<\/p>\n
CoW DAO approved CIP\u201186 to offer discretionary grants of up to 100% to victims of April\u2019s cow.fi domain hijack, with detailed claims due by May 14 and payouts targeted by May 31.<\/p>\n
<\/p>\n
CoW DAO has formally approved a user compensation plan for victims of April\u2019s cow.fi domain hijacking and is now asking affected users to file claims by May 14. The decision follows a community vote on governance proposal CIP\u201186, which establishes a discretionary grants program to reimburse losses of up to 100% for users who were phished while the project\u2019s domain registrar was under attacker control.<\/p>\n
According to the CIP\u201186 proposal and the DAO\u2019s post\u2011mortem, the incident occurred on April 14, 2026, when CoW Swap\u2019s .fi domain registrar, Gandi SAS, was compromised in a social engineering attack. Attackers exploited the registrar\u2019s controls over DNS records used by CoW Swap\u2019s AWS Route 53 servers, briefly taking over the cow.fi domain for approximately 4.5 hours and redirecting users to a phishing website that mimicked the real interface.<\/p>\n
During that window, users who visited the hijacked domain were served a fake trading UI and tricked into signing malicious transactions, which drained tokens from their wallets. CoW DAO has repeatedly stressed that CoW Protocol\u2019s smart contracts and backend infrastructure were never breached, and that the vulnerability was \u201centirely at the domain registrar layer rather than in protocol code.\u201d A KuCoin incident report estimated user losses at roughly $1.2 million in USDC and other assets, a figure echoed by multiple follow\u2011up analyses.<\/p>\n
To address those losses, CoW DAO\u2019s community approved CIP\u201186, which sets up a one\u2011time discretionary grants program funded from the DAO\u2019s Legal Defense Reserve. Under the plan, eligible victims can receive up to 100% compensation for verified losses, but the DAO emphasizes that payments are voluntary \u201cgoodwill\u201d grants and do not constitute an admission of legal liability. The proposal also gives the core team a mandate to pursue legal action against third parties where necessary, including entities involved in the registrar supply\u2011chain attack.<\/p>\n
<\/p>\n
CIP\u201186 lays out strict criteria for relief grants. Claimants must have interacted with the malicious contract during the hijack window, demonstrate a history of using CoW Swap prior to the attack, and provide sufficient on\u2011chain evidence to link their losses to the phishing incident rather than unrelated scams. A Binance\u2011hosted summary notes that claims will be processed as \u201cdiscretionary grants\u201d rather than automatic reimbursements, with the verification process comparing submitted data to on\u2011chain records before any payout is authorized.<\/p>\n
CoW DAO and its ecosystem channels are now urging affected users to file claims before the May 14 cutoff. To qualify, users must send an email to\u00a0[email\u00a0protected]<\/span>\u00a0with the subject line \u201cDiscretionary Grant Claim for CoW.Fi Domain Hijack Incident,\u201d including the affected wallet address, a list of assets and amounts drained, relevant transaction hashes, and the claimant\u2019s name. Once support staff match the request with on\u2011chain data, users will receive a follow\u2011up email outlining any additional steps, which may include KYC checks before funds are released.<\/p>\n The CIP\u201186 timeline anticipates that all valid claims will be submitted by May 14, reviewed over the following weeks, and reimbursed by May 31, subject to DAO treasury and verification outcomes. For CoW DAO, the episode has become a case study in how DeFi protocols can respond to off\u2011chain supply\u2011chain attacks: by treating domain\u2011level security as critical infrastructure, separating protocol integrity from web\u2011layer exploits, and using governance to authorize voluntary, time\u2011boxed compensation without rewriting history on-chain.<\/p>\n <\/p><\/div>\n","protected":false},"excerpt":{"rendered":" CoW DAO approved CIP\u201186 to offer discretionary grants of up to 100% to victims of April\u2019s cow.fi domain hijack, with detailed claims due by May 14 and payouts targeted by…<\/p>\n","protected":false},"author":1,"featured_media":28196,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-28195","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/28195","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=28195"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/28195\/revisions"}],"predecessor-version":[{"id":28197,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/28195\/revisions\/28197"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/28196"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=28195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=28195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=28195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}