re @bankrbot hack, ~$170K drained so far, here's my best guess as to what happened (with the help of Caddie) TLDR - multiple Bankr user wallets drained on May 19, 2026. looks like the attacker had direct signing access to Privy-managed embedded wallets — doesn't appear to be an approval exploit or smart contract bug. tokens were transferred out via direct transfer() calls, swapped to ETH, bridged Base → Ethereum mainnet, then distributed across multiple wallets - warning: not 100% certain Hypothesis 1/ Bankr uses Privy as a provider (Privy has sign-in with X) - session keys held on Bankr's backend, private keys compromised - Bankr-bot saying funds are safe isn't reassuring — they're likely just checking balances, unless they know exactly which keys got hit Hypothesis 2/ Privy itself - Privy is rock solid, I don't think it's them. more likely H1 what users should do. err on the side of caution - check your wallet for unauthorized transfers, you can do so on Basescan or using B3OS by talking to Caddie, just copy/paste your wallet into Caddie - report to Bankr Discord - move assets to fresh EOAs when withdrawals enable welcome any/all other theses!