Nemo Protocol, the Sui-based DeFi platform recently exploited for $2.6 million, has announced a compensation program that will reimburse affected users.
Summary
- Nemo Protocol has unveiled a three-step recovery plan after its $2.6 million exploit.
- A new debt token, $NEOM, will be issued 1:1 with user losses recorded at the time of the hack.
- Victims can migrate assets, claim $NEOM, and either sell tokens on a Sui DEX or hold for recovery.
- Funds recovered from the attacker and external capital will feed into a redemption pool managed by multiple parties.
As part of ongoing efforts to reimburse victims, the Nemo protocol team has unveiled a three-step recovery path. The plan is centered on the creation and deployment of a new debt token called NEOM.
What is the Nemo Protocol NEOM token initiative?
While direct reimbursement in stablecoins would have been the preferred option, Nemo Protocol admitted in a September 14 statement that it does not currently have the capital to make victims whole immediately.
Instead, NEOM tokens will be issued on a one-to-one basis with the dollar value of each user’s loss, based on the snapshot taken at the moment the protocol was paused. According to the team, this system is designed to ensure fairness and transparency while giving users flexibility in how they recover their funds.
The program will begin with an asset claim and migration process. Users affected by the hack will first be able to migrate their remaining assets into new, multi-audited smart contracts. At the same time, they will receive $NEOM tokens equivalent to their total loss amount. From there, they can choose between selling the tokens immediately through a Sui-based liquidity pool or holding them as the team works to inject value into the redemption pool over time.
Any funds recovered from the attacker will go into this pool, alongside a portion of external capital raised or loans secured by the team. To keep progress visible, Nemo will provide bi-weekly updates and launch a public dashboard to track redemptions and token burns in real time.
To provide victims with immediate liquidity, Nemo will seed a NEOM/USDC trading pair on a Sui-based decentralized exchange. This means users who do not wish to wait for long-term recovery can sell their tokens on the open market, while those willing to hold can benefit from any future recovery of assets.
How the Nemo protocol hack happened
The September 8 exploit drained $2.6 million from Nemo’s liquidity pools. The post-mortem traced the breach to an unaudited code deployed by a developer, which introduced critical vulnerabilities. A public flash loan function, combined with a flawed pricing mechanism, gave the attacker a way to manipulate pool balances and siphon funds.
The stolen assets, mostly stablecoins, were later bridged to Ethereum. The incident, which marked the second exploit to hit the Sui network this year after the May Cetus hack, caused Nemo’s TVL to collapse from over $6 million to around $1.5 million in a matter of hours.
Nemo has since admitted to failures in its audit process and internal controls. The team has pledged stricter oversight for code upgrades, multiple external audits, and stronger bug bounty programs to improve security moving forward.
The launch of the NEOM token is now the central piece of its recovery plan. Whether it restores confidence among affected users will depend on how effectively the protocol can recover stolen assets and sustain demand for the debt token.
