4 hours ago
Welcome to The Protocol, CoinDesk's play wrapper of the astir important stories successful cryptocurrency tech development. I’m Margaux Nijkerk, a newsman astatine CoinDesk.
In this issue:
- SwissBorg’s SOL Earn Wallet Exploited for $41.5M After Partner's API Is Compromised
- Ledger CTO Warns of NPM Supply-Chain Attack Hitting 1B+ Downloads
- Backpack Opens Regulated Perpetuals Exchange successful Europe After FTX EU Acquisition
- Polygon PoS Sees Transaction Finality Lag, Patch successful Progress
Network News
SWISSBORG’S SOL EARN WALLET EXPLOITED: Crypto speech SwissBorg said astir 192,600 SOL ($41.5 million) was stolen from an outer wallet utilized exclusively for its SOL Earn strategy. The exploit stemmed from a partner's compromised exertion programming interface (API), a mechanics that allows bundle systems to pass with 1 another, affecting a azygous counterparty, the speech said in a station connected X. It was not a hack of the SwissBorg platform. The nonaccomplishment affected less than 1% of users and represented astir 2% of SwissBorg’s full assets, the steadfast said. All different funds and strategies stay secure, and idiosyncratic balances wrong the SwissBorg app are unaffected. SOL Earn redemptions are paused portion betterment efforts proceed. SwissBorg says it volition screen immoderate shortfall, ensuring nary idiosyncratic losses. The institution is moving with white-hat hackers, information firms and instrumentality enforcement to retrieve the funds. A afloat incidental study volition travel erstwhile investigations conclude. This exploit arrives amid a crisp emergence successful crypto thefts, with implicit $2.17 cardinal already stolen successful 2025. — Shaurya Malwa Read more.
LEDGER CTO WARNS OF PNM ATTACK: Charles Guillemet, the main exertion serviceman astatine hardware wallet shaper Ledger, warned connected X that a large-scale proviso concatenation onslaught was underway aft a reputable developer’s Node Package Manager (NPM) relationship was compromised. According to Guillemet, the malicious codification — already pushed into packages with implicit 1 cardinal downloads — is designed to silently swap crypto wallet addresses successful transactions. That means unsuspecting users could nonstop funds straight to the attacker without realizing it. Guillemet did not sanction the developer whose relationship helium said was compromised. The incidental underscores however profoundly interconnected open-source bundle is and wherefore information lapses successful developer tools tin ripple into the crypto system astir instantly. A time later, Guillemet shared that astir zero crypto users had been affected by the hack. “NPM is simply a instrumentality commonly utilized successful bundle improvement utilizing JavaScript, which makes integrating packages casual for developers,” said Guillemet successful a connection to CoinDesk. When an attacker compromises a developer’s account, they tin gaffe malicious codification into wide utilized packages. “The malicious codification attempts to drain users by swapping addresses utilized successful transaction oregon wide on-chain enactment and replacing them with the hacker’s address,” Guillemet added. — Margaux Nijkerk Read more.
BACKPACK EU GOES LIVE FOLLOWING FTX EU ACQUISITION: Backpack Exchange, a planetary cryptocurrency trading platform, said its European division, Backpack EU, is officially live. Operating retired of Cyprus and licensed nether the European Union’s MiFID II framework, the speech is positioning itself arsenic 1 of the archetypal afloat regulated venues successful Europe to connection crypto derivatives, starting with perpetual futures. “As acold arsenic I'm aware, it's conscionable going to beryllium america and Kraken” successful Europe offering perpetual futures, Armani Ferrante, the CEO of Backpack, said successful an interrogation with CoinDesk. The debut follows Backpack’s acquisition of FTX EU earlier this year. In January, the FTX bankruptcy property said the merchantability of FTX EU to Backpack was not authorized. Since then, the contented has been resolved and in April the speech began distributing funds to erstwhile FTX EU customers, fulfilling their pledge to compensate users affected by the illness of Sam Bankman-Fried’s crypto empire. Backpack EU volition supply users entree to implicit 40 trading pairs with up to 10x leverage, the squad said successful a statement. The level says it aims to springiness some retail and organization traders a compliant gateway to precocious crypto trading products. The rollout besides highlights Backpack’s broader strategy of rebuilding spot successful integer assets pursuing a drawstring of speech failures. — Margaux Nijkerk Read more.
POLYGON POS CHAIN EXPERIENCES FINALITY LAG: Polygon’s proof-of-stake concatenation is live, but transactions are taking longer than accustomed to fastener in, with finality moving 10–15 minutes down schedule. Finality is the assurance that a transaction oregon portion of information is irreversible erstwhile confirmed and added to a artifact successful the blockchain. The instauration said in an X post that a hole has been identified and is being rolled retired to validators and work providers. The slowdown was tied to issues connected immoderate Bor/Erigon nodes and RPC providers, according to Polygon’s presumption page. Node restarts resolved the occupation for galore validators, portion others had to rewind to the past finalized artifact earlier resyncing, a presumption leafage shared. The disruption comes weeks aft Polygon’s Heimdall v2 upgrade promised 5-second finality done a modernized statement stack. – Shaurya Malwa Read more.
In Other News
- World Liberty Financial (WLFI), the crypto protocol linked to Donald Trump and his family, blacklisted Tron laminitis and cardinal capitalist Justin Sun's blockchain address, preventing him transferring WLFI tokens. The determination affects 595 cardinal unlocked WLFI tokens held connected the address, worthy astir $107 cardinal astatine existent prices, according to Arkham data. The enactment followed the Sun-linked code making respective outbound transactions of WLFI tokens connected the Ethereum blockchain — including 1 for $9 cardinal worthy of the tokens — blockchain information shows. Sun, successful a translated station connected X, said that the "address lone conducted a fewer generic speech deposit tests, with precise debased amounts, and past created code dispersion, without involving immoderate buying oregon selling, which could not perchance person immoderate interaction connected the market." In a aboriginal connection Sun urged the WLFI squad to unblock his tokens. — Sam Reynolds Read more.
- Decentralized concern protocol Ethena submitted a proposal to contented Hyperliquid's forthcoming stablecoin, joining a bidding contention that has already attracted companies including Paxos, Sky, Frax and Agora. The token would beryllium afloat backed by Ethena's USDtb, a stablecoin issued with federally chartered slope Anchorage Digital and afloat backed by BUIDL, the tokenized wealth marketplace money by plus absorption elephantine BlackRock and Securitize. If adopted, Ethena pledged that 95% of nett gross from USDH reserves would travel backmost to the Hyperliquid ecosystem, the connection said. Ethena besides said it would screen the costs of migrating existing USDC trading pairs connected Hyperliquid to USDH to easiness adoption. — Kristzian Sandor Read more.
Regulatory and Policy
- Nasdaq, the U.S. speech wherever the tech sector's biggest names database their stocks, is seeking to enactment equities connected the blockchain, asking the U.S. Securities and Exchange Commission to bless its effort adjacent arsenic others successful the securities satellite are sprinting toward the aforesaid tokenization goal.If the SEC filing is approved, the speech volition fto customers take either the accepted way for trading equities oregon bash truthful on-chain with tokenized stocks — an enactment that would beryllium treated with the aforesaid precedence arsenic the bequest method. The determination by Nasdaq follows an effort by integer brokerage Robinhood to issue banal tokens for European customers successful July, giving entree to immoderate 200 U.S. stocks and exchange-traded funds (ETFs). Bringing equities and different real-world assets onto blockchain rails has been among the astir sizzling of the digital-asset world's innovations, and the contention has been increasing fierce for some accepted concern names and crypto natives to marque moves. — Jesse Hamilton Read more.
- President Donald Trump's new crypto guy, Patrick Witt, is picking up the baton from his predecessor, Bo Hines, successful goading lawmakers to decorativeness sweeping U.S. crypto policies and pushing regulators to enactment the caller stablecoin instrumentality into practice, helium said successful an interrogation with CoinDesk. Working nether the administration's crypto czar, David Sacks, Witt is the caller constituent of interaction for crypto matters successful the White House aft the little tenure of his predecessor, who went connected to enactment for stablecoin elephantine Tether. While Hines saw the conversion of Congress' stablecoin effort into instrumentality and was capable to be the White House ceremonial to cement it, helium near soon after, leaving a lengthy crypto to-do database for Witt."There's nary driblet disconnected here," said Witt, who was elevated to the occupation past month, conscionable 2 weeks aft the medication issued its wide-reaching strategy study for tackling U.S. crypto policy. "We're keeping the pedal to the metallic with each of the antithetic initiatives connected the legislative beforehand and the interagency actions recommended successful the report." — Jesse Hamilton Read more.
Calendar
- Sept. 22-28: Korea Blockchain Week, Seoul
- Oct. 1-2: Token2049, Singapore
- Oct. 13-15: Digital Asset Summit, London
- Oct. 16-17: European Blockchain Convention, Barcelona
- Nov. 17-22: Devconnect, Buenos Aires
- Dec. 11-13: Solana Breakpoint, Abu Dhabi
- Feb. 10-12, 2026: Consensus, Hong Kong
- Mar. 30-Apr. 2: EthCC, Cannes
- May 5-7, 2026: Consensus, Miami
English (US) 