- Nomad lost about $186 million in a 2022 bridge exploit and later recovered roughly $37 million.
- The FTC filed a complaint and proposed settlement that criticized the project’s security practices.
- Industry groups contend the FTC’s expectations, including a kill switch, would force centralised control and harm decentralised projects.
- Illusory Systems, Nomad’s parent, agreed to a settlement requiring new security measures and return of recovered funds.
- Trade groups and ConsenSys submitted formal responses and a joint letter urging changes to the proposed order.
Crypto trade groups and developers have pushed back after the FTC alleged that Utah-based firm Illusory Systems released software without adequate safeguards and proposed a settlement in December requiring fixes and fund returns. The complaint targeted the Nomad bridge after a 2022 exploit and said the company misled users about security practices.
The Nomad bridge raised about $22 million at a $225 million valuation in April 2022 but suffered a widespread exploit four months later when some 300 attackers drained roughly $186 million, which the agency linked to poorly tested code. Investigators and ethical Hackers later helped recover about $37 million, while the relaunched bridge held around $1 million in deposits, per on-chain tracking and a Nomad relaunch guide.
The FTC complaint criticized the absence of mechanisms described as circuit breakers, stating “The company failed to incorporate ‘circuit breakers’ or a ‘kill switch’ that could immediately cease the functioning of the Nomad Token Bridge in the presence of suspicious transactions,” and proposed an order requiring a new information security program and return of remaining recovered crypto. The full complaint and proposed order are available in the public complaint and settlement documents.
Several trade associations and developers argue the requirement is impractical or dangerous for decentralised projects. A joint trades letter warned against mandates that would centralise control, saying such rules would “require privileged control or some other centralised authority to execute” and that many protocols “would be stifled if not outright deemed impossible under the expectations in the Proposed Complaint.” Consensys also filed comments noting that “Circuit breakers are not industry standard today, and they were not standard at the time of the Nomad incident,” in a formal letter to the agency.
Forensic firm TRM Labs described the event as chaotic and detailed investigative findings in a public post, which also noted arrests tied to the case. Coverage of the exploit and wider industry reaction is available in contemporaneous reporting that documented the attack and its aftermath, including how attackers exploited the bridge code and how recovery unfolded shortly after the incident and in a TRM Labs briefing.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Corvex Lands Nvidia H200 GPU Lease for Battery AI R&D to IPO
- Kansas bill would create Bitcoin reserve from unclaimed prop
- Capital One to Buy Brex for $5.15B; Cards Interest Boost now
- Sen. Lummis says CLARITY Act unites crypto, urges quick vote
- Negative XRP Funding Mirrors Past Setups Ahead of Rally Soon
