This post provides an update on the current state of security work, the reimbursement of affected users, the role of the Refund Angels, the financial impact on the Bisq DAO, and considerations for long-term sustainability.
Details of the May 1, 2026 security incident can be found in the post-mortem report.
Affected users have now been reimbursed. This was made possible by the Refund Angels, who committed funds before the final compensation terms had been determined.
Some Bisq-specific terms used in this post are explained in the glossary at the end.Executive SummaryExecutive Summary
- Security hardening for Bisq 1 and Bisq 2 is close to completion. The main remaining items are reproducible builds and the XMR auto-confirmation security audit.
- Victims affected by the May 1, 2026 security incident have been reimbursed.
- BTC fee distributions to Refund Angels are proposed to be phased in gradually. Accounting, compensation, and allocation details still need to be finalized through DAO governance.
- The reimbursement creates significant financial pressure for the DAO. Some fee parameters are also outdated and may need careful adjustment. Any changes should be gradual, monitored, and adjustable.
- No fee parameter changes are finalized by this post. Each change described below would still need to go through the normal DAO proposal and voting process.
- The release of Bisq MuSig remains the highest strategic priority for 2026.
ContentsContents
- Security Hardening
- Reimbursement Funding
- Proposed Settlement Model
- Financial Risks for the DAO
- Fee Parameters Under Review
- Additional Measures to Improve Financial Sustainability
- How to Participate
- The Path Forward
- Glossary
- References
...read more at bisq.network
pull down to refresh
related posts