The Solana-based perpetuals exchange will issue burn-on-redeem recovery tokens funded by exchange revenue, a $127.5M Tether commitment, and another $20M from partners.
Drift Protocol on Tuesday published its user recovery plan for the April 1 exploit, laying out a token-based framework backed by exchange revenue, a Tether-led capital commitment, and partner contributions, with the Solana perpetuals exchange targeting a Q2 2026 relaunch.
The blueprint follows the drain of Drift’s vaults that forensic firm Mandiant has now confirmed was the work of a DPRK-affiliated threat actor. Drift puts total user losses at $295.4 million.
Recovery Token Mechanics
Every affected wallet will receive transferable SPL tokens, separate from the DRIFT governance token, with each unit representing $1 of verified loss. The recovery pool will be seeded with the protocol’s roughly $3.8 million in remaining assets, converted to USDT, and then topped up through three streams: a quarterly cut of exchange revenue, up to $127.5 million from Tether’s earlier commitment, and up to $20 million from strategic partners.
Redemption opens once the pool exceeds $5 million, with the price set by total fund value divided by outstanding supply. Redemptions are burn-on-redeem and one-time only, meaning users who cash out before the pool reaches the full $295.4M forfeit any further claim. Unclaimed tokens at the end of the claim window are burned, lifting the redemption value for remaining holders.
User balances were snapshotted at 18:31:47 UTC on April 1, with oracle prices taken from 16:06:00 UTC, before the attack distorted markets. The roughly $20 million insurance fund, which was untouched, will be subject to a separate DAO vote on whether it pays out to depositors or rolls into the recovery pool.
Funds Status and Bounty
Roughly 130,259 ETH, worth around $293 million, remains concentrated in four attacker-controlled wallets that have been flagged across exchanges. Two Wormhole transfers covering 59.37 WBTC and 557.90 WETH have been delayed by the bridge’s Governor until late July, while 3.36M USDC has been frozen on Circle’s CCTP, a process the issuer was previously sued over for not acting faster on the day of the exploit. Drift, working with ZeroShadow and Mandiant, has also offered a 10% whitehat bounty in collaboration with Bybit.
Planned Relaunch
When Drift comes back online, it will be a leaner, perps-only venue settled in USDT rather than USDC. The protocol is removing the durable-nonce attack surface central to the April 1 breach, deploying a fresh program with rotated keys, and shutting down ancillary products, including Isolated Markets and Amplify. Mainnet deployment will require instruction-level audits, time-locked admin actions, and review under Solana’s STRIDE program.
This article was written with the assistance of AI workflows. All our stories are curated, edited and fact-checked by a human.
