SecondFi Plans Two-Week Recovery After 16M ADA Cardano Wallet Exploit

The Breach and Root Cause

SecondFi traced the incident to an address-level issue in its Cardano web wallet generation software that exposed users' private keys. The vulnerability allowed malicious actors to drain funds from affected wallets. The company also secured roughly 129 million ADA through emergency measures and transferred the funds to an independent third-party custodian for safekeeping during the recovery process.

Recovery Timeline and Process

SecondFi established a recovery pathway for affected users with a clear two-week window. The coming week will focus on building the solution, followed by another week of testing before asset returns begin. The company said no recovery actions requiring user participation have begun, meaning affected users should wait for official communications rather than responding to unsolicited messages.

This matters because SecondFi warned that malicious actors are circulating fraudulent messages impersonating the wallet while its recovery effort is underway. Users should verify any recovery communications directly through official SecondFi channels.

Outstanding Details

SecondFi has not yet published a comprehensive post-mortem detailing the full vulnerability or how the exploit was carried out. Phillip Pon, CEO of SecondFi developer Emurgo, has guided the public response but deeper technical analysis remains pending. The absence of a full post-mortem leaves questions about whether similar vulnerabilities exist in other systems or if additional safeguards are needed.