JrDies🛡

🧵How the Attacker's wALPH Was Burned “As part of the bridge incident remediation, the bridge guardians, with support from our security partners, executed an authorized recovery procedure to invalidate the unbacked wrapped ALPH held in the attacker's wallet.” The Bridge Guardians coordinated through the bridge’s multi-signature governance mechanism to temporarily upgrade the bridge’s wrapped asset contract implementation. This temporary implementation introduced functionality that allowed the attacker-controlled unbacked wALPH to be permanently burned. Immediately after execution of the burn, the contract was reverted to its original implementation. This action required approval from the full Guardian set, which is why the process took several days to organize and execute. Note that the guardians are separate and independent from each other. Alephium’s bridge wrapped asset contracts, like those used by many cross-chain bridge systems, are deployed behind upgradeable proxy contracts. This architecture allows contract implementations to be modified through Guardian-approved governance actions when required. It is important to note that the burn capability used in this remediation did not exist in the bridge’s normal operating implementation. It was introduced through a temporary governance-approved upgrade specifically to remediate the unbacked supply created by the exploit and was rolled back once the action was completed. This approach has precedent in previous DeFi security incidents. Following the pxETH exploit involving Yearn Finance, unbacked tokens were invalidated by the token issuer directly from the attacker's wallet. After the Echo Protocol incident, attacker-controlled eBTC was burned once administrative control had been recovered. The tokens burned in our case were exclusively the unbacked wALPH that remained in the attacker’s wallet at the time of the action. Any wALPH that had already left the attacker’s wallet prior to the burn was not affected. The recovery action was intentionally limited to assets that remained under the attacker’s direct control and did not affect third-party holders who acquired wALPH through ordinary market activity without involvement in the exploit. The action had no effect on assets held by legitimate users and did not affect any assets on the Alephium Layer 1 blockchain. The bridge itself remains disabled while remediation, review, and security assessment work continue.

Powfi Update 💥 Following very positive discussions with several partners, the Powfi codebase has been upgraded to support direct integrations with our $ALPH Staking Layer through a referral-based framework. How it works: Traditional B2C Workflow ▪️ A user holds ALPH ▪️ Connects their wallet to Powfi ▪️ Stakes their ALPH ▪️ User starts earning rewards New B2B2C Partner Workflow ▪️ An integration partner offers ALPH staking to its users ▪️ The yield offered is the same as staking natively on Powfi ▪️ Staking is attributed to the partner via an on-chain referral tag ▪️ ALPH is staked via the Powfi Staking Layer ▪️ The partner earns a commission One example from our recent discussions is a mining pool offering ALPH Staking to its users. Other potential integration partners include: wallets, centralized exchanges, and of course dApps. This is how the Powfi staking layer scales and maximizes locked circulating supply, strengthening $ALPH and the broader ecosystem. We'll share more updates as these conversations progress and integrations begin to materialize.

Important Reminder 🚨 There are accounts impersonating Alephium, our team, and our moderators across all social media channels. We do NOT have a ticket system or support team. Do not share your private keys with anyone, and do not click links from unverified sources. Please verify account names carefully before engaging. We will never DM you first, and all official updates will come from verified Alephium channels only. Thank you. Alephium Team.

March to Mainnet Report 29/05 🏃 The horizon is finally in sight! We have spent months engineering, testing, breaking, and refining, and we are thrilled to report that the development teams are now executing the final, critical checks. We are incredibly close to the destination, with the technical foundation rock-solid, the ecosystem primitives locked in, and a definitive mainnet announcement just around the corner. Here is the progress report from this final stretch: <Powfi (LP + Staking) Dev> 💥 Finalized rigorous security audits and successfully executed precise contract optimizations across the protocol architecture. 💥 Conducted extensive automated fuzz testing to stress-test smart contract resilience under extreme and adversarial conditions. 💥 Advanced backend stability parameters to ensure flawless coordination with upcoming dApp deployments. <Wallets & Frontend Infrastructure> ✅ Successfully deployed minor production upgrades with the official release of Desktop Wallet v3.2.2 and Mobile Wallet v2.5.0. ✅ Hardened fiat-gateway security by resolving and optimizing the Onramper signature verification flow to ensure seamless fiat-to-crypto user paths. ✅ Rectified and optimized the Desktop Wallet continuous integration (CI) release pipeline to guarantee smooth automated updates moving forward. ✅ Initiated deep-dive performance profiling to debug and significantly accelerate mobile wallet startup and initialization times for an instant user experience. We are standing at the precipice of a massive milestone for Alephium. The heavy lifting is complete, the final safety checks are passing with flying colors, and the momentum across our developer groups is undeniable. This is the moment where months of quiet production culminate into reality. Keep your notifications turned on 🔔 The announcement you have all been waiting for is approaching.

Verslag 'March to Mainnet' 29/05 🏃 De finish is eindelijk in zicht! We hebben maandenlang gewerkt aan het ontwerpen, testen, doorbreken en verfijnen, en we zijn verheugd te kunnen melden dat de ontwikkelingsteams nu de laatste, cruciale controles uitvoeren. We zijn ongelooflijk dicht bij de finish: de technische basis is ijzersterk, de basiselementen van het ecosysteem zijn vastgelegd en een definitieve aankondiging over het mainnet staat voor de deur. Hier is het voortgangs rapport van deze laatste fase: <Powfi (LP + Staking) Dev> 💥 We hebben grondige beveiligings audits afgerond en nauwkeurige contract optimalisaties uitgevoerd in de hele protocol architectuur. 💥 We hebben uitgebreide geautomatiseerde fuzz tests uitgevoerd om de veerkracht van smart contracts te testen onder extreme en vijandige omstandigheden. 💥 We hebben de stabiliteits parameters van de backend verbeterd om een vlekkeloze coördinatie met aankomende dApp implementaties te garanderen. <Wallets & Frontend infrastructuur> ✅ Kleine productie upgrades succesvol ge��mplementeerd met de officiële release van Desktop Wallet v3.2.2 en Mobiele Wallet v2.5.0. ✅ De beveiliging van de fiat gateway is versterkt door de Onramper handtekening verificatiestroom op te lossen en te optimaliseren, om naadloze fiat naar crypto gebruikerspaden te garanderen. ✅ De release pijplijn voor continue integratie (CI) van de Desktop Wallet is gecorrigeerd en geoptimaliseerd om soepele geautomatiseerde updates in de toekomst te garanderen. ✅ Er is een diepgaande prestatie profilering gestart om de opstart en initialisatie tijden van de mobiele wallet te debuggen en aanzienlijk te versnellen, voor een onmiddellijke gebruikerservaring. We staan aan de vooravond van een enorme mijlpaal voor Alephium. Het zware werk is voltooid, de laatste veiligheidscontroles worden met vlag en wimpel doorstaan en het momentum binnen onze ontwikkelaarsgroepen is onmiskenbaar. Dit is het moment waarop maanden van stille productie hun vruchten afwerpen. Houd je meldingen ingeschakeld 🔔 De aankondiging waar jullie allemaal op hebben gewacht, komt eraan.❤️ $ALPH #POWFI