Following the massive exploit, DriftProtocol has unveiled a detailed recovery plan to reimburse affected users.
It was one of the biggest DeFi security events this century with losses around $295 million, and the breach was linked to DPRK-affiliated threat actors.
As per the absolutely qualified announcement from the protocol, all affected users will be complemented with transferable recovery tokens based on SPL standard. You get one token for every $1 of loss that has been independently verified and this sets a standard way to measure and account the claims process over time.
The protocol does not offer users instant reimbursement, instead it uses a post-mitigation compensation scheme where the losses are tokenized and tied to a recovery pool that would be used to cover these losses as it grows gradually over time. This model is an indication of a long-term commitment to reparative justice.
We told our community we would find a path to recovery. This is that path.
Today’s update covers: how users will be compensated and how the exchange is being rebuilt.
— Drift (@DriftProtocol) May 5, 2026
Contents
Introduction of Recovery Tokens as a Core Compensating Instrument
At the very heart of the recovery strategy are, however, the recovery tokens that are distributed across all compromised wallets. These tokens represent a user’s proportional ownership of the recovery pool and can be retained or transferred, as the user desires.
Each token represents $1 of proven loss, guaranteeing total clarity and uniformity in claims. Once they earn their tokens, some users can redeem them sooner, or wait to redeem their tokens for an even larger recovery pool.
The redesign creates a trade-off, where participants can redeem their ERC20 tokens early for immediate but potentially lower returns, or hold them to gain potential compensation as the pool of funds available in which recovery occurs grows by additional funding.
More procedural information on claims and redemptions are coming in future updates as the protocol continues to hone its mechanism.
A Recovery Pool Funded with Initial and Future Capital
DriftProtocol used approximately $3.8 million in residual protocol funds from distribution to start the general recovery process. Such assets have been swapped for USDT to ensure some degree of stability for the (initial) redemptions being made.
It is expected that the recovery pool will continue to grow substantially over time. DriftProtocol dedicates a portion of the net revenue generated by the exchange to the pool on a quarterly basis. In addition, there are external financial commitments to expedite compensation processes.
Tether has also committed to co-investing alongside the deployments it makes, up to $127.5 million, and strategic partners have further pledged as much as $20 million. These combined factors could imply to make up a significant fraction of the losses, but when exactly is still undefined.
Redemptions will start when the pool exceeds a $5 million limit. Users can claim money via a formula assigned to the pool valuation at that time.
Users Are Presented Choices Of Trade-Offs By The Redemption Model
It uses a changing price based model that also keeps pace with the growth of our recovery pool. This is calculated simply as, total value of recovery pool, outstanding supply of recovery tokens.
Thus, the price of redemption will vary with the growth of capital for the pool. Those who redeem early might be worse off, while delayed redeemers will regain more of their losses.
Once the threshold is reached, users can redeem tokens at any time but this has big consequences. Redeeming early means that you lock in the current value at payout and give up the ability to claim any future gains, locking yourself out of a potential added bonus.
The burden of timing is placed on users with this framework, and they must weigh pressing liquidity needs against the expectation of greater returns to come.
Governance And Security Overhaul Affects Relaunch
DriftProtocol, meanwhile, is working on a relaunch as part of its recovery plan due for Q2 2026 which will focus again on core trading products, particularly perpetual markets. The relaunch will include far-reaching changes to ensure that the exploit doesn’t happen again.
There are some important updates such as deploying an entirely new program, generating new wallet addresses and rotating cryptographic keys to make the system more secure. A significant overhaul of the multisig governance structure will take place to open it up to more community involvement in a direction towards decentralized governance.
The other steps include the elimination of durable nonces, halting earn products and the implementation of a full operational security audit. The steps are designed to bolster defenses and restore user trust.
Most importantly, DriftProtocol makes clear that no more major decisions will be made unilaterally. Instead, DAOs voting and some governance proposals will play a more dominant role in leading the future of the platform.
Also under consideration was the Insurance Fund, which had not been affected by the exploit. Whether this rolls out will be a community governance decision, with users able to vote on whether the funds go to depositors or into the recovery pool.
Community Backlash Grows As Sense of Trust Emerges
However, their user sentiment remains largely negative: even given the comprehensive recovery plan. Affected participants have taken to social media to voice anger that the proposal does not offer enough immediate assistance.
Detractors argue recovery tokens postpone payouts and shift risk back to victims, who are left hanging with little hope of payment. There also have been wider issues around accountability as to whether those at the helm of the protocol are being held sufficiently accountable.
In response to the announcement, one user commented publicly…
In other words, victims get nothing.
And the Drift team that caused this takes no real loss.
You are wrong if you think you can walk away from this easily.@cindyleowtt
— Ruslan Rashidovich (@ruslanpersian) May 5, 2026
“In other words, victims alone lose out. And the Drift team that made this gets nothing. If you think this is what you can walk away from, then you are wrong”
That comment made to co-founder Cindy Leow captures the sentiment of many in the community being frustrated.
DriftProtocol has some work ahead of it, as trust in a broken ecosystem is hard to restore. The recovery framework provides a process-driven roadmap but is ultimately dependent not only on transparent execution but also ensuring that users are willing to stay tuned for the long duration of the recovery period.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!
