Josh(@devjoshstevens):No polymarket or UMA contracts have been exploited. All user funds are safe, and using https://t.co/3FEzuqLolJ is safe, so business as usual. We had a 6-year-old private key that was compromised. This was in the internal top-up config, which is why funds were being sent to it. We have rotated this key, revoked all prod permissions and are moving all PKs to KMS keys from now on.

Josh

@devjoshstevens

VP, Engineering Defi @polymarket • prev SVP, Engineering at @aave •

Joined June 2021

951 Following 9.7K Followers

Josh@devjoshstevens

2026.05.22 10:18

No polymarket or UMA contracts have been exploited. All user funds are safe, and using is safe, so business as usual. We had a 6-year-old private key that was compromised. This was in the internal top-up config, which is why funds were being sent to it. We have rotated this key, revoked all prod permissions and are moving all PKs to KMS keys from now on.