zkLend opens recovery portal for users after $9.6M exploit

Zklend officially launched its recovery portal, allowing users affected by the feat of the platform on February 12 to claim their lost funds.

The decentralized loan protocol announcement Activating the portal on an article on March 5 on X, advising users to check communications via official channels before accessing their complaints. The feat drained $ 9.6 million from Zklend pools, which prompted the platform to stop withdrawals and investigate the violation.

Shortly after the hack, the Blockchain Cyvers security company reported that the stolen funds were punctuated in Ethereum (Ethn) network. The pirate tried to whiten the funds via Railgun, a confidentiality protocol. However, Railgun’s internal policies have forced the return of stolen assets to the original Pirate address.

After the attack, Zklend tried to negotiate with the pirate, offering a bonus of 10% “white hat” in exchange for the return of the remaining 3,300 ethors. The funds were not recovered despite a deadline of February 14. To find the stolen funds, Zklend called on the application of laws and the main experts of Binance Security, Starkware and the Starknet Foundation.

On February 20, Zklend detailed his recovery plan. Deposits in unconnected pools would be fully reimbursed, while affected users would receive partial compensation and a complaint position in the Zklend recovery pool. Withdrawals should start two weeks after an audit of the complaint portal.

Experts examining the incident suggest that hacking was not due to a failure of the Starknet proof system, but rather a flaw in contractual logic. The pirat highlights the prevail problems with the safety of smart contracts in the DEFI industry.

Although the recovery portal provides an operating path for the users concerned, the complete management of Zklend’s feat will be closely awaiting the platform to rebuild confidence.