✨ DAO dramas reaching resolution?

Welcome back to Inside DeFi

It’s been an interesting week for some of DeFi’s biggest names. BlackRock is flirting with Uniswap and the relationship between Aave Labs and its DAO may be on the mend.

Today we cover both of these stories as well as loose-lipped AI agents and even more good news for security funding.

Rainbows and UNIcorns

Wednesday brought news that BlackRock would “offer DeFi trading” via Uniswap, with the asset manager buying up an undisclosed amount of the platform’s governance token.

Despite being billed as “a major vote of confidence in DeFi,” trading of the BUIDL tokenized fund would be limited to those Securitize deems eligible to be whitelisted, such as market maker Wintermute and “qualified purchasers” with over $5 million in assets, Fortune reported.

The UNI token pumped 30% on the news, but retraced nearly all the gains in the following 24 hours.

Uniswap’s founder Hayden Adams had more than one reason to celebrate, though, as rival DEX Bancor’s lawsuit appears to be no longer an issue.

On the DAO front, Uniswap’s buyback and burn program has been running just over a month, passing a million UNI tokens burned this week.

While the UNI price, volume, and fees have all dropped significantly since November’s UNI-fication announcement, last week’s volatility gave the program a hefty boost, with $430,000 of UNI burned in a single day.

But it wasn’t just Uniswap cosying up to the mainstream this week.

DeFi interoperability protocol LayerZero announced its new “Decentralized Multi-Core World Computer” to much fanfare (and technobabble), claiming it offers a “credible alternative to centralized cloud providers.”

Partnerships include TradFi’s DTCC, Citadel Securities, and ICE (no, not that ICE), VCs a16z and Ark Invest, and Google Cloud.

Hackers or slackers?

A week with no major smart contract hacks is rare, but very welcome, in DeFi.

The past week didn’t pass fully without incident, however. Maple Finance kicked Monday off with a front end scare, though no funds were lost and the site was restored a few hours later.

One would have thought that, following 2024’s wave of front end attacks, DeFi projects would have taken Vitalik’s advice on the matter.

The same goes for supply chain attacks. Last September’s “generational fumble” made abundantly clear the potential dangers that npm packages can pose to the DeFi ecosystem.

Read more: Explained: how crypto’s ‘largest supply chain attack’ stole just $0.05

However, last week Socket researchers discovered malicious npm and PyPI packages targeting decentralized derivatives exchange dYdX’s v4.

The packages were designed to enable wallet credential theft and remote code execution on dYdX users, although it is unclear whether any losses were realized.

Security goes live

Phylax Systems’ network-native circuit-breaker, Credible Layer, was integrated into Linea’s sequencer at the end of last month. This approach checks every transaction against pre-defined “assertions” to catch any funny business before it is executed.

In a similar vein, at the app-level, some of the bite was taken out of the recent Step Finance hack when withdrawal rate-limit caps kicked in on Kamino.

On the audit side, Firepan argues for focusing on continuous risk monitoring instead of the point-in-time assessment offered by traditional audits, boldly stating that “every major DeFi hack in 2025 happened to a protocol that passed an audit.”

More good news for the EthSec community

The Ethereum Foundation has pledged to sponsor a SEAL Intel engineer with the “sole mission” of tracking and neutralizing “drainers targeting Ethereum users.”

TheDAO security fund is also being put to work to finance SEAL, with $400,000 and perpetual Superfluid streams set up to fund ongoing operations.

Ethereum’s Security Alliance (SEAL) keeps track of threats across the ecosystem. Its most recent warning was a thread on North Korean IT workers using legitimate LinkedIn profiles to apply for crypto industry roles.

Elsewhere, a security researcher going by “ily2” earned a $3 million bounty via Immunfi for identifying a critical smart contract bug.

Not many protocols fit the description of likely candidates.

Read more: The DAO hacked again, but this time it’s the good guys

Not so secret agents

Hype around AI agents continues to provide nightmare fuel as “OpenClaw bot swarm” owockibot gave up its hot wallet’s private key “after only five days alive.”

The project works to support grants platform Gitcoin, but treasury funds are “stored in a safe that requires [its operator] to sign,” meaning the incident was no more than “a minor setback.”

Let’s hope developers bear in mind the underlying lesson that “an LLM based AI will *never* *ever* be able to keep something it knows, a secret,” going forward.

Aside from the agents themselves, the OpenClaw skills marketplace is emerging as a supply chain attack vector, being used as a malware distribution center.

Meanwhile, the bots themselves are holding grudges when their PRs are closed.

DAO dramas, but answers in sight

Aave Labs has finally played its hand in the ongoing ownership debate.

However, the concessions come at a price. Labs wants $25 million in stablecoins and 75,000 AAVE tokens to be paid over the next two years. ACI delegate Marc Zeller proclaimed “the DAO Won, but the deal isn’t done.”

We’ll be standing by for updates as negotiations continue.

The Curve ecosystem’s latest experiment, Yield Basis, put pressure on stablecoin crvUSD’s peg during the recent bout of bitcoin volatility.

The issue, according to a series of analyses from Ember Protocol’s Joe Wait, is that “Yield Basis makes too much money.”

He proposes a crvUSD “peg tax” paid when Yield Basis is “printing fees.”

Curve founder Michael Egorov appears to be in agreement, though the tax rate is still TBD.

Curve’s veToken model, which requires would-be participants in DAO votes to lock their tokens into a vote-escrow contract, was eagerly snapped up across the sector over the last cycle.

Recently, however, a couple of its most high-profile adopters have decided to abandon the model.

Yearn and Pendle have opted to simplify things with stYFI and sPENDLE, respectively.

Following the Gnosis DAO’s November decision to fire its previous treasury manager, KPK, the vote for a successor is ongoing. KPK were fired over issues relating to “performance, cost, risk exposure, and alignment with DAO objectives.”

The vote runs until Saturday. Current frontrunner Noctua Capital, if successful, will manage $180 million, including GNO tokens ($40 million when excluded).

It would take $1 million per year, plus 30% of yield “above benchmark,” in return.

On-chain antics

Tether’s move to freeze over half a billion tokens in conjunction with Turkish authorities, which led one observer to ponder the effects of a major DeFi pool being frozen.

BlockSec released a freeze tracker to keep on top of USDT freeze activity. In the last 30 days, 238 addresses have had over $200 Million frozen on Ethereum and Tron.

Finally, Yearn contributor “MarcoWorms” identified a batch of multisig transactions which have already hit their required signature threshold.

They executed 113, but opted not to shell out on gas for 732 more.

Despite multisig ops often being an integral part of DeFi teams’ daily activities, they don’t always go smoothly.