In Brief
- Tether is leading Drift’s proposed rescue package. Drift said Tether would contribute up to $127.5 million, while other partners would add $20 million.
- Drift plans to relaunch as a USDT-settled perpetual DEX on Solana.
- The proposal includes a shift from USDC to USDT as the exchange’s settlement layer, alongside fee reductions and incentive programs to support the relaunch.
Drift Protocol has lined up a proposed recovery package led by Tether, marking one of the biggest industry-backed rescue attempts since the April 1 exploit that drained nearly $296 million from users of the Solana-based derivatives exchange.
Under the framework outlined Thursday, Tether would contribute up to $127.5 million and other partners another $20 million, with the capital tied to a revenue-linked recovery plan and Drift’s planned relaunch using USDT as its settlement layer.
The announcement is Drift’s clearest attempt yet to show that the platform can survive a hack that security researchers say was not a routine smart-contract failure.
Drift said outstanding user losses totaled about $295.7 million, led by roughly $159.3 million of JLP, $71.4 million of USDC and $11.3 million of cbBTC.
The protocol’s own recovery update said any recovered funds would be directed into a dedicated user recovery pool.
External investigators have described the April 1 breach as a privileged-access compromise that escalated into a full administrative takeover.
Chainalysis said attackers appear to have spent months building trust with team members before using Solana’s durable nonces to obtain pre-signed transactions that ultimately handed over admin control.
TRM Labs said the attacker then whitelisted a fabricated token called CarbonVote Token, used a manipulated price signal to make it appear valuable, and executed 31 withdrawals in about 12 minutes.
Drift itself has framed the incident in similar terms. In its post-exploit update, the company said the relaunch will include a new community-governed multisig, dedicated signing devices, independent out-of-band transaction verification, timelocks on critical administrative actions, and the disabling of durable nonces for signers.
Two outside firms, Ottersec and Asymmetric, are involved in the reboot and security review, according to Drift.
It’s important to note that the exploit appears to have attacked governance and operations rather than just code. A malicious actor used a “novel attack involving durable nonces” to seize Drift’s Security Council powers.
TRM similarly said the vulnerability combined social engineering, hidden authorizations and a zero-timelock council migration, removing what had been the protocol’s last meaningful brake on admin actions.
The proposed rescue package is built around that diagnosis.
Drift said a substantial share of exchange revenue, together with partner support capital, would be routed to a user recovery pool over time.
It also plans to issue a separate recovery token to affected users, representing a transferable claim on that pool.
Tether, for its part, said the broader package includes a $100 million revenue-linked credit facility, an ecosystem grant and loans to market makers, alongside support meant to help Drift return with deeper USDT liquidity.
Drift co-founder Cindy Leow said the collaboration is intended to “give us the resources” to deliver on the platform’s commitment to user recovery on a faster timetable.
Tether Chief Executive Officer Paolo Ardoino said the decision reflected a view that Drift’s protocol, team and market position remain intact, and that the facility is meant to align incentives around both user recovery and renewed growth.
The initiative also shows how stablecoin issuers are moving deeper into crypto market infrastructure.
The relaunch will shift Drift from USDC to USDT for settlement, and Tether said it also intends to fund reduced trading fees and user incentives while extending a USDT support line to designated market makers. That gives Tether a more direct role not just in settlement, but in rebooting trading activity and liquidity after a major DeFi failure.
There are precedents for such interventions, though the record is mixed.
After the $320 million Wormhole exploit in 2022, Jump Trading’s crypto arm replenished the stolen funds, and Wormhole said all funds had been restored and the bridge was back online. That rescue became one of the clearest examples of a well-capitalized backer absorbing losses to preserve user confidence and keep a strategic protocol alive.
Euler Finance offers another model. Euler said in a retrospective published in 2024 that users’ assets were “fully recovered” after the 2023 exploit, making it one of the rare major DeFi hacks to end with customers effectively made whole.
But that outcome relied on negotiations, investigative pressure and eventual fund returns from the attacker, not on a standing strategic investor stepping in with fresh capital at relaunch.
Other cases have been less encouraging. Mango Markets recovered only part of the money taken in its 2022 exploit, with roughly $67 million returned while about $40 million was retained by the exploiter. Mango eventually shut down in early 2026, with its total value locked down about 97% from its peak.
That mixed history helps explain why Drift’s proposal matters beyond one platform.
The protocol was one of Solana’s largest decentralized perpetual futures platforms before the breach, and investigators from TRM and Elliptic have both described the incident as the biggest DeFi hack of 2026 so far and among the largest in Solana’s history.
A credible recovery could help contain the reputational damage from a hack that struck at trust in admin controls, liquidity safety and exchange governance.
Drift is currently trying to sell a narrower message.
The protocol is not claiming users are being repaid immediately in cash, and the recovery depends on revenue growth, partner support and any assets recovered through law enforcement and forensic tracking.
But by pairing outside capital with operational hardening and a relaunch plan, Drift is attempting something more ambitious than a standard post-hack apology. It is asking traders to believe that a platform hit by one of the year’s worst exploits can come back as a larger USDT-based exchange on Solana.
DRIFT token posted a relief rally after the news.
Investors welcomed Tether’s support package for Drift as evidence that the Solana-based exchange may still have a viable path to recovery.
DRIFT token gained over 18% in the past 24 hours, as per CoinMarketCap data.
Even so, the rebound looks more like a vote of confidence in the rescue plan than a full restoration of value lost since the exploit.
More From BlockFirms
Disclaimer: This article is for informational purposes only and does not constitute investment advice. Read our Editorial Policy. Parts of this article were drafted/ researched with the assistance of AI tools and subsequently reviewed, edited, and verified by the author and our editorial team to ensure accuracy and journalistic integrity. The final version reflects human editorial judgment and fact-checking. Read our AI Policy.
Image Credits: Drift, Canva
