Olivia
Online
Alephium
@alephium
The Web3 you were promised. A high-performance Layer 1 PoW network enabling scalable, easy to use and aligned crypto applications. No tradeoffs.
Switzerland
Joined September 2018
477 Following
50.8K Followers
9.1K Posts
Pinned Tweet
DEPLOYED 💥
The moment you have all been waiting for…
Just seconds ago, our Core dApp, “Powfi”, was launched on Public Testnet.
Alephium’s Unifying DeFi Layer is now open for testing.
Link below.
Bridge Update
The unauthorized wrapped ALPH held in the attacker's wallet was burned yesterday. 500,000 unbacked wrapped ALPH had already been sold on Uniswap prior to the burn. Alephium will supply the native ALPH required to back these tokens.
For users affected by the drained bridge assets, we remain committed to making them whole and are working on the best path forward.
Following the burn, the most likely path forward is now a relaunch of bridge operations. We currently believe this is the fastest, safest, and simplest solution. Once the bridge is safely restored, users would be able to redeem through the bridge as originally intended. A separate redemption process for wALPH holders remains a fallback option if needed.
The vulnerability has been fixed. We're conducting extensive review and security assessments before any relaunch, as we prioritize security over speed.
This is our most likely path, though it may evolve as reviews progress.
Full postmortem and further updates to follow.
Powfi Update 💥
Following very positive discussions with several partners, the Powfi codebase has been upgraded to support direct integrations with our $ALPH Staking Layer through a referral-based framework.
How it works:
Traditional B2C Workflow
▪️ A user holds ALPH
▪️ Connects their wallet to Powfi
▪️ Stakes their ALPH
▪️ User starts earning rewards
New B2B2C Partner Workflow
▪️ An integration partner offers ALPH staking to its users
▪️ The yield offered is the same as staking natively on Powfi
▪️ Staking is attributed to the partner via an on-chain referral tag
▪️ ALPH is staked via the Powfi Staking Layer
▪️ The partner earns a commission
One example from our recent discussions is a mining pool offering ALPH Staking to its users.
Other potential integration partners include: wallets, centralized exchanges, and of course dApps.
This is how the Powfi staking layer scales and maximizes locked circulating supply, strengthening $ALPH and the broader ecosystem.
We'll share more updates as these conversations progress and integrations begin to materialize.
Who to follow
ANyONe Protocol 
@AnyoneFDN
Privacy for any app. Powered by DePIN. Built for freedom.
Join the revolution for ANyONe.
Elmo Token
@elmo_on_eth
Everybody knows the burning meme! 🔥 Meme with a fast burning supply, utility and an AMAZING COMMUNITY!
clinq.gold
@ClinqGold
Gold Backed - Central Bank Digital Currency (GB-CBDC) system 👉 https://t.co/NBy8wi3L8p
Bridge Update
Today, we continued work across multiple recovery and investigation tracks.
▪️As part of the bridge incident remediation, the bridge guardians, with support from our security partners, executed an authorized recovery procedure to invalidate the unbacked wrapped ALPH held in the attacker's wallet. This action applied exclusively to unauthorized wrapped ALPH created through the exploit and held by the attacker. It did not affect native ALPH, legitimately backed wrapped ALPH held by users, or addresses that unknowingly acquired unbacked wrapped ALPH through trading activity following the exploit. It also did not affect the Alephium L1 consensus rules. Removing these exploit-created assets from the attacker's control is an important step in the ongoing recovery and remediation process.
▪️ We are advancing the recovery path for legitimate wrapped ALPH holders and have identified all eligible holders via snapshot.
▪️We are confirming the addresses of liquidity providers affected by the exploit, including LPs currently providing liquidity on Uniswap and PancakeSwap, as well as addresses that unknowingly traded against the attacker's transactions.
▪️We have submitted an incident report to Switzerland's National Cyber Security Centre (NCSC) and are coordinating with the relevant law enforcement authorities.
▪️We continue to work closely with @Blockaid_, @SEAL_911, and other investigation partners to trace assets and assess possible recovery opportunities.
▪️In parallel, work continues on the bridge recovery plan, technical remediation, legal and criminal investigation efforts, and the preparation of the full postmortem.
▪️Below, we have published a comprehensive on-chain analysis covering the exploit timeline, affected transactions, fund movements, and the current location of the drained assets.
Read the on-chain report here: https://t.co/dm4xGqhO6K
We will share further updates as the situation develops.
While we continue working on the full postmortem, we would like to share some additional information about the attack.
The attacker did not succeed with their first attempts. Prior to the successful exploit, multiple malicious attempts were rejected by the bridge's standard validation workflow.
Our investigation indicates that the attacker later combined the backend vulnerability with an eclipse-style attack against the P2P network. This disrupted affected full nodes and triggered a fallback workflow within the bridge backend. The vulnerable logic existed within this fallback path and was subsequently exploited.
The exploit remains fully contained. The bridge was shut down immediately after the incident was identified, and the exploit path is no longer available.
We will provide the complete technical details, timeline, and remediation measures in the full postmortem.
Bridge Update
Over the past 48 hours, the team has been working around the clock on recovery, remediation, investigation, and the future of the bridge.
With regards to legitimate wALPH and corresponding native ALPH: the exact technical implementation for recovery of funds is still being evaluated and depends on several factors. Regardless of the implementation chosen, the objective remains the same: legitimate holders will be able to recover their ALPH, while assets illegitimately created through the exploit will not benefit from the recovery process.
We continue to work with security and investigation partners to trace the drained assets and assess possible recovery opportunities and we are grateful for their ongoing support.
At the same time, we are initiating coordination with legal counsel, relevant authorities, and law enforcement regarding the incident.
Further updates will be shared throughout the week as work progresses.
P.S.
Impersonators are using additional methods, such as creating fake Alephium websites, apps, and channels.
Some are even getting golden checkmarks on their X profiles to appear credible.
Be cautious.
Important Reminder 🚨
There are accounts impersonating Alephium, our team, and our moderators across all social media channels.
We do NOT have a ticket system or support team.
Do not share your private keys with anyone, and do not click links from unverified sources.
Please verify account names carefully before engaging.
We will never DM you first, and all official updates will come from verified Alephium channels only.
Thank you.
Alephium Team.
@0xGeeGee It was not a key compromise.
Full Postmortem to be released.
@vesajoki We will bounce back! Thank you, and all the incredible community, for the ongoing support.
A sincere thank you to the @blockaid_ team for being the first to detect the exploit and for their support throughout the investigation.
We would also like to thank the @SEAL_911 team for their assistance and responsiveness during the incident.
The collaboration and professionalism shown by both teams have been invaluable as we work through this situation.
Based on additional information from our investigation and the Alephium team's analysis, the exploit does not appear to have involved a compromise of guardian private keys. Instead, it appears to have involved an exploit that allowed forged malicious events/messages to be observed and signed by guardians. We look forward to the Alephium team's forthcoming postmortem for additional technical details.
The security incident was not caused by compromised guardian keys, and it was not a smart contract exploit.
It was caused by an offchain vulnerability in the bridge backend that could be triggered in specific edge cases.
The bridge has been shut down, the exploit path is no longer available, and the team is focused on recovery, remediation, and a full postmortem.
Update on the Alephium Bridge Exploit
The bridge was shut down shortly after the exploit was identified. No new bridge transactions can be initiated, and the exploit can no longer be executed.
Please withdraw your liquidity and do not swap from ALPH pools on Uniswap or PancakeSwap until further notice.
Confirmed impacts of the exploit:
1. Assets illegitimately drained from the bridge
The assets confirmed to have been drained are:
Ethereum
• 200,967 USDT
• 17,594 USDC
• 5.18 WETH
• 0.335 WBTC
BNB Chain
• 36,750 USDT
• 24.386 WBNB
The affected assets included both user funds and assets belonging to Alephium.
We are currently exploring all available options to compensate affected users. Our objective is to make affected users whole, and we are committed to working toward that outcome. We recognize that this process may take time, but supporting affected users remains a priority for the team.
2. Minting of approximately 13.7 million wrapped ALPH on Ethereum
However, ALPH held within the bridge was not drained.
Users whose ALPH remained locked in the bridge at the time of the shutdown will be able to recover their funds. We will provide a dedicated recovery process allowing affected users to reclaim their ALPH.
Because the bridge has been shut down, the attacker cannot redeem or bridge these wrapped ALPH back through the Alephium bridge. We therefore ask users not to provide liquidity to ALPH pools on Ethereum or BNB Chain, to withdraw any existing liquidity, and not to swap against these pools. Additional liquidity or trading activity would increase the attacker’s ability to realize value from the unauthorized wrapped ALPH.
The cause of the exploit has been identified. The exploit was NOT caused by a compromise of the guardian keys, contrary to some early external reports.
The team is now fully focused on recovery and remediation efforts. We are working around the clock to address the impact of this incident and support affected users.
Our next update will be shared on Monday. Throughout next week, we will provide additional information regarding the recovery process for users with ALPH locked in the bridge, further details on the exploit and its cause, and a comprehensive postmortem.
We sincerely thank our community for its patience and support while we work through this situation.
Update on the Alephium Bridge Exploit
The bridge was shut down shortly after the exploit was identified. No new bridge transactions can be initiated, and the exploit can no longer be executed.
Please withdraw your liquidity and do not swap from ALPH pools on Uniswap or PancakeSwap until further notice.
Confirmed impacts of the exploit:
1. Assets illegitimately drained from the bridge
The assets confirmed to have been drained are:
Ethereum
• 200,967 USDT
• 17,594 USDC
• 5.18 WETH
• 0.335 WBTC
BNB Chain
• 36,750 USDT
• 24.386 WBNB
The affected assets included both user funds and assets belonging to Alephium.
We are currently exploring all available options to compensate affected users. Our objective is to make affected users whole, and we are committed to working toward that outcome. We recognize that this process may take time, but supporting affected users remains a priority for the team.
2. Minting of approximately 13.7 million wrapped ALPH on Ethereum
However, ALPH held within the bridge was not drained.
Users whose ALPH remained locked in the bridge at the time of the shutdown will be able to recover their funds. We will provide a dedicated recovery process allowing affected users to reclaim their ALPH.
Because the bridge has been shut down, the attacker cannot redeem or bridge these wrapped ALPH back through the Alephium bridge. We therefore ask users not to provide liquidity to ALPH pools on Ethereum or BNB Chain, to withdraw any existing liquidity, and not to swap against these pools. Additional liquidity or trading activity would increase the attacker’s ability to realize value from the unauthorized wrapped ALPH.
If you are currently providing liquidity to ALPH liquidity pools on Uniswap or PancakeSwap, please withdraw your liquidity until further notice.
We also strongly advise against interacting with ALPH liquidity pools while the investigation is ongoing.
Further updates will follow as more information becomes available.
We are aware of a security incident affecting the Alephium bridge.
The bridge has been shut down, and no new bridge transactions can currently be initiated. As a result, the exploit can no longer be executed through the bridge.
Based on our investigation so far, the issue appears to involve malicious event emission, not a key compromise. The full scope and impact of the incident are still being assessed, and our understanding may evolve as additional information becomes available.
The team is actively investigating the incident and assessing its scope.
We appreciate your patience as we work through this evolving situation and will share further updates as soon as additional information has been confirmed.
We are aware of a security incident affecting the Alephium bridge.
The bridge has been shut down, and no new bridge transactions can currently be initiated. As a result, the exploit can no longer be executed through the bridge.
Based on our investigation so far, the issue appears to involve malicious event emission, not a key compromise. The full scope and impact of the incident are still being assessed, and our understanding may evolve as additional information becomes available.
The team is actively investigating the incident and assessing its scope.
We appreciate your patience as we work through this evolving situation and will share further updates as soon as additional information has been confirmed.
We’ve built RalphStudio Developer Platform 🚀
A developer infra layer for blockchain nodes and APIs built for fast, reliable access without node complexity.
We’re rolling out the developer portal:
👉 https://t.co/gE49B5FKJ6
Docs are actively being expanded.
@Vladcostea Because the PoW maxis and cypherpunks want to build their DeFi primitives and innovations on a much more flexible chain with a more expressive language.
↖️ like this one
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers