Key Highlights
- •An OKX user claims 50 ETH was stolen despite never exposing his private key.
- •SlowMist reportedly confirmed a private-key leak, fueling questions about OKX’s internal security.
- •The user demands transparency on audits, past incidents, and potential insider abuse, calling it an industry-wide trust crisis.
OKX is facing one of its most serious public security controversies after a longtime user claimed that nearly 50 Ethereum (ETH) was drained from his OKX Wallet, despite saying he never exposed or copied the private key. Subsequently, CEO Star Xu announced a reward of 10 Bitcoin (BTC) to individuals who could provide conclusive evidence that OKX Wallet contains a backdoor.
The response came after the user’s allegation sparked widespread speculation about a potential “backdoor” in the wallet software. In a reply to an X post by another user, Xu wrote:
“Anyone who can provide conclusive evidence that OKX Wallet contains a backdoor will receive 10 BTC.” The reward, worth roughly $1 million, is one of the largest security bounties ever offered by a major crypto company.
A Theft Claim Ignites Fears
The controversy began when an influential Chinese community member, known as 6哥, posted that his four-year-old OKX Wallet was drained of almost 50 ETH. He insisted that his private key had never been saved digitally, photographed, uploaded, or shared.
我的50 ETH被盗
— 6哥 ⁶⁶⁶ (@ChinaWhaleETH) November 13, 2025
我不知道该怎么开始。
在1011事件之后,我已经被摧毁一次。
但这几天,我又被打倒了第二次。
我的 OKX Wallet,被盗走了 将近50 ETH。
那是一个我刚入圈时建立的老钱包,
私钥与注记词全是手抄,从未上传、从未截图,也从未给任何人看过。
我不敢说我多懂技术,但我敢保证… https://t.co/8n9TA1zWAj
Several users echoed similar concerns, citing past incidents and demanding transparency. Within hours, the discussion dominated Asian crypto channels.
OKX denied any wallet backdoor and said its review showed the private key had been imported via copy-paste, a common leak point. The exchange urged the user to check every device or storage location and made itself available.
您好,与您沟通,我们对您提供的日志进行了初步排查,发现您的私钥是通过复制/粘贴方式导入的。所以也辛苦您仔细回忆一下:私钥或助记词曾经在哪些地方存储或复制过。任何可能的存储位置或操作环节都可能是泄漏的来源。…
— OKX中文客服 (@OKXHelpDesk_cn) November 13, 2025
OKX Escalates: “Prove It, and We Pay 10 BTC”
As speculation grew, OKX CEO Star Xu issued a high-stakes challenge:
任何人只要能够提供确凿证据,证明 OKX Wallet 存在后门,我们的 @wallet 团队将奖励 10 BTC。请OKX Wallet全球几千万用户共同监督。安全透明是底线,欢迎社区审查。 https://t.co/yVtz4Mpa1f
— Star (@star_okx) November 15, 2025
He also encouraged OKX’s “tens of millions of users” worldwide to monitor the situation, signaling that the company is confident no backdoor exists. The move is an attempt to regain narrative control, turning a defensive posture into a public bet on the wallet’s integrity.
The Accusation Grows
The victim pushed back, saying SlowMist confirmed the incident was caused by a private-key leak, not phishing, copied keys, screenshots, or user mistakes.
我的 OKX 钱包在无任何私钥泄漏的情况下被盗走 50 ETH。
— 6哥 ⁶⁶⁶ (@ChinaWhaleETH) November 13, 2025
私钥是4年前手抄保存、没有被黏贴版狭持,慢雾团队 @evilcos 已经证实是私钥外泄导致,不是钓鱼网站跟授权问题。
这意味着问题可能出在 OKX 热钱包系统本身。
我不是第一个受害者。2024 年 3 月就有一批用户资产被盗… https://t.co/zM0lIeJjkU
He then pressed OKX for answers: Where is the latest security audit? Could an employee have abused internal access? And why were similar thefts from March 2024 never disclosed? Calling the case “a collapse of trust for the entire crypto industry,” he vowed to publish more evidence until OKX provides a full explanation.
Security Stakes Rise as OKX Pushes into U.S. DeFi
Just this week, OKX launched decentralized trading for U.S. users, giving Americans access to tokens across Solana, Base, and its own X Layer network, while promoting self-custody features as a core advantage.
This upgrade followed a $505 million DOJ settlement, making security scrutiny even more acute. As DEX volumes surge, OKX is pushing hard into CeDeFi — but even a hint of a hidden wallet flaw threatens to undercut that entire effort.
What Comes Next
The community is now watching three fronts: OKX’s promised forensic report, SlowMist’s confirmation of a key leak, and the open 10 BTC bounty that has researchers probing the wallet code for anything resembling a backdoor.
Whether the breach stems from user error, device compromise, malware, or something deeper remains unresolved. What is clear is that OKX’s reputation, and broader confidence in self-custody wallets, is being stress-tested in real time.