# 0x35 Web3 Security Bulletin *Security intelligence for Web3, digital asset infrastructure, and the capital shaping the industry.* By [W3SB](https://paragraph.com/@w3sb) · 2026-05-29 web3, security, cybersecurity, hacks, exploits, regulations --- **TL;DR** * **DeFi’s AI-security anxiety is getting louder:** OpenZeppelin co-founder Manuel Aráoz said he now treats all of DeFi as unsafe because coding agents are getting very good at finding smart-contract bugs. OpenZeppelin pushed back, and others noted recent losses still look more like operational failures than novel contract logic. * **Compliance is becoming an engineering problem:** Chainalysis and Elliptic both point to the same gap: crypto firms still over-focus on direct wallet hits while under-investing in counterparty risk, sanctions refresh cadence, travel-rule data quality, and alert triage. * **Stablecoins keep moving toward the TradFi banking stack:** SoFi launched SoFiUSD on Ethereum and Solana, while the FDIC proposed BSA and sanctions compliance rules for permitted payment stablecoin issuers under the GENIUS Act. * **Tokenized assets are getting more institutional:** Aptos and Archax are bringing 100+ tokenized real-world assets onchain. The hard part will not be chain throughput; it will be issuance, redemption, oracle integrity, and permissioned transfer controls. * **Echo Protocol is the headline loss:** A compromised admin key was used to mint about $76.7M in unbacked eBTC, then swap and bridge it out. Once again, the exploit reads less like a clever DeFi primitive bug and more like failed mint-authority control. * **The week’s smaller incidents:** RetoSwap lost about $2.7M through Haveno multisig ACK spoofing, StablR depegged after a suspected $2.8M+ mint exploit, and Polymarket lost roughly $573K-$700K from an internal operational wallet tied to an old private key. * **Capital is flowing into trust infrastructure:** Didit raised $7.5M for identity and fraud APIs, Squid raised $6M for cross-chain routing, Blocknative joined Deloitte, and Zama acquired TokenOps for confidential token distributions and vesting. * **The research corner gets darker:** New work on deniable covert asset transfers shows how staged MEV can hide value movement inside ordinary-looking DeFi activity; while smart-contract security research keeps pushing beyond detection toward semantics, repair, robustness, and real-time monitoring. [Subscribe](https://paragraph.com/@w3sb/subscribe) Current Outlook =============== The story has become less about any single exploit and more about the shape of the system around it. The incidents still matter, but the patterns match the need for holistic security. Web3 is becoming a control-design problem across protocols, wallets, agents, stablecoins, compliance systems, and operational infrastructure. It has moved out of the narrow “smart contract bug” frame and into a broader problem set. The exploit data still matters. Wasabi, Ekubo, TAC, Verus, THORChain, Transit, TrustedVolumes, Echo Protocol, RetoSwap, StablR, and Polymarket all point to the same operational reality: losses are not coming from one failure class. They are coming from admin keys, bridge logic, deprecated contracts, wallet setup flows, mint authority, authorization checks, third-party dependencies, and weak separation between operational funds and user funds. SlowMist’s 2026 figures show the industry has incurred roughly $80M additional losses over the past four weeks. This follows April 2026 losses of over $600M, which pointed toward the largest losses ever in a single month for DeFi. AI is making that problem harder, not simpler. MCP risk, AI-assisted scanners, prompt-injection attacks against agents, ExploitGym, ExploitBench, and Manuel Aráoz’s warning that coding agents are unusually good at finding smart-contract bugs all land on the same point: the asymmetry is getting worse. Defenders need comprehensive coverage. Attackers need one viable path. Vitalik’s formal verification argument offers the more constructive answer: AI does not make trustless systems impossible, but it raises the bar for smaller verified cores, better specifications, sandboxed edge systems, and continuous monitoring around the parts that cannot be fully proven. Regulation is also getting more operational. Veda’s custody argument, CLARITY Act movement, Consensys’ GENIUS Act pushback, FDIC stablecoin rulemaking, Chainalysis compliance benchmarks, and Elliptic’s screening-layer argument all show the market moving from broad policy slogans into implementation detail. The practical question is no longer whether Web3 gets regulated. It is whether firms can prove they understand indirect exposure, sanctions refresh cadence, travel-rule data quality, mint authority, reserve attestations, and counterparty risk before those gaps become either enforcement issues or exploit narratives. Capital is moving toward the same set of problems. MoonPay bought Sodot for key management. Elliptic raised $120M for on-chain intelligence. Fireblocks is pushing agentic payments. SoFi launched SoFiUSD. Aptos and Archax are bringing tokenized assets onchain. Didit raised for identity and fraud infrastructure, Zama acquired TokenOps for confidential token operations, and Blocknative joined Deloitte for transaction orchestration. Taken together, the market is funding trust infrastructure: identity, monitoring, payments, key management, regulated tokenization, and the operational plumbing around digital assets. Meanwhile, crypto neobanks raising $200M with no CISOs remains the warning shot. The money is arriving faster than the security operating model. Web3 security requires continuous control design across protocols, wallets, agents, stablecoins, bridges, compliance systems, and capital flows. The required security posture must be able to prove, programmatically, who can mint, who can move funds, what an agent can touch, how compliance alerts are triaged, where operational wallets are separated, and how the system behaves when one dependency fails. Industry Trends & Analysis ========================== **OpenZeppelin Co-founder Manuel Aráoz Calls DeFi Unsafe** Manuel Aráoz, co-founder of OpenZeppelin, posted on X that he now treats all of DeFi as unsafe. Coding agents, he argues, are unusually good at finding smart-contract bugs, while defenders must patch every flaw and attackers need only one path to move funds. [![User Avatar](https://storage.googleapis.com/papyrus_images/5621adbe56d4de4aae11d5c43e1e499468b5479123676c883aca160dcd9ed7f4.jpg)](https://twitter.com/maraoz) [Manuel Aráoz](https://twitter.com/maraoz) [@maraoz](https://twitter.com/maraoz) [](https://twitter.com/maraoz/status/2059413451265441990) PSA: I now consider \*all\* of DeFi unsafe. Coding agents are superhuman at finding vulnerabilities, and smart contract security is too asymmetric: defenders need to fix every bug while attackers need just one exploit to steal funds. [1,746](https://twitter.com/maraoz/status/2059413451265441990)[ 11:16 PM • May 26, 2026 ](https://twitter.com/maraoz/status/2059413451265441990) OpenZeppelin was quick with its own take noting that Aráoz’s left as CTO in 2019. [![User Avatar](https://storage.googleapis.com/papyrus_images/04ab5315e379a8c95425e84d386854ca135b0d14c0d4f362e825478e931fe5b5.png)](https://twitter.com/OpenZeppelin) [OpenZeppelin](https://twitter.com/OpenZeppelin) [@OpenZeppelin](https://twitter.com/OpenZeppelin) [](https://twitter.com/OpenZeppelin/status/2059662515039354972) Recent posts by Manuel Aráoz on AI and DeFi security have been widely circulated, and customers have asked whether they reflect OpenZeppelin's position. They do not. Manuel co-founded OpenZeppelin and served as the company’s CTO until 2019 when he left the company. [527](https://twitter.com/OpenZeppelin/status/2059662515039354972)[ 3:46 PM • May 27, 2026 ](https://twitter.com/OpenZeppelin/status/2059662515039354972) The Block reported the post landed the same week as key-compromise hits on Stake DAO and Polymarket. Marc Zeller and banteg pushed back, noting most recent losses trace to operational security and parameter mistakes rather than novel contract logic. ([The Block](https://www.theblock.co/post/402687/openzeppelin-founder-all-defi-unsafe)) **Chainalysis Benchmarks Crypto Compliance Blind Spots** Chainalysis released its Crypto Compliance Programs in 2026 report on how exchanges and VASPs detect indirect exposure to illicit flows. Many programs still over-index on direct wallet hits and under-invest in counterparty clustering, travel-rule data quality, and sanctions-screening refresh cadence. For security teams, the report maps where compliance tooling fails before an on-chain incident reaches public exploit trackers. ([Chainalysis](https://www.chainalysis.com/blog/crypto-compliance-program-benchmark-2026/)) **Screening, Not Headcount, Should Absorb Most Crypto Alerts** Elliptic explains that about 95% of crypto transaction monitoring alerts are operational triage, not full-blown investigations, and argues they should be resolved at the screening layer using tools like Elliptic Lens rather than pushed into expensive forensic workflows by default. By surfacing risk graphs, customer context, and AI-assisted summaries directly in the screening view, teams can clear routine alerts quickly, reserve deep investigations for complex laundering or recovery cases, and scale monitoring without linearly scaling staff costs. ([Elliptic](https://www.elliptic.co/blockchain-basics/what-is-crypto-transaction-monitoring)) Market Movements ================ **SoFi Launches SoFiUSD on Ethereum and Solana** SoFi became the first U.S. nationally chartered bank to issue a member-facing stablecoin, [SoFiUSD](https://www.sofi.com/crypto/sofiusd/), on Ethereum and Solana. The launch follows the GENIUS Act stablecoin framework and puts SoFi in the same race as other bank and fintech issuers building on-chain dollar rails. Reviewers should watch reserve attestation, mint/burn key custody, and bridge representations as the token leaves SoFi’s app. ([Crypto Briefing](https://cryptobriefing.com/sofi-first-us-bank-stablecoin-ethereum/)) **Aptos and Archax Bring 100+ Tokenized Assets Onchain** Aptos Foundation and FCA-regulated exchange Archax said more than 100 tokenized real-world assets will trade through Archax’s engine on Aptos. CryptoBriefing framed it as regulated tokenization infrastructure on a high-throughput L1. Issuance and redemption workflows, oracle feeds, and permissioned transfer rules will matter as much as chain TPS for institutional adopters. ([Crypto Briefing](https://cryptobriefing.com/aptos-archax-tokenized-assets-integration/)) Exploits & Incidents ==================== **Echo Protocol Loses $76.7M** BeInCrypto’s autopsy describes how Echo Protocol’s admin key was used to mint about $76.7M of unbacked eBTC, then swap and bridge it out. The loss reads as operational key control failure, not a novel DeFi primitive bug. Restaking and synthetic BTC wrappers stay high-value targets whenever one key can inflate supply. ([Be In Crypto](https://beincrypto.com/autopsy-of-the-echo-protocol-hack/)) **Halborn Explains RetoSwap’s Haveno multisig ACK Spoof** Halborn’s May 25 post walks through the RetoSwap hack that drained about $2.7M in Monero from users of the Haveno-based swap interface. The attacker spoofed ACK messages in Haveno’s 2-of-3 multisig trade flow, registered as an arbitrator, and redirected settlement. The flaw sits in third-party wallet setup, not RetoSwap’s own contracts. Projects bundling external wallet stacks should treat message-authentication gaps as supply-chain risk. ([Halborn](https://www.halborn.com/blog/post/explained-the-retoswap-hack-may-2026)) **StablR EURR and USDR Depeg After Suspected $2.8M Exploit** MiCA-compliant stablecoin issuer StablR lost more than $2.8M when attackers exploited a contract weakness to mint unbacked EURR and USDR, triggering a sharp depeg. [![User Avatar](https://storage.googleapis.com/papyrus_images/2739429184649a128c055d4ded7b6a0787af5b59ede62c4ed33674e81c349e02.jpg)](https://twitter.com/StablREuro) [StablR](https://twitter.com/StablREuro) [@StablREuro](https://twitter.com/StablREuro) [](https://twitter.com/StablREuro/status/2058520949075386683) Security update: We have identified an exploit affecting StablR and are actively working to contain it and minimize impact. Protecting our users and your funds is our top priority. We'll share verified details and next steps as soon as possible. [29](https://twitter.com/StablREuro/status/2058520949075386683)[ 12:10 PM • May 24, 2026 ](https://twitter.com/StablREuro/status/2058520949075386683) ZachXBT and other researchers flagged the flow on-chain. Compliance branding does not substitute for mint-authority hardening and on-chain reserve proofing. ([Crypto Briefing](https://cryptobriefing.com/stablecoin-issuer-stablr-hit-suspected-3m-smart-contract-exploit-zachxbt/)) **Polymarket Internal Top-up Wallet Drained** Polymarket’s internal operational wallet, note not user trading balances, lost roughly $573K–$700K in a private-key compromise on Polygon. ZachXBT linked suspicious flows involving Polymarket’s UMA adapter contract. Polymarket said customer funds were unaffected. [![User Avatar](https://storage.googleapis.com/papyrus_images/47082fdb3bcd4397229c7639875afadf8dfcdd7a36486d460bc6c7a01de691a3.jpg)](https://twitter.com/devjoshstevens) [Josh](https://twitter.com/devjoshstevens) [@devjoshstevens](https://twitter.com/devjoshstevens) [](https://twitter.com/devjoshstevens/status/2057768173915484505) No polymarket or UMA contracts have been exploited. All user funds are safe, and using [Polymarket.com](https://t.co/7bOD8pgjQC) is safe, so business as usual. We had a 6-year-old private key that was compromised. This was in the internal top-up config, which is why funds were being sent to it.[ ![](https://storage.googleapis.com/papyrus_images/148668a5549c005ad8fb52cf8719d5da7f86e8bbe57f2d33f6e593ca67d31e47.png) polymarket.com Polymarket | The World's Largest Prediction Market™ --------------------------------------------------- Polymarket is the world's largest prediction market, allowing you to stay informed and profit from your knowledge by trading on future events across various topics. ](https://t.co/7bOD8pgjQC) [401](https://twitter.com/devjoshstevens/status/2057768173915484505)[ 10:18 AM • May 22, 2026 ](https://twitter.com/devjoshstevens/status/2057768173915484505) Prediction-market operators still need strict separation between hot operational wallets and user escrow. ([decrypt](https://decrypt.co/368740/polymarket-hit-by-internal-top-up-wallet-exploit-700k-drained)) [SlowMist stats this week](https://hacked.slowmist.io/statistics/?c=all&d=2026) ------------------------------------------------------------------------------- Total 2026 hack events: 125 The total amount of money lost this year: $883,882,604 ![](https://storage.googleapis.com/papyrus_images/80b2f8f8b6b47e8b020bec6818140171a5586be7fc956309255ac192d1d06e92.png) ([SlowMist](https://hacked.slowmist.io/statistics/?c=all&d=2026)) Policy & Regulation =================== **FDIC Proposes Bank Secrecy Act for Stablecoin Issuers** The FDIC board approved [a notice of proposed rulemaking](https://www.fdic.gov/board/bank-secrecy-act-and-sanctions-compliance-standards-fdic-supervised-permitted-payment ) on May 22, 2026, to implement Bank Secrecy Act and sanctions compliance standards for FDIC-supervised permitted payment stablecoin issuers under the GENIUS Act. The proposal would require those issuers to follow FinCEN and OFAC AML/CFT, sanctions, and reporting rules, with supervision and enforcement aligned to FinCEN. The issuers targeted are subsidiaries of FDIC-insured state nonmember banks and state savings associations approved to mint payment stablecoins. Comments are due 60 days after Federal Register publication. ([FDIC](https://www.fdic.gov/news/press-releases/2026/fdic-board-approves-proposal-address-bank-secrecy-act-and-sanctions)) **Legislative Watch** --------------------- ![](https://storage.googleapis.com/papyrus_images/c29240c0f03ebbb8023cd2b48d9ed42a8959e4da772a24b0d280f12df8a7d05f.png) ([Polymarket](https://polymarket.com/event/clarity-act-signed-into-law-in-2026)) Capital Allocation ================== **Didit Closes $7.5M Seed for Unified Identity and Fraud API** Didit announced on May 26, 2026 that it raised $6M in a new round, bringing total funding to $7.5M, with Y Combinator, Pioneer Fund, Orange Collective, and others participating. The company pitches a single API covering KYC, KYB, transaction monitoring, and wallet screening, aimed at crypto exchanges and fintechs that otherwise stitch separate identity and fraud vendors together. Didit claims profitability, 30%+ month-over-month growth, and more than 2,000 customers, and highlights agent-driven integration via MCP-style workflows. Spain’s Treasury, CNMV, and SEPBLAC are cited as having assessed its verification tech against in-person standards. ([Didit](https://didit.me/blog/didit-7-5m-seed-infrastructure-identity-fraud/)) **Squid Raises $6M from Ripple and North Island Ventures** The Block reports on cross-chain router Squid closed $6M in strategic funding from Ripple and North Island Ventures, bringing total raise to $13.5M ahead of a consumer-facing product. Bridge and routing startups keep getting funded even as exploit losses mount elsewhere. ([The Block](https://www.theblock.co/post/402394/ripple-north-island-ventures-squid-crypto-funding)) **Blocknative Joins Deloitte** Blocknative announced its team has joined Deloitte to work on Web3 and agentic-AI infrastructure at enterprise scale. Founder Matt Cutler said the company spent nearly a decade on mempool visibility, gas estimation, transaction orchestration, and MEV-related tooling used by wallets, L2s, and DeFi teams. Production customers should plan migration now: Blocknative API services and Gas Network will keep running through June 19, 2026, then stop responding. Blocknative Corporation is winding down operations; the site notes it has not been fully updated to reflect the transition. ([Blocknative](https://www.blocknative.com/)) **Zama Acquires TokenOps for Confidential Token Vesting** Zama announced on May 20, 2026 that it acquired TokenOps, a token lifecycle platform that has handled more than $2B in distributions, vesting, and compliance workflows. The deal folds TokenOps into [Zama’s Fully Homomorphic Encryption (FHE) stack](https://github.com/zama-ai/fhevm) via the ERC-7984 confidential token standard so vesting schedules, airdrops, and recipient data can stay encrypted onchain, while issuers retain audit paths for regulators. Zama cited prior deployments including $KAIO’s institutional RWA distributions and planned confidential $ZAMA vesting on Ethereum. TokenOps will keep operating as an independent brand for issuers across chains. ([Zama](https://www.zama.org/post/zama-acquires-tokenops-confidential-compliant-token-distributions-airdrops-vesting)) Applied Research ================ **Extending Blockchain Untraceability with Plausible Deniability** Researchers propose deniable covert asset transfers via staged MEV. Park et al.’s asks whether blockchain transfers can hide inside ordinary DeFi activity, not just anonymity sets like mixers. They define Deniable Covert Asset Transfer (DCAT): staged sandwich and arbitrage flows where the sender looks like a routine MEV loser and the receiver like a routine winner. Prototypes on Ethereum and Arbitrum passed standard MEV detectors and unlinked sender/receiver in tested forensic setups. Because extreme losses follow power laws in the wild, the authors add a multivariate statistical triage method to rank suspicious cases for manual review rather than rely on fixed thresholds. ([arXiv]( https://arxiv.org/abs/2605.13132)) **Smart Contract Security Beyond Detection** Tamer Abdelaziz frames smart contract security and research agenda beyond vulnerability scanners. He groups four active directions: foundation-model semantic reasoning, automated repair with formal validation, adversarially robust ML detectors, and real-time transaction-level exploit monitoring at chain scale. The paper ties those themes to recent work on where analyzers systematically fail and on scalable malicious-Ethereum-transaction detection (TxLens). It cites CertiK’s 2025 tally of 630 Web3 incidents and about $3.35B in losses to argue detection alone is insufficient without semantics, repair, robustness, and streaming deployment constraints. ([arXiv](https://arxiv.org/abs/2605.09124)) --- *Originally published on [W3SB](https://paragraph.com/@w3sb/0x35-web3-security-bulletin)*