Unleash Protocol, an intellectual property focused platform operating within the Story ecosystem, suffered a security breach that resulted in the loss of approximately $3.9 million worth of digital assets. Blockchain security firm PeckShield reported that the incident stemmed from a governance failure that allowed an attacker to gain administrative control over the protocol’s smart contracts. According to the findings, the unauthorized access enabled contract upgrades outside approved governance processes, allowing assets to be withdrawn and transferred from the platform. The breach was disclosed by Unleash earlier in the day, although the total financial impact was only later quantified through onchain analysis. The incident adds to a growing list of governance related exploits affecting decentralized applications during 2025.

Following the withdrawals, the attacker bridged the stolen assets to Ethereum and moved more than 1,300 ether through Tornado Cash in an apparent effort to obscure transaction trails. Assets impacted by the exploit included WIP, USDC, WETH, stIP, and vIP, according to statements from the protocol. Onchain data indicates the funds were transferred using third party infrastructure before being routed to external addresses. Both Unleash and independent analysts noted that the breach did not originate from a flaw in Story Protocol itself, but rather from weaknesses in Unleash’s multisignature governance setup.

In response to the incident, Unleash Protocol has paused all platform operations while a full investigation is underway. The team said it is working with independent security experts and forensic investigators to determine the root cause and assess potential recovery options. Users have been advised not to interact with Unleash smart contracts until further updates are issued. The exploit highlights persistent risks tied to governance design in decentralized systems, particularly for protocols handling tokenized assets and intellectual property rights. As regulators and investors continue to scrutinize security standards across the sector, governance failures remain a key vulnerability for emerging blockchain based financial platforms.