SSV Labs CEO Assures Protocol Integrity After Validator Hacks

• SSV Labs confirms protocol has not been compromised
• Cut-off incidents linked to external key errors
• Ankr acknowledges operational failure and cooperates in the investigation

SSV Labs sought to reassure its staking community following a series of slashing incidents involving Ethereum validators on the network. The company's CEO, Alon Muroch, stated that the SSV Network's infrastructure remains intact and that there is no need for action by operators or participants.

The incidents, recorded on validators operated by Ankr and on a cluster migrated from Allnodes, raised questions about the protocol's security. Muroch reinforced in a post on X that "SSV is NOT compromised," highlighting that the incidents were caused by external factors related to improper key management.

🚨 Update on Slashing Incident 🚨

tl;dr – SSV is NOT compromised, you don't need to take any action!

– Earlier today, several validators were slashed.
– One incident involved @ankr validators:
– After reviewing logs and speaking directly with Ankr, they…

— Alon Muroch (@AmMuroch) September 10, 2025

A post-mortem report from the technical team revealed The first alert was recorded at 11:51 UTC, followed 90 minutes later by a second, more widespread incident affecting 39 validators. Analysis of the logs revealed no double-signature failures or any indication of protocol compromise. "We analyzed the logs from both incidents and found NOTHING to indicate double-signature or SSV failure," Muroch stated.

The SSV Network operates with distributed validation technology, which divides validators' private keys into multiple shards controlled by independent operators. This model reduces the risk of hacks and security breaches, but its effectiveness depends on the keys remaining exclusively within the network ecosystem.

The most serious incident was attributed to Ankr, which admitted to having triggered active validators on two different infrastructures due to a configuration error. The company immediately deactivated the compromised operators and collaborated with SSV Labs to confirm the source of the problem. The smaller case, associated with a validator migrated from Allnodes, is still under investigation, but evidence points to issues in secondary configurations.

The SSV Labs team emphasized that the episode reinforces the importance of rigorous key management in unique, secure environments, with safeguards against slashing. Although affected validators will face penalties, the protocol continues to operate normally, preserving trust in the Ethereum-based staking infrastructure.