Key Takeaways:
Stabble urged all liquidity providers to withdraw funds on April 7, 2026, after ZachXBT flagged a suspected former employee as a suspected DPRK operative. No exploit or breach occurred at Stabble, and the protocol’s TVL stood at approximately $1.75M at the time of the alert. Stabble’s new team plans fresh audits before resuming normal operations, following a takeover roughly four weeks prior. Solana DEX Stabble Issues Emergency LP WithdrawalStabble fits the profile of a project vulnerable to legacy team risks. The new management inherited a codebase and contributor history they had not fully audited. Their decision to pause operations and seek fresh audits from major firms reflects a precautionary posture over optics.
The team reported operational progress in the weeks before the incident, including doubled TVL, a threefold to fourfold revenue increase, and a 100 percent price increase. Those gains remain intact, as no funds were lost and the protocol continues to process withdrawals.
“Stop virtue signaling you conveniently left out the fact that you had a DPRK IT worker on payroll at Elemental for years,” ZachXBT remarked.
Community response to Stabble’s handling was split. Some users credited the team for transparent, fast action. Others criticized the blunt “EMERGENCY” framing as likely to cause unnecessary panic given the absence of a confirmed threat.
