Introduction
In a significant step towards rectifying the fallout from the April 14, 2026 domain hijacking incident, the CoW Decentralized Autonomous Organization (DAO) has ratified an initiative known as CIP‑86. This initiative enables the allocation of discretionary grants that may cover 100% of losses sustained by users who were phished during the malicious takeover of the cow.fi domain. Victims have until May 14 to submit their claims, with the goal of processing payments by May 31.
Incident Overview
The compromise of the cow.fi domain was orchestrated through a social engineering attack that exploited vulnerabilities in the domain registrar, Gandi SAS. For roughly 4.5 hours, attackers gained control, redirecting users to a fraudulent site designed to imitate CoW Swap’s legitimate interface. Users who fell for this ruse were misled into executing harmful transactions, resulting in the drainage of tokens from their cryptocurrency wallets. It is important to note that CoW Protocol’s underlying code and smart contracts remained secure throughout the attack, and the breach was entirely related to the security of the domain registrar.
Financial Impact
Following estimates from KuCoin, losses due to the incident are believed to be approximately $1.2 million across various digital assets, a figure corroborated by subsequent analyses from other sources. The community-driven response to this crisis, manifested through CIP‑86, aims to provide financial relief to impacted users from the DAO’s Legal Defense Reserve.
Grant Eligibility and Application Process
To qualify for the grants, interested parties must have engaged with the fraudulent contract during the specified attack period, demonstrate prior interaction with CoW Swap, and supply adequate blockchain evidence to connect their losses with the phishing incident. The application process emphasizes that these relief payments are discretionary in nature, characterized as goodwill gestures and not as acknowledgments of liability on the DAO’s part.
Claims Submission
In a user-focused effort to facilitate claims, CoW DAO is urging affected individuals to send an email detailing their losses to a designated address, including their wallet address, the specific digital assets lost, transaction hashes, and their personal information. Once claims are matched with on-chain records, further instructions will be provided, which may require users to complete Know Your Customer (KYC) checks before funds can be released.
Conclusion
As the May 14 deadline nears, the DAO is actively promoting the need for prompt claims submissions, with a structured timeline that anticipates all valid submissions will be reviewed in the weeks following the deadline, leading up to reimbursements by the end of May. This entire process exemplifies how decentralized finance (DeFi) platforms are learning to handle off-chain supply-chain vulnerabilities, reinforcing the importance of domain security as critical underlying infrastructure while ensuring that protocols remain distinct from web attack vulnerabilities.
