RHEA Finance has released a follow-up update regarding the security incident on April 16, confirming that there has been substantive progress in the asset recovery effort. As of this update, an estimated funding gap of approximately $400k still remains, mainly stemming from a combination of NEAR, USDT, and USDC in the lending market liquidity pool. RHEA Finance commits to fully cover any remaining gap to ensure that all affected users receive complete reimbursement.
Status of Asset Recovery and Remaining Funding Gap
According to RHEA Finance’s updated statement, since the last disclosure on April 17, 2026, there has been substantive progress in asset recovery. The team is actively communicating with the relevant parties to discuss the return of remaining funds. RHEA Finance estimates that there is still an approximate $400k gap, mainly made up of a combination of NEAR, USDT, and USDC, which is suspected to have been converted into ZEC.
In its statement, RHEA Finance said taking responsibility for the entirety of this loss is an “unconditional obligation to the community,” and all affected users will receive full compensation.
Law Enforcement Notifications and Ecosystem Coordination
According to the RHEA Finance statement, the cooperating parties currently being actively coordinated include: on the NEAR ecosystem side, developer community groups such as Defuse Labs, Proximity, and FastNear are helping with on-chain evidence collection, contract-level investigation, and preparation for legal responses; under the Zcash Community Grants Program (ZCGP), a member is monitoring, within technically feasible limits, the ZEC-priced fund movements related to the protected fund pool; regarding law enforcement, the relevant enforcement agencies have been notified, and external legal and investigative resources are stepping in. RHEA Finance states that, to protect the integrity of the investigation, it will not disclose further details for now.
Agreement Status: DEX Reopened, Margin Trading Permanently Suspended, Lending to Restart in May
According to the RHEA Finance statement, the RHEA DEX was not directly affected by this incident. All fraudulent token contracts and liquidity pools have been identified and removed, and the DEX was reopened several hours before the update was published. At the same time, RHEA Finance announced the permanent suspension of the margin trading functionality on the NEAR protocol, citing both the specifics of this incident and adjustments to a broader strategic direction.
For the lending agreement, RHEA Finance plans to restart in phases during the first week of May 2026. The exact schedule will depend on the status of remediation completion, verification of progress, and overall market conditions. Preconditions before restarting include: freezing and unlocking funds with verification, upgrading the smart contracts and strengthening security, deploying real-time monitoring bots, and completing a comprehensive agreement security audit with external security audit companies.
Frequently Asked Questions
How large is the remaining funding gap in this RHEA Finance update?
According to RHEA Finance’s security incident update statement, the estimated remaining funding gap is approximately $400k. It is mainly made up of a combination of NEAR, USDT, and USDC in the lending market liquidity pool, which is suspected to have been converted into ZEC. RHEA Finance commits to fully cover it and ensure that affected users receive complete reimbursement.
Which cooperating institutions are involved during RHEA Finance’s investigation?
According to RHEA Finance’s statement, the cooperating parties include Defuse Labs, Proximity, and FastNear from the NEAR ecosystem; the Zcash Community Grants Program (ZCGP); and the relevant law enforcement agencies that have been notified, with external legal and investigative resources already involved.
When will RHEA Finance’s lending business restart?
According to RHEA Finance’s statement, the lending business plan will restart in phases during the first week of May 2026. Preconditions include completing remediation, smart contract upgrades, security audits, and deploying real-time monitoring systems.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Suilend Reports Normal Operations and User Funds Safe Amid Another Protocol Attack
Suilend confirms normal market operations and secure user funds, while the team monitors another protocol's security incident and plans further updates.
Abstract: Suilend reports normal market activity and secure funds, with ongoing monitoring of a separate protocol's security incident and forthcoming updates.
GateNews58m ago
Ethena Restores LayerZero Bridge for sUSDe and USDe, Upgrades DVN Configuration to 4/4
Abstract: Ethena has re-enabled LayerZero cross-chain bridging for sUSDe and USDe after a prior suspension, updated DVN configuration across chains to 4/4 to strengthen security, and kept the $10 million/hour transfer cap.
Summary: Ethena restored LayerZero cross-chain bridging for sUSDe/USDe after suspension, updated DVN to 4/4 across chains to boost security; cross-chain transfers remain capped at $10M/hour.
GateNews1h ago
Base Launches First Independent Network Upgrade Azul, Mainnet Activation Scheduled for May 13
Base Azul is live on testnet with a May 13, 2026 mainnet activation target, the first independent network upgrade; it boosts security, performance, and developer experience via multi-proof, single execution client, and Osaka; no user action needed.
Base announces Azul, its first independent network upgrade, now live on testnet with a May 13, 2026 mainnet activation target. The upgrade adds a multi-proof mechanism, designates base-reth-node as the sole execution client, and adopts the Osaka execution layer specification to stay aligned with Ethereum, with no user action required. Two more upgrades are planned for late June and late August, and Base Vibenet, a public development network for testing upcoming features, will launch mid-May.
GateNews1h ago
Volo Protocol vault attacked, losses totaling 3.5 million, remaining TVL confirmed to be safe
The Volo within the Sui ecosystem posted a statement on the X platform, confirming that a security vulnerability occurred, resulting in about $3.5 million in assets being stolen from three specific vaults, involving WBTC, XAUm, and USDC. Volo said it notified the Sui Foundation and ecosystem partners immediately after detecting the attack, freezing all vaults to prevent further losses; Volo pledged to cover all losses and would not allow users to bear any responsibility.
MarketWhisper2h ago
Blockchain.com Adds Perpetual Futures Trading to Self-Custodial Wallet, Supporting 190+ Crypto Markets
Gate News message, April 22 — Blockchain.com has launched perpetual futures trading functionality in its self-custodial DeFi wallet, enabling users to open leveraged positions using self-hosted Bitcoin as collateral without transferring funds to an exchange. The feature routes through Hyperliquid, a
GateNews3h ago
DDC Enterprise Reports Record $39.2M Revenue, Holds 2,383 BTC Worth $182M
DDC Enterprise reports 2025 revenue of $39.2M (+4.6%), holds ~2,383 BTC (~$182M) in the top 30, and unveils the AI-driven DDC Treasury Intelligence Platform for optimized Bitcoin fund management.
GateNews3h ago
