Wallet flaw drained ADA from 374 accounts; EMURGO exits Pentad
A SecondFi wallet bug let attackers drain about 16 million ADA from 374 wallets. EMURGO left Pentad to focus on fund recovery and on‑chain restitution.
A flaw in SecondFi’s wallet address‑generation code allowed attackers to drain ADA from 374 wallets, and EMURGO has stepped down from Pentad to concentrate on recovering the lost funds and pursuing an on‑chain restitution process.
On‑chain forensics traced the compromise to weak randomness in SecondFi’s key‑generation routine. The Cardano ledger processed the transactions as designed. Publicly confirmed user losses total roughly 16 million ADA, an average near 42,800 ADA per affected wallet. A broader forensic reconstruction identified a swept‑funds figure above 129 million ADA; analysts treating that figure separately from the confirmed user losses have noted the distinction. At the time of reporting the drained ADA converted roughly to $2.4 million.
EMURGO, one of Cardano’s founding organizations, announced it is stepping back from Pentad — the five‑member group coordinating treasury‑backed infrastructure funding — to focus internal resources on recovery, migration guidance for affected users and an on‑chain restitution plan. Pentad members include Input Output, the Cardano Foundation, EMURGO, Intersect and the Midnight Foundation. EMURGO did not state whether the step‑back is temporary.
Intersect administered a community‑approved Critical Integrations budget of 70 million ADA in late 2025. In May 2026 the Cardano Foundation routed a request for 23 million ADA in Year 2 support through Pentad, with the Foundation, Input Output, EMURGO and Midnight listed as co‑sponsors and Intersect as administrator. The confirmed loss of about 16 million ADA equals roughly 23% of the 70 million ADA fund and about 70% of the 23 million ADA Year‑2 request.
Cardano’s governance design in CIP‑1694 links ADA holders, delegated representatives (DReps), stake pool operators and a constitutional committee. Participation begins when a holder uses a governance‑compatible wallet. Common light‑wallet documentation shows users can delegate to a default DRep, choose another DRep, abstain, register a no‑confidence vote, withdraw rewards and connect to GovTool voting from inside the wallet. Because these governance actions start in the wallet environment, a custody compromise can affect the same user flows that carry delegation and votes.
CardanoCube’s live governance hub recorded 28 active governance actions, 379 active DReps and 3,217 votes cast over a recent 30‑day window, with 87.52 billion ADA of voting power exercised in that span. By that measure the confirmed loss represents about 0.018% of the 30‑day exercised voting power.
EMURGO has identified recovery, migration and an on‑chain restitution process as immediate priorities. If its absence from Pentad continues, the remaining members will assume EMURGO’s coordination responsibilities. Stakeholders and infrastructure teams are monitoring for wallet patches, follow‑up audits and clearer recovery procedures for affected users.
Content on BlockPort is provided for informational purposes only and does not constitute financial guidance.
We strive to ensure the accuracy and relevance of the information we share, but we do not guarantee that all content is complete, error-free, or up to date. BlockPort disclaims any liability for losses, mistakes, or actions taken based on the material found on this site.
Always conduct your own research before making financial decisions and consider consulting with a licensed advisor.
For further details, please review our Terms of Use, Privacy Policy, and Disclaimer.








