EMURGO, a co-founding entity of the Cardano blockchain, said on Saturday it had found a way to return assets to users of its SecondFi wallet, days after an exploit drained about $2.4 million worth of ADA.

In a statement posted to X, EMURGO CEO Phillip Pon said the company had completed its forensic investigation, validated wallet balances, and identified what he called "a clear recovery solution." He put the timeline at roughly two weeks, with one week to build the recovery mechanism and a second to test it before any returns begin.

Pon told affected users not to move funds or take steps outside SecondFi's official guidance, saying the recovery is being built around the current state of the compromised wallets. He added that no step requiring user participation had started, and that SecondFi would never ask for private keys, seed phrases, or wallet access.

The Saturday post is the first time the company has attached a concrete timeline to the recovery. It has not yet published a full technical postmortem, given per-user recovery amounts, or detailed how users will claim funds.

$2.4 million from 374 addresses taken