Login
Sign Up
Woofun AI reports that Ctrl Wallet, formerly known as XDEFI Wallet, has announced the permanent cessation of its services, a decision directly linked to recent security vulnerabilities impacting the Cardano ecosystem and its associated platforms like Emurgo, SecondFi, and Yoroi.
The operational timeline was accelerated after the platform entered a temporary "maintenance mode" on Tuesday, June 23, to safeguard user assets following a reported security issue. By August 3, 2024, all core functionalities—including sending, receiving, and swapping funds—will be disabled, leaving only the export of 12-word or 24-word recovery phrases available. The application will be simultaneously removed from app and browser extension stores, with downloads halted immediately, forcing users to migrate to compatible providers such as MetaMask, Trust Wallet, or Phantom.
Users are instructed to transfer assets to external exchanges or wallets before the deadline, as no migration token or airdrop event will be provided to facilitate the transition. The company explicitly warned against fraudulent schemes, urging caution regarding fake social media posts and websites that promise incentives or compensation for the shutdown.
Per Woofun AI, the company’s LinkedIn profile indicates a workforce of between 11 and 50 employees and a user base exceeding 650,000 monthly active users. The wallet previously supported over 2,500 blockchain networks, including Cardano and Midnight, before announcing its transition under the Emurgo umbrella on April 29, with its multichain architecture intended to continue within the SecondFi wallet.
The shutdown follows a critical security exploit on June 24, 2024, where a vulnerability in SecondFi allowed attackers to drain approximately 16 million ADA, valued at around $2.4 million at the time. In response, SecondFi identified 374 impacted wallet addresses and secured roughly 129 million ADA through emergency measures, transferring these funds to an independent third-party custodian to facilitate the verification and recovery process for affected users.