Following the staked SOL exploit on SwissBorg involving Kiln’s API, the staking provider said it’s exiting all of its ETH validators “out of an abundance of caution”
Kiln is exiting all of its Ethereum (ETH) validators after a security breach that appeared to involve its API triggered an exploit of SwissBorg’s staked Solana (SOL) holdings, resulting in the loss of more than $40 million.
In a Sept. 9 blog post, Kiln — a crypto staking provider with over $15 billion in crypto staked across multiple blockchain networks — said that the move is a “precautionary measure designed to ensure the continued integrity of the staked assets.”
Over the past 24 hours, the queue to exit Ethereum validators jumped about 150% from around 1 million ETH on Sept. 10 to a total of 2.6 million ETH in line to unstake by press time, with an estimated wait time of more than 45 days, per data from Validator Queue.
Data from Dune Analytics indicates that Kiln had over 1.6 million ETH across 51,000 validators, making it the fifth-largest entity by staked ETH before its exit this week.
Kiln said that a full post-mortem of the SwissBorg exploit will be shared once its review is complete, clarifying that “at this time, there is no indication of any funds loss other than the SwissBorg incident.”
Speaking with The Defiant, a spokesperson for Kiln said that the company exited all of its Ethereum staked positions from validators “out of an abundance of caution,” adding that these assets “will be returned safely to users’ wallets.”
“Kiln continues to cooperate closely with law enforcement and experts to understand the full scope of this incident. We remain in close contact with our customers and partners and are dedicated to keeping all parties updated as we learn more,” the spokesperson said.
SwissBorg Exploit
Swiss crypto exchange SwissBorg notified users in an X post on Monday, Sept. 8, that it had suffered an unauthorized withdrawal of roughly 193,000 SOL, worth about $43.6 million at current prices. The post didn’t name Kiln directly, but said “a partner API was compromised,” resulting in the attacker gaining access to SwissBorg’s SOL Earn product.
In its own post on Monday, Kiln said that it was working with SwissBorg to investigate “an incident that may have involved unauthorized access to a wallet used for staking operations.”
On-chain data shows that the hacker moved SwissBorg’s staked SOL from Fireblocks Custody, Fireblocks confirmed to The Defiant that SwissBorg is one of its customers.
A Fireblocks spokesperson told The Defiant that at the time of the incident, SwissBorg “was not using Fireblocks’ secure native staking capabilities, which are designed to prevent this type of attack,” adding that Fireblocks “has blocked the ability to connect with the Kiln dApp via WalletConnect while Kiln conducts its investigation.”
Record Long Exit Queue
The planned withdrawals from Ethereum validators dramatically worsened the already long Ethereum validator exit queue, which broke multiple records over the summer.
The growing queue is also putting pressure on liquid staking tokens like Lido Staked Ether (STETH), which represent staked ETH and let holders earn staking rewards without locking up their ETH completely. However, a congested exit queue leads to slower ETH redemptions, which could increase selling pressure on STETH and raise the risk of temporary depegging from ETH, especially in the case of market stress.