Project prevents theft targeting token launch and Lockbox mechanism
World Liberty Financial (WLFI), the Trump-linked decentralized finance (DeFi) initiative, said it successfully blocked hacking attempts during its highly anticipated token launch by deploying onchain blacklisting measures.
On Wednesday, the project revealed that a designated wallet executed “mass blacklisting” transactions to disable compromised accounts ahead of launch. The team clarified that the incidents stemmed from end-user compromises such as private key losses and not from an exploit of WLFI’s own contracts.
Protecting the Lockbox
A key focus of the blacklisting effort was WLFI’s Lockbox, a vesting system designed to safeguard locked token allocations. According to the team, the blacklists prevented attackers from stealing funds from the Lockbox, a potential weak point during the launch phase.
WLFI linked to Etherscan transactions showing the blacklist in action and said they are actively working with affected users to help them regain account access.
Hacks surge after token unlock
On Monday, WLFI unlocked 24.6 billion WLFI tokens as trading opened for the first time. The event quickly attracted bad actors, who launched multiple attacks to exploit users’ excitement around the listing.
Analytics firm Bubblemaps reported the emergence of “bundled clones” — fake smart contracts imitating WLFI in an attempt to deceive users into interacting with fraudulent contracts.
Meanwhile, SlowMist founder Yu Xian warned that some WLFI holders had their tokens drained through a phishing exploit leveraging Ethereum’s EIP-7702 upgrade. He described it as a “classic EIP-7702 phishing exploit” in which hacker-controlled addresses are planted into victim wallets, enabling attackers to seize tokens once deposits are made.
EIP-7702: Innovation with new risks
The Ethereum Pectra upgrade in May introduced EIP-7702, which allows externally owned accounts to temporarily act like smart contract wallets. While designed to improve the user experience through batch transactions and execution delegation, it has also opened an offchain attack vector.
Security experts note that attackers can now drain wallets using only an offchain signature, raising concerns across the broader DeFi ecosystem.
By moving swiftly with onchain blacklisting, WLFI avoided a direct exploit during its launch and reinforced its commitment to protecting user assets. However, the incident highlights the growing sophistication of DeFi-related attacks and the urgent need for users to exercise caution when interacting with new protocols.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.