Drift Protocol Lost $285M Because Two People Signed the Wrong Thing

John Z Black Apr 3, 2026 Incidents & Breaches #defi #drift-protocol #solana #hack #cryptocurrency #governance

Biggest DeFi hack of 2026 so far, and nobody found a single code bug.

The attacker used a legitimate Solana feature called durable nonces. Normally, Solana transactions expire after about 90 seconds. Durable nonces remove that expiration entirely. A signed transaction stays valid forever.

So here’s what happened: the attacker tricked two of five Security Council members into signing what they thought were routine transactions. Those signatures got locked into durable nonce accounts, ready to fire whenever the attacker wanted. Weeks later, on April 1, two transactions hit the blockchain four slots apart. Full admin control. Vaults drained. $285 million gone.

The protocol’s still frozen. No attacker ID. No law enforcement announcements.

The uncomfortable truth: “two-of-five multisig” sounds secure until you realize it means any two people, at any time, with transactions that never expire, can do anything. That distinction just cost a quarter billion dollars.

How Solana’s convenience feature became a $285M weapon