hodler

5 May 2026, 09:13

Binance announces online event with global market leaders

Binance has announced a global virtual event titled Binance online, scheduled for May 13 at 11:00 AM UTC. The event will run for more than four hours and will feature guests from institutional finance, blockchain infrastructure, and digital asset markets. According to the announcement, the event will include discussion groups, interviews, and community-focused topics to examine how digital assets connect with existing financial systems. The speaker lineup includes figures from multiple sectors, showing the growing interaction between traditional finance and blockchain-based platforms. However, the topics expected at the event include stablecoins as cross-border payment tools, the integration of artificial intelligence and financial services, and the growing role of crypto in global finance. Binance confirmed that one session will feature an additional guest, whose identity has not yet been disclosed. Binance online event programming and institutional participation The Binance online event brings together participants from crypto-native companies and traditional financial organizations. The presence of senior executives from global finance points to continued institutional engagement with digital assets. The agenda reports that the discussions will focus on infrastructure, tokenized financial products, and market development. Yi He, co-CEO of Binance, added that the event will explore industry scaling and develop operational applications. The exchange also verified that the interaction with the live audience would occur throughout the program. Additionally, the event will include $10,000 in giveaways distributed across different segments. The initiative extends beyond programming. Binance stated that proceeds from the event will support education-focused initiatives. According to the announcement, $35,000 will be directed to the University of Zurich’s Blockchain Center. Another $15,000 will be allocated to Geeks Academy in Kyrgyzstan to expand access to blockchain education. Security measures introduced alongside Binance online event Alongside the Binance online announcement, Binance introduced a new security feature to address the risk of physical coercion. Binance stated that users can enable its Withdraw Protection feature directly from account settings, allowing them to block all on-chain withdrawals for a chosen period of one to seven days, with a default duration of 48 hours. Once activated, the feature applies a full lockdown that cannot be overridden, including by the account holder, ensuring that funds remain inaccessible during the selected window. However, Binance added that users who prefer more control can activate an option to unlock the account early. This process requires verification via a security key and an authenticator app, and may also include an additional confirmation step sent to a separate phone number or email address. During the lockdown period, the rest of the account continues to function normally. Users can still trade, hold assets, and manage positions without interruption, while only withdrawals remain restricted. Binance explained that this feature is designed to work alongside existing protections such as multi-factor authentication, withdrawal whitelists, anti-phishing codes, and passkeys, with a specific focus on reducing risks linked to physical coercion. The company stated that its current protections already address digital threats such as phishing, SIM swaps, and unauthorized access. However, the new feature centers specifically on scenarios involving in-person pressure to transfer funds. Binance explained that once activated, the withdrawal protection prevents any transfer, including those initiated by the account holder. This release follows data from blockchain analytics firm CertiK, which reported a 75% increase in attacks involving physical threats in 2025. Authorities in France also confirmed investigations into 88 individuals linked to incidents involving kidnappings and extortion targeting crypto holders. The smartest crypto minds already read our newsletter. Want in? Join them .

5 May 2026, 09:06

KelpDAO hack exposes weak spots in Web3 security

The KelpDAO hack showed several fault lines in Web3 security. The biggest problem was blockchains flawlessly executing transactions that were based on flawed data. Web3 security is still at the forefront, as a way to rebuild trust in DeFi protocols. The KelpDAO hack had lasting repercussions for DeFi lending and raised issues on ramping up Web3 security. DeFi hacks reached a one-year high in April, opening up a discussion on Web3 risks and better ways to intercept hacks. | Source: DeFiLlama . The recent wave of hacks in April may make apps reassess the way they access data and permit transactions. Similar hacks continued in May, with $930K lost in the month to date. Recently, Bisq Protocol lost $858K based on flawed protocol logic and a fake client attack, according to DeFiLlama data . Web3 apps have a data verification problem According to Victor Fei of Ormilabs, the KelpDAO hack is a clear example of how an application can continue working, even if the blockchain state does not correspond to the data. Fei explained that applications do not always refer back to the blockchain directly. Instead, they rely on intermediaries such as RPC nodes, instead of raw on-chain data. This is a requirement for Ethereum and other older chains, which are no longer viable to access directly for most apps. With a limited source of data, a bridge can only rely on a small set of RPC nodes. When some sources are compromised or unavailable, the app may operate on bad data, while the underlying chain will still count the transactions as valid. Most modern Web3 apps do not access the chain directly, but rely on some forms of indexing to fetch relevant information. The indexing can display flawed data or become a direct vector of attack. The KelpDAO exploit revealed this vulnerability in full. The verification process trusted a limited number of RPC sources, and attackers hijacked some of those sources. With a flawed data layer, the blockchain processed the transactions as usual and spent real coins in exchange for a fake balance. The problem becomes even more serious if AI agents are allowed to act based on a limited and potentially flawed data layer. What can increase Web3 security? The biggest flaw in the KelpDAO, Drift Protocol , and other recent hacks is the speed of execution. Most of the transactions happened immediately and were finalized in the next block, with no cooldown period or extra checks. Web3 has advertised its ability for fast permissionless transactions, but it also allows bad actors to execute their heist with speed. “The future of Web3 security comes down to speed. Our data shows that hacking and laundering are fast and cheap, while teams’ response is slow and expensive,” commented Vladyslav Syrotin, Head of Investigations at Global Ledger to Cryptopolitan. Syrotin believes Web3 projects should lower their time-to-detection to catch unusual outflows, sudden liquidity drops, or suspicious smart contract calls. According to Syrotin, alerts and blocks should be automated within one second after an attack, and victim reports and data labeling should be ready within 10 minutes. Currently, it takes hours or days to tally the total losses and track down the wallet clusters of the attackers. Syrotin added that even a slower time frame, with 30-second alerts and labeling in four hours, can help prevent around half of the incidents and cut losses. If you're reading this, you’re already ahead. Stay there with our newsletter .

5 May 2026, 08:30

Hut 8 Taps Falconx for $200M Facility, Drops Rate to 7% and Boosts BTC Access

Hut 8 Corp. has entered into a $200 million, 364-day bitcoin-backed credit facility with Falconx, replacing its previous arrangement with Coinbase Credit. Key Takeaways: Hut 8 secured a $200 million credit facility with Falconx at 7.0%, replacing its prior Coinbase agreement. The deal unencumbered 3,300 bitcoin worth $260 million on May 1, 2026, signaling lower

5 May 2026, 07:00

Crypto Firms In South Korea Raise Concerns Over AML Crackdown: Report

South Korean courts have been stepping in to block a wave of regulatory sanctions against the country’s biggest crypto exchanges — and now the industry is taking its fight to the rulemaking process itself. Industry Body Warns Of Reporting Overload The Digital Asset eXchange Alliance, known as DAXA, submitted formal comments opposing proposed changes to South Korea’s anti-money laundering framework. The group speaks for 27 registered virtual asset service providers, including the five largest exchanges in the country: Upbit, Bithumb, Coinone, Korbit, and Gopax. At the center of the dispute is a rule that would require exchanges to flag every overseas crypto transfer worth 10 million Korean won — roughly $6,800 — as a suspicious transaction, regardless of whether the transfer shows any sign of wrongdoing. DAXA says the math doesn’t work. Reports from South Korea’s five major platforms totaled around 63,000 suspicious transaction cases last year. Under the new rule, that number would climb to more than 5.4 million annually — an 85-fold increase. The alliance argues the volume would make meaningful compliance nearly impossible. DAXA also pushed back on a separate requirement to verify the accuracy of customer data, saying it goes beyond what the underlying law actually requires. The Financial Services Commission and the Financial Intelligence Unit jointly put forward the amendments on March 30. A public comment window runs through May 11, with final rules expected in July after regulatory and legal review. Three Exchanges Win Temporary Court Relief The proposed rule changes come as multiple exchanges are already battling sanctions tied to existing AML requirements. Upbit’s parent company, Dunamu, won a first-instance court ruling on April 9 that canceled a three-month partial business suspension. The sanction had been linked to alleged failures in customer due diligence and transactions with unregistered foreign platforms. Regulators appealed that decision on April 30, according to Yonhap News Agency. Bithumb followed a similar path. The Seoul Administrative Court agreed to pause enforcement of a six-month partial suspension while the main case works its way through the system. That sanction stemmed from an inspection conducted by the Financial Intelligence Unit that found alleged violations of South Korea’s Financial Information Act. Coinone faces both a three-month partial suspension and a fine of 5.2 billion won over AML-related failures. It too received a temporary halt on enforcement after filing a legal challenge. Exchanges And Regulators On Collision Course The pattern is hard to miss. South Korean authorities have been pushing harder on crypto AML enforcement, and the industry has been pushing back — in comment letters, in court, and through its trade group. The outcome of both the rulemaking process and the pending legal cases could shape how crypto compliance works across one of Asia’s most active digital asset markets. Featured image from Nathan Benn/Getty Images , chart from TradingView

5 May 2026, 06:57

ZachXBT Targets Lesser-Known DEX in Fresh Allegations Over Illicit Crypto Flows

Blockchain investigator ZachXBT has built a reputation for repeatedly calling out crypto platforms and entities he believes are involved in suspicious or illegal activity. In his latest allegation, he has turned attention to Tokenlon, a relatively lesser-known decentralized exchange with around 17,000 followers on X. Tokenlon Draws Scrutiny ZachXBT has alleged that a large share of trading activity on decentralized exchange Tokenlon may be tied to illicit sources. These include romance scams, human trafficking, investment fraud, and underground markets in China. He also mentioned Tokenlon’s co-founder, Ben He Bin, and suggested that possible future actions could be taken against Tokenlon and ImToken. In addition, the investigator also pointed to other platforms which he believes are connected to illegal fund flows, such as Butter Network, HiFiSwap, Bridgers/SWFT, and Tokenlon, calling for them to be prioritized for enforcement attention. A user shared that their friend’s mother was scammed out of 270 ETH, and the funds were reportedly sent to Tokenlon. In response, ZachXBT said he has seen many similar cases from victims. Although the platform presents itself as decentralized, he claimed that it does not fully function as one in practice. In response, Tokenlon acknowledged that it is aware of the discussions regarding illicit funds on-chain and their interaction with decentralized protocols and asserted that it does not custody user funds, while adding that transactions are publicly traceable on-chain. It maintained that it “absolutely does not facilitate crime.” “We recognize that permissionless infrastructure can be exploited. Combating this requires a “unified defense” across wallets, security firms, and law enforcement.” Decentralization Claims Questioned Interestingly, ZachXBT cited a 2022 report by Cryptoforensic Investigators, which questioned Tokenlon’s decentralization claims. It explained that while platforms like Uniswap and 1inch operate fully through immutable smart contracts, Tokenlon behaves differently in practice. The report said Tokenlon, linked to the imToken wallet and imToken PTE Ltd., allows users to swap Bitcoin through its “imBTC DApp.” According to its analysis, this setup resembles a centralized OTC service rather than a true decentralized exchange. It described a process where BTC is sent to Tokenlon-controlled wallets, recorded off-chain in their system, and later converted into imBTC before being swapped for USDT. The report further alleged that imBTC functions like a centralized asset pegged to Bitcoin, with Tokenlon retaining custody of the underlying BTC, similar to how stablecoin issuers manage reserves. Additionally, a 53-page working paper titled “How Do Crypto Flows Finance Slavery? The Economics of Pig Butchering,” first posted on 28 March 2024, also found that around 57-60% of all Tokenlon swaps during 2022-23 involved addresses linked to scam networks. It claimed that victim funds in ETH or USDC often pass through Tokenlon and are later converted into USDT or DAI before reaching centralized deposit accounts. The post ZachXBT Targets Lesser-Known DEX in Fresh Allegations Over Illicit Crypto Flows appeared first on CryptoPotato .

5 May 2026, 06:00

Solana Co-Founder Warns AI Could Break Post-Quantum Crypto Schemes

Solana co-founder Anatoly Yakovenko has warned that the most pressing risk around post-quantum cryptography may not be quantum computers themselves, but the possibility that AI could expose weaknesses in the signature schemes designed to defend against them. His comments add a sharper edge to Solana’s recent quantum-readiness push, which has centered on Falcon signatures, migration planning and wallet-level resilience. The exchange began after developer Dean Little highlighted progress on a Solana Falcon implementation, saying version “0.1.2 now costs just ~173–183k CUs to verify,” with Lean and Kani proofs expected next. That prompted Yakovenko to suggest deeper native support inside Solana’s transaction architecture, writing : “Syscall to lift PDA is_signer to the transaction processor, charge fees to valid signers at the end of the block. Make it so, pls.” Solana’s Post-Quantum Plan Gets New Scrutiny The more consequential remark came shortly after, when Yakovenko framed the problem less as a simple migration from today’s cryptography to post-quantum signatures, and more as a security-design issue with unresolved unknowns. “I think the biggest risk is that pqc signature schemes will get broken by ai,” Yakovenko wrote. “We don’t know all the implementation footguns even, let alone the math footguns. So we need to support 2/3 wallets for them. @fusewallet or ideally natively with PDAs in the tx processor.” The point is notable because Solana’s official messaging on quantum readiness has been broadly confident. In an April 27 developer post, Solana said quantum computing remains “years away” and that, if the threat materializes, migration work is “well-researched, understood, and ready to deploy.” The post described a roadmap built around continued research, adoption of a post-quantum scheme for new wallets if needed, and migration of existing wallets to the selected scheme. Solana’s current research track has converged around Falcon , a post-quantum digital signature scheme identified independently by Anza and Firedancer, two major validator client developers in the Solana ecosystem. According to Solana, both teams reached the same conclusion: the network would need a compact post-quantum signature format suited to high-throughput blockchain use. Initial implementations are already available through Firedancer and Anza repositories, while Solana argues that the transition would be manageable and should not create a meaningful performance hit. Yakovenko’s warning does not directly contradict that roadmap. It narrows the focus. Rather than questioning whether Solana can migrate to post-quantum cryptography when necessary, he is pointing to the fragility of assuming any single new cryptographic scheme will remain safe once both implementation details and mathematical assumptions are exposed to increasingly powerful AI-assisted analysis. That distinction matters for builders. The quantum-readiness debate often treats post-quantum signatures as the endpoint: once a chain can verify Falcon or a similar scheme efficiently, the network has a path forward. Yakovenko’s comments suggest the safer architecture may be one that avoids dependence on one scheme, even after migration. His preference for “2/3 different signature schemes” indicates a defense-in-depth model, where wallets or transaction processors could require threshold approval across multiple cryptographic primitives.Michael Egorov, founder of Curve Finance, asked whether “proper formal verification” might help address the concern. Yakovenko’s reply was cautious: “If we know exactly what to verify. I’d still like 2/3 different signature schemes.” That response captures the unresolved part of the debate. Formal verification can reduce implementation risk when the target properties are precisely defined. Yakovenko’s concern is that the industry may not yet know all the relevant failure modes, especially if AI systems become better at finding edge cases, deployment flaws or deeper mathematical weaknesses in post-quantum constructions. At press time, SOL traded at $84.03.