On July 07, Radiant Capital rolled out a user compensation plan in a detailed document for users who lost funds in a major security breach in October 2024.
The exploit targeted Radiant’s lending markets on Arbitrum and BNB Chain, draining user deposits and stealing funds from wallets with unlimited token approvals.
📢 Remediation Plan — Full Recap Now Live
The Radiant DAO has published a comprehensive overview of the remediation process.
🧠 What happened
✅ What’s been done
📅 What’s next🔗 Read the full article:
https://t.co/CUTr4GToYb pic.twitter.com/mpDNtLX2bS— Radiant Capital (@RDNTCapital) July 7, 2025
Who is Eligible for Compensation from Radiant Capital?
The compensation plan focuses on two groups of affected users:
- Lending Market Depositors – Users who deposited funds directly into Radiant’s lending markets, Radpie, or RIZ Vaults.
- Claim Contract Group – Users with losses over $1,000 will receive in-kind repayments (WBTC, WETH, USDC, etc.) through a claim portal launching later in 2025.
- Convenience Class Group – Users with losses under $1,000 will get 70% of their funds back via an airdrop, with the option to reduce larger claims to qualify.
- Unlimited Approval Exploit Victims – Users who lost funds from their wallets due to unlimited token approvals granted to Radiant’s contracts. A proposal to compensate this group was recently rejected due to insufficient voter turnout but may be revisited.
“Radiant’s remediation effort exemplifies decentralized governance. Through transparent voting systems, clear user classification, and a phased remediation process, the DAO is setting new standards for responsible, community-driven protocol stewardship in DeFi,” the Radiant team writes in a post.
Compensation Timeline
(Source: Radiant Capital)
- August 31, 2025 – Users above the $1,000 threshold can opt into the Convenience Class for faster partial repayment.
- September 2025 – A view-only portal will be launched, allowing depositors to check their eligibility and claim amounts.
- Q3-Q4 2025 – Compensation begins, with Convenience Class users receiving funds in installments, while larger depositors await gradual repayments from protocol revenue.
Radiant was compromised in an October 2024 hack linked to a $650 million crypto theft spree by North Korean cybercriminals. Despite this brutal attack, the platform has since restored its platform and introduced stricter security measures.
In the official blog post, the team writes: “A North Korean threat actor hijacked a trusted retired DAO contributor’s Telegram account and sent a ZIP file with hidden malware posing as a security audit. The malware represented an unprecedented attack vector. It was capable of intercepting and switching transactions directly on the hardware wallets.”
“This meant that the transaction on the hardware wallet differed from what appeared on user interfaces such as Safe, MetaMask, Tenderly, or any other desktop tool. This was a nation-state-level, multi-month operation that required significant planning and resources,” the team behind DeFi protocol explains the reason.
The money to repay affected users comes from Radiant’s community treasury funds, controlled by the DAO (decentralized organization). This treasury is supported by the entire ecosystem, not just the victims of the hack.
While Radiant may recover some lost funds or get help from partners, the main source is the DAO’s own reserves. The goal is to make users while without putting the whole project at risk.
Also Read: HTX Lists Trump-Linked USD1 Stablecoin on Tron Network