FixedFloat: Full Security Incident History (2024)
FixedFloat is still online, but 2024 changed how users should treat it. The problem is not one breach. It is repeated incidents, thin disclosure, and no postmortem strong enough to justify trust.
| Date | Event | Reported impact | Key concern |
|---|---|---|---|
| 2024-02-16 | Major breach disclosed | ~$26M in BTC and ETH | Hot walletA wallet connected to the internet for day-to-day spending or trading. It is convenient but generally less secure than offline storage.Glossary → compromise, sparse disclosure |
| 2024-04 | Second incident during recovery | Undisclosed | Raised questions about systemic security |
Why the Security Record Matters
Swap services run on trust. Even if they call themselves non-custodial, users still depend on them to quote honestly, route funds correctly, secure wallets, and finish swaps without loss. Two major incidents close together push a platform out of the trusted-by-default category.
What Users Should Do
If you still use FixedFloat, keep the pattern simple: send the smallest amount possible, test first, withdraw at once, and keep backup routes ready. Better yet, use alternatives with a cleaner record or use decentralized tools when they fit.
The bigger lesson is old and boring. Works today does not mean safe enough to trust again and again.