Skip to content

governance

EMURGO exits Cardano's Pentad governance to focus on SecondFi hack recovery

EMURGO, one of Cardano's five Pentad governance entities, stepped down on July 8 to lead recovery for its SecondFi wallet, drained of 16M ADA (~$2.4M) via an Ed25519 signer flaw.

by 5 min read

EMURGO, one of the five entities of Cardano's on-chain governance coalition Pentad, formally notified its co-members on July 8, 2026 that it is stepping down to focus on the recovery of SecondFi — the Cardano wallet, formerly known as Yoroi, that EMURGO itself built. The announcement was made in a statement posted on EMURGO's X account and picked up by The Block, CryptoSlate, Cryptonomist and The Crypto Basic. SecondFi was compromised in three separate attacks between June 21 and 22, 2026 that drained roughly 16 million ADA (~$2.4M) from 374 wallets, per SecondFi's own incident notice and a forensic write-up from Tibane Labs.

What happened

EMURGO — one of Cardano's three founding entities alongside Input Output Global (IOG) and the Cardano Foundation — sat on Pentad, the governance coalition formed earlier this year to coordinate ecosystem infrastructure and treasury spending. Pentad's other members are IOG, the Cardano Foundation, Intersect and the Midnight Foundation.

Following the SecondFi exploit, EMURGO's statement told the other four Pentad members that it needs to redirect operational bandwidth to the wallet's remediation and refund program, and that continuing to hold a Pentad seat while doing so would not be tenable. Coverage from The Block and Cryptonomist confirms that the departure was voluntary and framed by EMURGO as a governance accountability decision, not a rebuke from co-members.

The ADA market absorbed the news with a ~5% drawdown in the 24 hours following the announcement, per BeInCrypto.

Mechanism — how SecondFi lost the keys

The SecondFi drain was not a Cardano protocol failure. Independent security firms SlowMist and Tibane Labs, cited by CryptoBriefing and Cryptonaute, traced the vulnerability to SecondFi's Android build v10.0.3 and its Ed25519 signing path. A missing piece of randomness in nonce generation meant that every transaction a user signed on the affected build leaked information about the underlying private key. After enough signed transactions on a given address, the private key could be reconstructed from public chain data.

Tibane Labs' post-mortem attributes the failure to an unaudited third-party signing library that had replaced EMURGO's previously audited signing code in the version-10 release cycle. Because the leak occurs at the cryptographic key level rather than at the seed-phrase level, exporting the seed to a new wallet does not rotate to a safe key — the derived signing key is the compromised object. Blink Labs and other Cardano ecosystem responders confirmed the exploit as an application-layer failure, not a base-protocol one.

Numbers

- Initial drain window     : June 21–22, 2026 (three attacks)
- Wallets impacted         : 374
- ADA drained              : ~16,000,000 ADA (~$2.4M at event rate)
- Additional ADA at risk   : up to 129,000,000 ADA (~$20M, per SlowMist)
- Rescued by SecondFi team : ~129M ADA routed to third-party custodian
- Root cause               : Ed25519 signer / nonce-generation flaw in
                             SecondFi Android v10.0.3
- Cause per Tibane Labs    : unaudited third-party signing library
                             replaced EMURGO's audited code
- Pentad departure         : July 8, 2026 (announced by EMURGO on X)
- Pentad remaining members : IOG, Cardano Foundation, Intersect,
                             Midnight Foundation (from 5 down to 4)
- ADA price reaction       : ~-5% in 24h post-announcement
- Product status           : SecondFi wound down; EMURGO's role
                             limited to a recovery team

Figures per EMURGO's public statement, SecondFi's incident notices, Tibane Labs' forensic write-up, and reporting by The Block, CryptoSlate, Cryptonomist, CryptoBriefing and Cryptonaute.

Impact

  • SecondFi (Yoroi) users on the affected Android build. Anyone who signed on-chain on v10.0.3 must treat every address they held with that build as compromised. Seed-phrase migration does not rotate the leaked signing key; SecondFi's guidance is a secure export tool routing balances into a fresh wallet not derived from the same seed material.
  • Pentad's composition and legitimacy. Cardano's governance coalition drops from five to four members inside its first year. Whether Pentad co-opts a replacement, redistributes EMURGO's coordination duties among IOG, the Cardano Foundation, Intersect and Midnight, or lets the seat sit vacant is now an open governance question — and one Pentad had not published a process for before this week.
  • EMURGO's remit. Beyond wallet recovery, EMURGO also runs Cardano ecosystem investments and a research arm; the Pentad seat was the coordination surface for those workstreams inside the coalition. Losing it narrows EMURGO's on-network influence in a period when Cardano is actively deciding voltaire-era treasury allocations.
  • Downstream wallets and libraries. Any Cardano wallet that uses the same third-party Ed25519 signing library that shipped in SecondFi v10.0.3 needs to disclose whether it was ever integrated, and if so, at what version. Neither Tibane Labs nor SecondFi has publicly named the library; the disclosure gap is itself a live security concern.

What to watch

  1. Pentad's public response. IOG, the Cardano Foundation, Intersect and the Midnight Foundation have not, as of publication, jointly acknowledged the departure or committed to a process for filling — or eliminating — EMURGO's seat. A published Pentad statement is the near-term governance signal.
  2. SecondFi refund program. EMURGO has committed to making users whole; SlowMist's outer-bound estimate of $20M in exposure vs. the ~$2.4M initial drain is the gap that determines whether treasury or insurance funds are sufficient. A published refund waterfall — who is paid, in what order, from what pool — is the concrete deliverable.
  3. The unnamed signing library. Which third-party Ed25519 implementation was shipped in v10.0.3 has not been disclosed by SecondFi or Tibane Labs. Naming it is a prerequisite for the rest of the Cardano wallet ecosystem to audit whether the same code is running elsewhere.
  4. Ed25519 nonce-generation audit sweep across Cardano tooling. Nonce-reuse and nonce-leakage flaws are a well-understood Ed25519 failure mode. Whether Cardano's other major wallets (Eternl, Lace, Nami, Typhon) publish audit attestations against this class of bug in the coming weeks tells the story of the ecosystem's response depth.

Context — governance-body attrition, second incident in two months

EMURGO's Pentad exit follows a pattern that governance-tracking firms have flagged across 2026: on-chain governance bodies losing seats faster than they can define succession. In March, an Aave governance group departure narrowed the DAO's active delegate roster in the middle of a revenue-rights dispute; in July, BonkDAO's treasury drain via a majority-capture governance attack showed the failure mode at the other extreme, where governance itself becomes the attack surface.

Pentad is a different animal — a coordination coalition of legal entities rather than a token-weighted vote — but the pressure is the same shape: the governance layer needs formal, published mechanisms for entity turnover, and Cardano's does not yet have them documented. That the trigger for this test was an application-layer wallet bug, not a protocol-level failure, is a reminder that the perimeter defended by a base-chain audit stops well short of the software that holds users' keys.

Related stories