World Liberty Financial has carried out an emergency burn-and-reallocate action to recover millions in WLFI from wallets compromised before launch.
Summary
- WLFI burned and reallocated $22.1M in WLFI linked to pre-launch phishing attacks.
- The team froze affected wallets, completed KYC checks, and built new smart contract logic.
- Verified users will receive funds in new wallets, while unverified wallets stay frozen.
World Liberty Financial has taken a major step to recover WLFI tokens that were taken from wallets compromised before the launch.Â
The Trump-affiliated project announced the action in a Nov. 19 post on X, and on-chain data later confirmed the move.
How the recovery took place
World Liberty Financial (WLFI) stated that several user wallets were compromised through phishing attacks or exposed seed phrases prior to the project going live. These issues came from third-party security lapses, not WLFI’s contracts.
In September, the team froze impacted wallets, asked users to complete know-your-customer registration again, and began collecting new secure wallet addresses.
After testing new smart contract logic for controlled transfers, WLFI executed an emergency function on Nov. 19. The function burned about 166.667 million WLFI, roughly $22.14 million, from compromised wallets and issued the same amount to verified recovery addresses.
On-chain analyst Emmett Gallic reviewed the transaction and noted that the function was designed for situations where a user loses wallet access before vesting or when tokens fall into the hands of an attacker.
WLFI said it chose a slow, careful approach to avoid mistakes. Users who completed all checks will receive their tokens in new wallets. Those who have not reached out or finished verification will remain frozen until they start the process through the help center.
Details behind the compromised wallets
Most affected wallets were hit by phishing schemes and leaked keys. Some cases linked back to September’s EIP-7702 issues during Ethereum’s Pectra upgrade, where attackers planted malicious contracts in compromised wallets that later triggered token drains.
WLFI froze 272 wallets at the time and warned users about fake support accounts and scam clones. WLFI said the number of affected users was limited but insisted on full verification to avoid reallocating funds to the wrong party. The team also reminded users to rely only on official channels for recovery.
Political pressure and current position
The recovery takes place as WLFI faces questions from lawmakers. Earlier this week, Senators Elizabeth Warren and Jack Reed asked federal agencies to look into claims that WLFI tokens were sold to sanctioned entities. WLFI has not addressed the allegation in its recent statements.
The project continues work on its USD1 stablecoin and upcoming integrations. After completing the recovery process, the team said it is prepared to move forward and focus on development.
