⚠️ Community Recovery Program - Phase 1 is live. We are committed to making our community whole through future protocol revenue. Recovery token distribution is online and we ask all of the affected users get them: https://t.co/uCMAtV72ta ❓ Whats next? Phase 2, and the actual

⚠️ Community Recovery Program - Phase 1 is live. We are committed to making our community whole through future protocol revenue. Recovery token distribution is online and we ask all of the affected users get them: https://t.co/uCMAtV72ta ❓ Whats next? Phase 2, and the actual

⚠️ The full technical postmortem for the USPD exploit is now live. The root cause was not contract logic, but deployment atomicity. Our forensic analysis indicates this is an industrial-scale operation: we identified ~200 other proxies on mainnet infected by the same

⚠️ The full technical postmortem for the USPD exploit is now live. The root cause was not contract logic, but deployment atomicity. Our forensic analysis indicates this is an industrial-scale operation: we identified ~200 other proxies on mainnet infected by the same

⏲️Timeline: Claim token distribution in January 2026, V2 launch targeted for Q2 2026 Read more details on: https://t.co/ACdLG8Dley Thanks for bearing with us, stay tuned to our official channels for more info 🙏

📢Community Treasury A separate treasury system governed by future token holders for protocol development, grants, and community initiatives. This treasury only receives funds after the recovery pool obligations are met.

⚠️Exclusive Holder Access⚠️ Wallet-gated Telegram group for affected holders: direct line to the team, first to know about developments, shape the future of the protocol.

There will be a Dedicated Recovery Pool: A separate recovery pool - distinct from the community treasury - will be funded from protocol revenue. Affected holder compensation is the #1 priority before any other allocation.

🚨Claim Tokens for Affected Holders🚨 ~230 affected holders will receive USPD Claim Tokens at 1:1 ratio, redeemable at a later stage. We’re committed to making our community whole.

USPD V2 - Rebuilt from Ground Up Simplified modular architecture, DeFi-compatible yield design, and privacy by default with Railgun integration. Built on what we've learned from V1.

USPD Recovery Plan As you know, USPD V1 (Beta) was exploited on December 4th, 2025 via a CPIMP deployment attack - not a smart contract flaw. Here’s how we’re making it right 👇

9/ To Our Community We are devastated that despite rigorous audits and adherence to best practices, we fell victim to this emerging and highly complex attack vector. We are doing everything in our power to recover assets.

8/ Attacker Addresses: Infector: 0x7C97313f349608f59A07C23b18Ce523A33219d83 Drainer: 0x083379BDAC3E138cb0C7210e0282fbC466A3215A We remain committed to transparency and will share a full technical post-mortem shortly. #DeFi #SecurityAlert #USPD

7/ To the Attacker: We are willing to view this as a whitehat rescue. If you return the funds (minus a standard 10% bug bounty), we will cease all law enforcement actions and consider this matter resolved. Contact us immediately on any channel you wish, or simply return 90% of

6/ Immediate Action: We are working closely with law enforcement and leading whitehat security groups. We have flagged the attacker's addresses with all major CEXs and DEXs to freeze the flow of funds.

5/ This camouflage allowed the attacker to hide in plain sight for months, bypassing verification tools and manual checks. Today, they used their hidden access to upgrade the proxy, mint ~98M USPD, drain ~232 stETH

4/ Why this was undetectable: The attacker installed a "shadow" implementation that forwarded calls to our audited, legitimate code. Crucially, they utilized event payload manipulation and storage slot spoofing to trick @etherscan into displaying the correct, audited contract as

3/ Instead, we were targeted by the highly sophisticated "CPIMP" (Clandestine Proxy In the Middle of Proxy) attack vector. On Sept 16, during deployment, an attacker front-ran our proxy initialization via a `Multicall3` transaction, silently seizing admin rights before our

2/ This was not a flaw in our smart contract logic. The USPD protocol underwent rigorous security audits by top-tier firms @NethermindEth and Resonance. Our code is fully unit-tested and adheres to strict industry standards. The logic itself remains secure.

🚨 URGENT SECURITY ALERT: USPD PROTOCOL EXPLOIT 🚨 1/ We have confirmed a critical exploit of the USPD protocol resulting in unauthorized minting and liquidity draining. Please DO NOT buy USPD. Revoke all approvals immediately.