Engineering

Design for Adversity: Atelligo

Ethena has partnered with Atelligo, an intelligence and remediation platform purpose-built for phishing detection, brand protection, and coordinated takedown operations.

Security at Ethena is approached the same way across every layer of the stack: assume the attacker is already inside, and design every system to remain safe even when other layers are compromised.

User-facing security operates on the same principle. As Ethena's ecosystem has grown, so has the surface area for attackers, phishing campaigns, lookalike domains, cloned flows, and social engineering attempts targeting users directly. These campaigns now run with the iteration speed and infrastructure rotation of professional operations teams. A defense that depends on manual reporting or slow takedown cycles is insufficient.

That is why Ethena has partnered with Atelligo, an intelligence and remediation platform purpose-built for phishing detection, brand protection, and coordinated takedown operations.

How the partnership works

The workflow runs in four steps:

Signal collection from telemetry, threat intelligence sources, and user reports.
Verification and classification to separate real threats from noise.
Remediation and takedown coordinated across hosting providers, registrars, and other relevant channels.
Continuous tracking until each case is contained or fully neutralized.

The result is a substantially shorter window between when a threat appears and when it is removed.

Operational performance: April 2026

A meaningful security partnership only matters if it produces measurable outcomes. The current state of the joint operation in April 2026:

27 threats reported and investigated
27 neutralized (100%)
0 currently active

Speed of response:

Fastest takedown: 20.8 minutes
30% of threats neutralized in under 1 hour
52% neutralized in under 24 hours
Median time-to-takedown: 7.3 hours
Average time-to-takedown: 2.9 days

The window between when a threat appears and when it is removed has narrowed substantially. Most cases are resolved within hours, and every reported threat in April was neutralized.

What users can do

Strong monitoring and takedown infrastructure works best when paired with user awareness. We recommend:

Use only official Ethena channels and bookmarked URLs.
Verify domains before connecting wallets or approving any onchain actions.
Treat urgency-based messages requesting immediate wallet actions as suspect by default.
Report suspicious links or impersonation attempts immediately, every report strengthens collective defense.

Security is not a one-time investment. It is the continuous discipline of hardening systems against threats that evolve faster than the systems they target. The partnership with Atelligo extends that discipline to the layer of Ethena's stack that users touch most directly.

We build for adversity because users deserve systems, and the infrastructure around them, that survive it.

USDe RWA Backing Diversification: Extending Beyond Treasuries

This post is a continuation of our earlier piece on USDe backing diversification, focusing on the next phase of that work: broadening real-world asset (RWA) exposure beyond tokenised T-Bills. USDe’s backing already includes meaningful indirect RWA exposure through USDtb - a stablecoin backed primarily by BlackRock’s BUIDL,

Custodian Attestations of Assets Backing USDe: May

In providing transparency of Ethena protocol’s backing assets, we are excited to share our eighteenth monthly attestation report from all integrated custodians, verifying the backing assets of USDe reside off-exchange within institutional custodial solutions. Monthly attestation reports complement both our real-time Transparency dashboards as well as our

Extending the Basis Trade to Commodities: An Analysis of Gold Perpetuals

In the recent post on diversifying USDe’s backing, we outlined multiple proposed extensions to the backing assets: overcollateralised institutional lending, real-world assets beyond T-Bills, and equity and commodity basis trades. This post goes deeper on the third strategy: equity and commodity basis, and specifically the first asset

Design for Adversity: Lessons from the rsETH Incident

In the spirit of our earlier post on building systems that assume compromise at every layer, we’re sharing a transparent, engineering-first look at the recent Kelp DAO / LayerZero OFT exploit, our response, and why Ethena assets and infrastructure were not susceptible to the same risks.