network exposure variesBitcoin addresses that hide public keys until spend reduce exposure; Taproot and many L1/L2 accounts that directly reveal public keys are more exposed in a post-Shor world.Standards progressNIST has selected PQC algorithms (Kyber; Dilithium, Falcon, SPHINCS+) and circulated draft FIPS in 2024; real-world deployment still takes years.Practical mitigationAdd crypto agility (hybrid signatures, account abstraction), avoid address reuse, plan UTXO sweeps, and monitor vendor roadmaps for PQ support.Investor takeawayNo immediate collapse is likely, but preparation now reduces future migration costs and key-exposure risks. The Quantum Threat Model for Blockchains Quantum computers exploit superposition and entanglement to accelerate specific computations. Two algorithms matter for cryptography: Shor’s algorithm threatens discrete logarithm and factoring problems—the foundation for ECDSA, Ed25519, Schnorr, RSA, and BLS signatures. Grover’s algorithm gives a quadratic speedup for brute-forcing symmetric keys and hashes. That halves the “effective” bits of security (e.g., 256-bit hash to roughly 128-bit search effort), which is still considered strong in practice with parameter adjustments. For blockchains, signatures protect funds and consensus identities. If a sufficiently powerful, fault-tolerant quantum computer becomes available (“Q‑day”), an attacker who sees a public key could compute the corresponding private key and forge signatures. Important nuance: the “harvest now, decrypt later” risk that plagues encrypted data is less direct for signatures. Attackers cannot decrypt your private key from an address hash they see on-chain. They can, however, archive exposed public keys today and attempt key recovery later if those funds remain unmoved when quantum machines arrive. Pro tip: Limiting public key exposure and avoiding address reuse are low-cost steps that improve your posture against future signature forgery. What Breaks Under Shor vs. Grover Different blockchain components depend on different primitives. Here’s a high-level map of potential impact. ComponentMain PrimitiveQuantum ImpactCommentWallet signatures (BTC ECDSA, ETH ECDSA/Schnorr, Ed25519, BLS)Discrete log on elliptic curvesVulnerable to ShorAttacker could derive private keys from exposed public keys and forge spends.Consensus keys (e.g., BLS for validator aggregation)BLS over pairing-friendly curvesVulnerable to ShorWould require protocol-level migration; aggregation benefits complicate alternatives.PoW hashing (SHA-256) and Merkle treesHash functionsResists; Grover reduces marginParameter increases or double hashing mitigate; no known catastrophic break.zk-SNARKs on pairings (Groth16/Plonk variants)Elliptic curves + pairingsVulnerable to ShorUnderlying group assumptions break; PQ alternatives include STARKs.zk-STARKsHash-based with FRI protocolsRelatively resilientSecurity rests on hash assumptions; adjust parameters for Grover.Address hashing (BTC P2PKH, ETH addresses)Hash + encodingResists; Grover reduces marginAddresses that hide public keys buy time until spend/signature exposure. On the defense side, several PQ signature families show promise: Lattice-based (e.g., CRYSTALS-Dilithium, Falcon) offer performance close to today’s systems, with larger keys/signatures. Hash-based (e.g., SPHINCS+) avoid number-theoretic assumptions, but signatures are larger and verification is heavier. Code-based and multivariate schemes exist, but most blockchain discussions center on lattice and hash-based options due to tooling and standardization momentum. The U.S. National Institute of Standards and Technology (NIST) has selected CRYSTALS-Kyber (key encapsulation) and three digital signatures—CRYSTALS-Dilithium, Falcon, and SPHINCS+—for standardization, with draft Federal Information Processing Standards circulating in 2024. See the program page for status updates at NIST PQC . State of Major Networks: Bitcoin, Ethereum, Solana and Beyond Bitcoin Most Bitcoin outputs (P2PKH/P2WPKH) commit to a hash of the public key. Your public key is only revealed when you spend, limiting pre-spend exposure. However, Taproot (P2TR) places an x-only public key directly in the output, which could be attractive to a quantum-capable attacker if such machines existed. In practice, no cryptographically relevant, fault-tolerant quantum computer exists today that can execute Shor at required scales—but the design detail matters for future planning. The Bitcoin Script system is flexible enough to add new opcodes or tapscript paths for PQ signatures, and to support hybrid conditions (e.g., spendable with ECDSA now or with a PQ signature later). That said, consensus changes are conservative and take time. There is no widely adopted BIP that enshrines a standard PQ signature yet; discussions remain active in research forums. Ethereum Externally Owned Accounts sign transactions with ECDSA; the public key can be recovered from transaction signatures, so any used account effectively exposes its public key. Ethereum’s beacon chain uses BLS signatures for validator aggregation, which are also based on discrete logarithms. The good news: Ethereum’s programmability enables crypto agility. Account abstraction (e.g., ERC-4337-style smart contract wallets) allows alternative verification logic, so chains and wallets can adopt PQ or hybrid signatures without an immediate hard fork. Replacing BLS at the consensus layer is a larger research and engineering task because aggregation and performance are integral to validator operations. Solana and other high-throughput L1s Solana addresses are Ed25519 public keys, which would be directly vulnerable to a sufficiently powerful quantum adversary. Migrating to PQ signatures at Solana’s throughput and latency targets raises engineering questions about signature sizes and verification costs, but the runtime allows for new verification programs and staged migrations. Across the Cosmos, Polkadot, and other ecosystems, most default signature schemes are Schnorr/EdDSA variants over elliptic curves and share similar exposure to Shor’s algorithm. The specific migration levers depend on governance and upgrade mechanisms of each chain. Layer 2 and proofs Rollups that use zk-SNARKs on pairing-friendly curves inherit discrete log assumptions and would need PQ alternatives in the long run. STARK-based systems rest primarily on hash assumptions and are comparatively better positioned with parameter tuning. Nonetheless, L2 accounts and bridges often rely on ECDSA/EdDSA at the edges, so full-stack planning is needed. Regulatory posture signals urgency without alarm: U.S. guidance such as NSA’s Commercial National Security Algorithm Suite 2.0 (CNSA 2.0) outlines a phased PQ migration for government systems into the 2030s, emphasizing early inventory and crypto agility. See the NSA notice for context at NSA CNSA 2.0 . Migration Playbooks: From Crypto-Agile Wallets to L1 Upgrades Hybrid signatures and algorithm agility Wallet-level hybrids: Require both a classical signature (ECDSA/Schnorr) and a PQ signature to spend, or allow either path under policy. This enables gradual rollout while preserving compatibility. Scriptable commits: For UTXO chains, commit to a PQ public key’s hash today (cheap) and reveal PQ verification only when needed. Smart contract wallets: In account-based chains, customizable validation logic can accept PQ signatures as soon as precompiles or libraries exist. L1 consensus and protocol changes New address types or opcodes: Introduce PQ-verify operations and new address encodings. Expect extensive review because signature sizes and verify costs affect fees and block limits. Consensus key migration: For chains using BLS, research targets include PQ signatures with aggregation or alternative consensus designs that reduce signature load. Bridges and cross-chain: Many bridges rely on threshold signatures or multisig over elliptic curves. Plans should evaluate PQ-ready quorum schemes or hybrid attestations. Key management, hardware, and custody Inventory your cryptography: Map where ECDSA/EdDSA/BLS are used across wallets, custodial flows, validator tooling, and off-chain services. Hardware wallet roadmaps: Ask vendors about implementing Dilithium/Falcon/SPHINCS+ and how firmware upgrades will be authenticated as the trust anchor transitions to PQ. Rotation and sweeping: Prepare to rotate keys and sweep funds from addresses that expose public keys (including Taproot and any reused accounts) to PQ or hybrid outputs before any credible Q‑day. Cost, Performance, and UX Trade-offs of Post-Quantum Signatures Post-quantum signatures are larger and often heavier to verify than today’s ECDSA/Ed25519 or BLS. That reality affects chain limits, fees, and user experience. Footprint: Typical PQ signature sizes range from roughly a few hundred bytes up to tens of kilobytes depending on the scheme and security level. Public keys can also be larger. Larger payloads increase bandwidth and storage needs. Verification cost: Lattice-based verification is generally fast but still costlier than Ed25519 per signature. Hash-based signatures (e.g., SPHINCS+) can be slower and bigger, trading performance for conservative assumptions. Aggregation: BLS’s compact aggregation is a major win in current consensus designs. PQ aggregation is an active research area; today’s PQ schemes don’t yet match BLS’s combination of compactness and speed. Stateless and one-time signatures: Some hash-based options (e.g., XMSS/WOTS variants) require careful state handling or produce large signatures. They may suit niche uses (e.g., infrequent rotations) rather than high-throughput wallets. Given these trade-offs, many teams pursue hybrid strategies: add PQ validation where the cost is acceptable (e.g., treasury moves, validator keys) while keeping classical paths for mass retail usage until better PQ tooling matures. A Practical Checklist for Teams and Treasuries For protocol and wallet developers Map dependencies: List every place signatures are used—wallets, consensus, bridges, admin keys, CI/CD signing, binary updates. Minimize public key exposure: Avoid address reuse; prefer address types that don’t reveal public keys until spend where possible. Add crypto agility: Design interfaces so signature algorithms can be swapped without rewriting apps. Consider hybrid verification in scripts or smart contracts. Run PQ pilots: Experiment with Dilithium/Falcon/SPHINCS+ in devnets. Measure size, verification cost, and UX impact. Engage standards early: Track NIST PQC, IETF CFRG drafts, and ecosystem proposals. Align encodings and parameter choices with emerging norms to avoid costly rewrites later. See IETF CFRG . Have a sweep plan: Create playbooks to move funds from exposed public keys to PQ/hybrid outputs on short notice. Test fees, batching, and operational throughput. Vendor diligence: Ask HSM, hardware wallet, and custody providers for PQ timelines, firmware auth plans, and migration tooling. For institutions and treasuries Assess key exposure today: Identify assets held at addresses that reveal public keys (e.g., Taproot, Solana accounts, used Ethereum EOAs) and prioritize rotation sequencing. Choose crypto-agile custody: Require contracts that include PQ roadmaps and service-level objectives for migration readiness. Diversify controls: Prefer multisig or smart contract wallets that can add PQ paths, rate limits, and time locks to slow down potential key-forgery attacks. Incident drills: Simulate a sudden step-change in estimated quantum risk. Can you rotate thousands of keys in days? Who signs off? What’s the communications plan? Monitor policy signals: NSA CNSA 2.0 and NIST guidance won’t dictate blockchain timelines, but they provide credible migration pacing for critical systems. Risk reminder: The dominant threats today are still classical—phishing, malware, key mismanagement, smart-contract bugs, and bridge exploits. Preparing for quantum should not distract from basic operational security. Myths, Edge Cases, and Open Questions “Quantum will kill Bitcoin overnight.” Not likely. Even if a credible quantum threat emerges, networks can soft-fork in PQ options and coordinate sweeping to safer outputs. The harder challenge is logistics at scale, not a lack of cryptographic candidates. “Proof-of-Work collapses under quantum.” Grover’s algorithm offers only a quadratic speedup for hashing. Practical quantum hardware capable of challenging global hash rates appears far off, and parameter tweaks (e.g., difficulty, hash output length) help maintain margins. “Address hashes make me safe forever.” Address hashing helps until you spend and reveal a signature or public key. If funds sit behind a public key (e.g., Taproot, many account-based chains), exposure is immediate in a post-Shor world. “We can just switch to PQ in a week.” Real migrations touch wallets, nodes, fee markets, hardware, and user education. Expect multi-year, staged rollouts—hence the value of crypto agility now. zk-proof ecosystems. SNARKs built on elliptic curves face the same Shor risk as signatures, while STARKs lean on hash assumptions and look more robust. Either way, account keys and bridges may still rely on classical signatures until upgraded. Aggregation gap. Today’s PQ signatures don’t replicate BLS’s elegant aggregation properties. Research into PQ-friendly aggregation or alternative consensus accounting remains ongoing. For authoritative guidance and status updates on standardization, track NIST’s PQC project at csrc.nist.gov and draft FIPS for Kyber, Dilithium, and SPHINCS+ (circulating in 2024). Ethereum developer resources on account design are collected at ethereum.org , and Bitcoin’s transaction formats are documented at bitcoin.org . If you’d like ongoing coverage of the post-quantum journey across chains, Crypto Daily follows standards, protocol roadmaps, and vendor announcements—visit Crypto Daily for the latest analysis. Frequently Asked Questions How soon could quantum computers threaten blockchain signatures? No one can give a precise date. Public assessments suggest fault-tolerant, cryptographically relevant machines are not imminent, but standards bodies encourage early migration planning because swapping foundational cryptography takes years. Treat this as a long-tail, high-impact risk: plan now, execute in phases. Are my Bitcoin holdings safe if I never reused addresses? Using address types that hide your public key until spend reduces exposure. However, funds behind outputs that directly reveal a public key (e.g., Taproot) would be at risk in a post-Shor world. Regardless, developing a plan to sweep into PQ or hybrid outputs before any credible quantum threat is prudent. Does Ethereum expose my public key? For EOAs, a transaction’s signature allows recovery of the public key, so any used account effectively exposes it. Account abstraction and smart contract wallets can help by supporting alternate or hybrid verification paths over time. Will Grover’s algorithm break SHA-256 mining? No. Grover offers a quadratic speedup, not an exponential break. While it narrows security margins, parameter adjustments and the immense practical challenges of building such hardware make a near-term disruption to PoW unlikely. Which post-quantum signatures look most practical for blockchains? Lattice-based schemes such as Dilithium and Falcon are front-runners due to performance, with SPHINCS+ valued for conservative assumptions. Exact choices depend on chain limits, desired signature sizes, verification costs, and whether aggregation is needed. What should teams do first to prepare? Inventory where signatures are used, minimize public key exposure, build crypto agility into wallets and contracts, and test PQ schemes on devnets. Coordinate with custody and hardware providers on their migration roadmaps. Is this financial advice? No. This article is educational. Crypto assets are volatile and involve security, technical, and regulatory risks. Always do independent research and consider professional guidance for treasury decisions. Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
22 May 2026, 11:02
Finance Coach Shares Big Update for XRP Holders

Crypto enthusiast Mrcauliman recently explained a developing yield vault structure involving XRP, Flare, Monarq, and D’CENT, while also addressing confusion around the relationship between Ripple, the XRP Ledger, and XRP . Mrcauliman explained in a tweet that XRP holders can now participate in yield vault strategies through integrations involving Monarq, Flare Smart Accounts, and D’CENT wallets. He clarified that this development does not introduce native staking to the XRP Ledger. Instead, it creates a system in which XRP can interact with decentralized finance infrastructure through tokenized representation on the Flare network. Big update for $XRP holders. A yield vault path is now being shown through Monarq, Flare Smart Accounts, and D’CENT. This doesn’t mean $XRP has native staking on XRPL. It means $XRP can be represented as FXRP on Flare, placed into a vault, and tracked through MXRPY receipt… — MRCΛULIMΛN (@mrcauliman) May 20, 2026 According to the explanation, XRP begins in a user’s XRPL account before being represented as FXRP on Flare. Once minted, the FXRP can enter a vault structure where strategies operate in the background. Users then receive MXRPY receipt tokens that reflect their vault position while the assets remain deployed within the strategy. Mrcauliman stressed that the process eventually works in reverse during withdrawals. The vault exits its strategy, the wrapped representation is redeemed, and XRP returns to the original XRPL account. He highlighted that the system does not impose a fixed lock-up period. This means that users can request withdrawals at any time. However, he also noted that processing windows and vault-related risks still exist and should be understood before participation. Focus on Infrastructure Around XRP The crypto enthusiast argued that developments like these demonstrate why users should study the ecosystem surrounding XRP rather than focusing only on the asset itself. In the X post, he stated that XRP utility is expanding through “wallets, bridges, vaults, apps, and real tools.” His comments placed strong emphasis on the infrastructure being built around XRP and the XRP Ledger. Rather than presenting XRP solely as a payment asset, the post described an environment in which interoperability and decentralized finance tools are becoming increasingly connected to the network. The mention of Monarq, Flare Smart Accounts, and D’CENT also points to growing collaboration between wallet providers, bridging systems, and smart contract platforms seeking to extend XRP functionality into additional blockchain use cases. We are on X, follow us to connect with us :- @TimesTabloid1 — TimesTabloid (@TimesTabloid1) June 15, 2025 Mrcauliman Responds to Criticism of XRP Mrcauliman later addressed criticism of XRP in response to another X user identified as justice, who said a friend believed “XRPL is good, but XRP is shit,” claiming that people only use XRP because Ripple needs funding. In response, Mrcauliman rejected the argument and explained that many critics confuse Ripple, XRPL, and XRP as if they were the same entity. He stated that Ripple is a company, XRPL is the network, and XRP is the native asset operating within that ecosystem. He further explained that XRP serves several important functions on the ledger, including transaction fees, account reserves, spam protection, liquidity, payments, decentralized exchange routing, and settlement movement across the network. Mrcauliman argued that XRP usage is tied directly to the way the ledger was designed rather than Ripple ‘s financial needs. He concluded his response by saying critics should first understand the basics of the ecosystem before making such claims. The exchange reflects a recurring debate within the digital asset sector, where confusion between blockchain networks, associated companies, and native assets continues to influence public perception of projects like XRP. Disclaimer : This content is meant to inform and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not represent Times Tabloid’s opinion. Readers are advised to conduct thorough research before making any investment decisions. Any action taken by the reader is strictly at their own risk. Times Tabloid is not responsible for any financial losses. Follow us on X , Facebook , Telegram , and Google News The post Finance Coach Shares Big Update for XRP Holders appeared first on Times Tabloid .
22 May 2026, 10:26
Polymarket Admin Wallet Exploited on Polygon, Says ZachXBT

Popular on-chain sleuth ZachXBT warned earlier today that an admin address of Polymarket appeared to have been compromised on the Polygon blockchain. At first, he noted that the stolen amount was around $520,000. However, follow-up updates from Bubblemaps and Lookonchain explained that the actual amount might have surpassed $600,000. 2/ @zachxbt was the first to share the exploit and identify that it was a Polymarket UMA CTF adapter contract. The attacker has already split the funds across 15 addresses. More updates soon. Attacker address: https://t.co/G9sNVvunkT — Bubblemaps (@bubblemaps) May 22, 2026 The attacker split the funds across 15 addresses after exploiting Polymarket’s UMA CFT adapter contract. Polymarket’s Shantikiran Chanal acknowledged the attack on X, saying that the team is “aware of the security reports linked to rewards payout” before adding that “user funds and market resolutions are safe.” Chanal also explained that the team is investigating whether any other internal secrets may have been affected and that they are rotating their backend services. The post Polymarket Admin Wallet Exploited on Polygon, Says ZachXBT appeared first on CryptoPotato .













































