Eventually we might launch something... It will probably be a Web 2.0 app 🥸

Good morning

Alephium (@alephium) is a L1 blockchain scaling through sharding, offering developers an expressive protocol and users a secure and decentralized experience. Learn how it works and explore its key features in our latest guide. ⬇️ coingecko.com/learn/what-is-…

Highlighting the benefit of decentralization and open source work. Makes one wonder how their favorite blockchain would hold up to the pressure. x.com/ClaudeDevs/status/2065…

Dear US government, Since you've just blocked Fable and Mythos on critical national security grounds, here are some other tools that pose a similar threat to the American people: - Microsoft Teams - SAP - Salesforce - Jira - Outlook Please do what you must to save America 🇺🇸

Good morning ☀️ x.com/alephium/status/206576…

Good morning ☀️

Aura’s audit process is officially underway. The audit is expected to take around 3–4 weeks, with mainnet launch coming soon after once the review is complete and everything is finalized. While the audit progresses, we’re continuing to polish the frontend, make final improvements, and prepare the platform for launch. Things are moving very well. Aura mainnet is getting close.

March to Mainnet 12/06 🏃 This week, our Core Contributors have been pushing Powfi closer toward mainnet, maintaining key Alephium infrastructure, and continuing Bridge audit and remediation work in parallel. We are working to relaunch an improved Bridge as soon as possible, once all relevant measures are complete. Here’s your weekly dev update: <Powfi> 💥 Continuing internal smart contract audit work 💥 Finalising the referral system design proposal 💥 Completed Powfi and Crowdin integration 💥 Fixed Powfi SDK npm homepage GitHub URLs <Backend> ⚙️ Upgrading all Alephium dependencies ⚙️ Running a full audit of the entire codebase ⚙️ Reducing Explorer Backend database size ⚙️ Improving node WebSocket support <Wallets> ✅ Hardened in-app browser security ✅ Team sync on Explorer Backend data validity ✅ Improved transaction sending speed across both wallets ✅ Submitted mobile wallet v2.5.1 to both app stores, including: 1️⃣ Improved cold start performance 2️⃣ Improved perceived transaction confirmation speed 3️⃣ Fixed spinner animation position on data refresh <Misc> 📸 Took snapshots of all wALPH holder addresses and LP providers on Uniswap and PancakeSwap 📚 Researched referral program designs, contract requirements, key considerations, and integration needs for channel partners (see the Powfi update from earlier this week) 🔎 Reviewed current grant applications ⬆️ Upgraded Alphland nodes 🔒 Researched improvements to security monitoring for the Alphland Alert System 🙅 Removed /admin path from production website Our conviction and resilience are rock solid. Alephium’s core contributors have continued to deliver through all of it, and that has not gone unnoticed by the community. Your continued support is priceless 👏 Keep an eye out for upcoming Bridge and Powfi updates. More to come.

Bridge Exploit Update Work on bridge remediation progresses. Over the past few days, the team has been focused on reviewing, testing, and hardening the updated bridge infrastructure. We are currently finalizing our internal review and preparing for an additional external security review before relaunching the bridge. In parallel, we are reviewing the broader bridge architecture and identifying additional improvements. Our intention is to further strengthen the system beyond the specific vulnerability involved in this incident. As of today, relaunching the bridge remains our preferred recovery path for affected users. We currently believe this is the fastest and most straightforward way to allow legitimate wrapped ALPH (wALPH) holders to redeem their assets, while also supporting the broader recovery process. This approach remains subject to the outcome of the ongoing reviews. On the investigation side, following coordination with legal counsel, a criminal complaint has now been formally filed with the competent prosecutor's office in Switzerland. We also continue to cooperate with security and investigation partners regarding asset tracing and recovery efforts. We will continue sharing updates during this process.

Weekly Summary 🗓️ A lot happened this week. Here is a recap. 🧵

🧵How the Attacker's wALPH Was Burned “As part of the bridge incident remediation, the bridge guardians, with support from our security partners, executed an authorized recovery procedure to invalidate the unbacked wrapped ALPH held in the attacker's wallet.” The Bridge Guardians coordinated through the bridge’s multi-signature governance mechanism to temporarily upgrade the bridge’s wrapped asset contract implementation. This temporary implementation introduced functionality that allowed the attacker-controlled unbacked wALPH to be permanently burned. Immediately after execution of the burn, the contract was reverted to its original implementation. This action required approval from the full Guardian set, which is why the process took several days to organize and execute. Note that the guardians are separate and independent from each other. Alephium’s bridge wrapped asset contracts, like those used by many cross-chain bridge systems, are deployed behind upgradeable proxy contracts. This architecture allows contract implementations to be modified through Guardian-approved governance actions when required. It is important to note that the burn capability used in this remediation did not exist in the bridge’s normal operating implementation. It was introduced through a temporary governance-approved upgrade specifically to remediate the unbacked supply created by the exploit and was rolled back once the action was completed. This approach has precedent in previous DeFi security incidents. Following the pxETH exploit involving Yearn Finance, unbacked tokens were invalidated by the token issuer directly from the attacker's wallet. After the Echo Protocol incident, attacker-controlled eBTC was burned once administrative control had been recovered. The tokens burned in our case were exclusively the unbacked wALPH that remained in the attacker’s wallet at the time of the action. Any wALPH that had already left the attacker’s wallet prior to the burn was not affected. The recovery action was intentionally limited to assets that remained under the attacker’s direct control and did not affect third-party holders who acquired wALPH through ordinary market activity without involvement in the exploit. The action had no effect on assets held by legitimate users and did not affect any assets on the Alephium Layer 1 blockchain. The bridge itself remains disabled while remediation, review, and security assessment work continue.

Important Reminder 🚨 There are accounts impersonating Alephium, our team, and our moderators across all social media channels. We do NOT have a ticket system or support team. Do not share your private keys with anyone, and do not click links from unverified sources. Please verify account names carefully before engaging. We will never DM you first, and all official updates will come from verified Alephium channels only. Thank you. Alephium Team.

March to Mainnet Report 17/04🏃 This week, Alephium’s Core Dev Teams narrowed their focus toward foundational security, SDK modernization, and code optimization. As we approach the mainnet deployment, dedicating time to deep-cleaning repositories, resolving audit warnings, and standardizing our backend processes is absolutely critical for the stable and secure launch that the $ALPH community deserves. So, here is your progress report for this week: <Powfi> 💥 Finalized the modernization of the Web3 SDKs and released v3.0.2 across all environments 💥 Prepared the Powfi SDK for its upcoming open-source release to ensure third-party developers have the necessary integration tools 💥 Addressed community-submitted Powfi SDK bug reports and provided ongoing technical support 💥 Executed a thorough dependency cleanup across SDKs and TypeScript repositories to resolve recent audit warnings 💥 Pinned all GitHub Actions versions across all TypeScript repositories to enforce strict security and build consistency 💥 Worked on the smart contract element of reward distribution for xALPH stakers <Wallets Infra> ✅ Reviewed and refined the liquid staking feature within the mobile wallet to ensure a clean user experience ✅ Actively navigating Apple App Store compliance guidelines to resolve recent iOS deployment feedback ✅ Released v.4.5.1 of the full node to address a groupless address related bug ✅ Continued reviews into existing PRs <Alphland Ecosystem> 👀 Began development on a dedicated Alphland page to display live ecosystem token prices, powered by the Mobula API 👀 Conducted comprehensive grant reviews for two ecosystem projects: new features for one established dApp (@DOH_alph) and one highly anticipated Real-World Asset (RWA) protocol (TBA) We are incredibly grateful to the builders and testers in the community who continue to help us ensure a stable mainnet release, as well as the patient community members who continue to champion what we are building. We are getting closer…

PoW never went away. Don't forget, this is still the most secure blockchain base layer there is. 👉 All it's missing is aligned DeFi.

📁 The first case from the Alephium Detectives Bureau has just landed on the desk. 🕵🏻‍♂️ Slip on your gloves, light up a cigar... and think hard. The membership fee to access the case: 50 $ALPH. 💰 Solve it first — and take home the pot of 1000 $ALPH! 🔗 alephium-detectives.ru/

Our Core Frontend Dev, @_nop33, has pushed the v3.0.0 of our SDKs and tooling, improving security and reducing bundle size by 88%: @alephium/web3 @alephium/web3-react @alephium/web3-wallet @alephium/web3-test @alephium/walletconnect-provider @alephium/get-extension-wallet @alephium/cli He has written a full migration guide with breaking changes: github.com/alephium/alephium… You can also enjoy this blog post on his website about how he got it done: nop33.com/blog/shrinking-ale… DevX = improved ✅

Alephium is taking part in @oortech's April Quest! 👋 We are joined by @u2u_xyz, @tatum_io, and @watchxnetwork.

Build. Contribute. Earn. 🎯 With Alephium Bounties, Alph.Land opens new opportunities for developers, dApps, and community contributors to turn their skills into $ALPH. Learn how it works: alephium.org/news/post/turn-…

48 hours after shipping Ralph Skills — 60 builders already using it. Didn't expect that. Here's what it is and why we built it 👇 (A thread 🧵 )