Publication of the use of the Multi-Sig emergency powers on the 6th of May 2026

On the 6th of May, the ssv.network DAO Multi-Sig Committee exercised its emergency powers under the Defined Emergency Procedure as outlined in [DIP-2] Multi-Sig Committee.

Following the v2.0.0 upgrade, a critical bug, the Stale EB Snapshot Bug, was identified internally. The bug’s Root Cause was that when all validators were removed from an SSV-denominated cluster, its Effective Balance (EB) snapshot was not cleared and persisted in storage. This created “poisoned” clusters with a non-zero EB snapshot but zero validators.

An exploit path existed where a user with a poisoned cluster (a legacy SSV-denominated cluster that had churned all of its validators yet retained the stale EB snapshot, then chose to call migrate) could call migrateClusterToETH, incorrectly reading stale vUnits, computing a phantom deviation, and injecting phantom balance into the protocol’s accounting.

In reaction to the above, the ssv.network Multi-Sig voted with the required majority on its dedicated emergency channel to consider this situation as a Defined Emergency Situation as described in [DIP-2] Multi-Sig Committee. A review of the on-chain state confirms that no evidence of exploitation has been found, and the action was a preventive measure.

The fix was deployed using a pre-generated SAFE Transaction Builder batch, which provided a defense-in-depth fix implemented in two layers:

• Layer 1 (SSVValidators.sol): The EB snapshot is now immediately zeroed when a validator removal reduces a cluster’s validatorCount to zero.
• Layer 2 (SSVClusters.sol): A migration-side guard was added to migrateClusterToETH to check for and clear any stale vUnits on empty clusters immediately before deviation accounting.

The deployed batch updated the module pointers on SSVNetwork for SSVClusters (Slot 1) and SSVValidators (Slot 6). The transaction details are available here: https://etherscan.io/tx/0x3fdb778cb6a404b1c38271c58d2d9a001cd8dc97feee27ddc87376d93fb4c30c

In line with [DIP-2] Multi-Sig Committee, the ssv.network DAO Multi-Sig Committee is publishing the use of its emergency powers to the community.

Big respect to the team for catching and patching this vulnerability before it could be exploited, this is exactly why strong security processes and emergency safeguards matters.