---
title: "Ctrl Wallet Shuts Down Permanently, No Refunds Offered"
date: 2026-07-07
author: "Kathleen Kinder"
featured_image: "https://coinlaw.io/wp-content/uploads/2026/07/ctrl-wallet-shuts-down-permanently.jpg"
categories:
  - name: "Cryptocurrency"
    url: "/crypto.md"
tags:
  - name: "News"
    url: "/tag/news.md"
---

# Ctrl Wallet Shuts Down Permanently, No Refunds Offered

The multichain wallet Ctrl, according to Ctrl’s own notice, will be permanently shut down, giving users until August 3, 2026 to move assets before most features go dark.

## Key Takeaways

- Ctrl Wallet, formerly XDEFI and founded in 2020, is closing permanently with no token migration, airdrop, or refund program.
- The wallet was removed from the App Store, Play Store, and browser extension stores this week, though installed apps keep working until the shutdown.
- Users have two options before August 3: export the recovery phrase into another wallet, or transfer assets directly to another wallet or exchange.
- The closure lands the same week its Cardano wallet SecondFi will not resume normal operations after a 374-address, roughly $2.4 million exploit.
- Ctrl Wallet supports over 2,500 blockchains, including Cardano, putting two prominent Cardano-ecosystem wallets, Ctrl and SecondFi, in wind-down mode within days of each other.

## What Happened?

Ctrl Wallet’s shutdown notice gives no reason for the closure and does not reference any security incident. **Ctrl Wallet** was removed from the App Store, Play Store, and browser extension stores, and is no longer available for new downloads, though already-installed apps continue functioning normally until August 2.

From the deadline onward, all wallet features will be disabled except recovery-phrase export. Ctrl’s recommended path is exporting the **12 or 24 word** recovery phrase into a compatible wallet such as MetaMask, [Trust Wallet](https://coinlaw.io/trust-wallet-statistics/), or Phantom. The alternative is moving assets to another wallet or a centralized exchange such as Binance or Coinbase before the cutoff.

Ctrl was explicit that no compensation is coming.

“

No. Ctrl Wallet is simply shutting down. There is no official “Ctrl migration token,” compensation airdrop, or refund programme.

CTRL Wallet





The company warned that any “**Ctrl Wallet Migration Airdrop**” or refund-claim site asking users to connect a wallet is a scam, and said it will never ask for a user’s recovery phrase.

> Ctrl Wallet is shutting down.  
>   
> Starting 3 August 2026, sending, receiving, swapping and dApp connections within the app will no longer be available.  
>   
> The one thing you’ll still be able to do is export your recovery phrase.  
> Here’s what you need to know. 🧵  
>   
> 1/3
> 
> — Ctrl Wallet ✜ (@Ctrl\_Wallet) [July 7, 2026](https://x.com/Ctrl_Wallet/status/2074310251378270343?ref_src=twsrc%5Etfw)

 ## The Cardano Wallet Ecosystem’s Rough Week

Ctrl’s shutdown arrives days after **EMURGO**, a co-founding entity of Cardano, confirmed that its wallet **SecondFi** would not return to service even once security audits finish. Although we believe unaffected users remain safe, SecondFi will not resume normal operations, EMURGO CEO **Phillip Pon** wrote, adding that the company’s role is now limited to a dedicated asset-recovery team.

The SecondFi breach traces to a sophisticated automated attack discovered on June 22 that compromised **374 wallet addresses** across four distinct draining events, three of them carried out by external threat actors. EMURGO put the loss at approximately **16 million ADA**, worth roughly **$2.4 million** at the time. Emergency responders secured about 129 million ADA, routed to an independent third-party custodian pending an external accounting audit.

The root cause was a coding flaw, not a phishing attack. EMURGO said the affected signer used a deterministic **nonce derivation flaw** that leaked enough data with every signed transaction to mathematically reconstruct a wallet’s private key from public blockchain data alone.

EMURGO is now building a quarantined wallet-check site, a secure wallet-export tool, and an in-person migration workshop in Tokyo. Critically, the company warned that restoring an affected recovery phrase into another [Cardano wallet](https://coinlaw.io/cardano-statistics/) does not remove the risk. The compromised keys stay exposed regardless of which app holds them, a caution worth heeding whenever a provider reports a key-level defect.

## Two Wallets, Two Very Different User Outcomes

Both **Ctrl** and **SecondFi** are [non-custodial wallets](https://coinlaw.io/self-custody-wallet-statistics/), meaning neither company ever controlled user funds. That structure is why Ctrl can walk away without a refund program: it has nothing of the user’s to return. The two firms’ wind-downs, arriving in the same week, land very differently for the people affected.

Ctrl’s users lose nothing to a defect. They have a deadline to migrate self-custodied assets a provider chose to stop supporting, and the company owes them nothing beyond the export tool it already built.

EMURGO also went further than Ctrl on accountability, saying it will be submitting formal incident reports to the relevant authorities and pursuing every available legal avenue to recover lost assets and hold responsible parties accountable. What recourse the **374** affected wallet holders actually have, and who counts as a “**responsible party**” in an architecture designed to keep the provider outside the custody chain, remains the open legal question EMURGO’s statement raises but does not answer.

## Ctrl Wallet Shutdown Timeline

WindowMilestoneNow through August 2Full functionality: send, receive, swap, dApp access, and recovery-phrase export all work normallyThis weekRemoved from App Store, Play Store, and browser extension stores; no longer available for new downloadFrom August 3 onwardAll features disabled except opening the app to export the recovery phraseA hard deadline plus mass forced migration is a predictable phishing setup, and both companies are already fighting it. Ctrl flagged fake migration airdrop and refund claim sites. SecondFi has spent weeks documenting fraudulent support emails and fake websites impersonating the company. Anyone migrating between wallets mid-deadline should verify instructions only through each provider’s official channel, never a link shared in a message.

## CoinLaw’s Takeaway

Ctrl Wallet’s closure is a routine, if abrupt, product wind-down: a non-custodial provider owes users an export path, not a refund, and it delivered exactly that with a five-week runway. What makes the timing notable is the company it’s keeping.

In the same week, Cardano’s largest wallet provider confirmed its own software defect permanently compromised **374** user addresses, and responded with a voluntary recovery fund plus a pledge to pursue “**every available legal avenue**” against responsible parties. The gap is instructive for anyone still parsing what “**not your keys, not your coins**” actually promises.

Definition of Airdrop. Link to full glossary entry follows the description.**Airdrop**An airdrop is a distribution of cryptocurrency tokens to wallet addresses to reward users, bootstrap a community, or decentralize protocol governance.

[Read more](https://coinlaw.io/glossary/airdrop/)