加密货币日报 4月17日｜2026年4月14日，cow.fi域名遭攻击者通过社会工程学手段劫持，导致用户访问该域名时…｜BTC/ETH/SOL

💡 2026年4月17日（周五）加密货币市场核心摘要：今日共收录 150 条热门新闻和 30 条 Twitter 热议。市场整体情绪中性（看涨 0 / 看跌 0 / 中性 150）。今日高频提及：BTC、ETH、SOL。今日最受关注：2026年4月14日，cow.fi域名遭攻击者通过社会工程学手段劫持，导致用户访问该域名时被引导至钓鱼网站，预估用户损失约120万美元；目前域名已恢复并启用注册…

📊 2026年4月17日 市场速览

指标	数据
📰 热门新闻	150 条（A级 121 条）
🐦 热门推文	30 条
🟢 看涨 / 🔴 看跌 / ⚪ 中性	0 / 0 / 150
📈 市场情绪	中性
🏷️ 热门币种 Top 10	BTC(72次)、ETH(49次)、SOL(43次)、TRUMP(39次)、JST(16次)、ORDER(15次)、LAYER(10次)、SNT(9次)、ACT(6次)、CROSS(6次)、SIX(6次)、PRIME(6次)、C(6次)、MET(6次)、TRUST(5次)

💰 看到市场机会？通过大白课堂注册可享手续费返佣：Bybit 40% 永久返佣（邀请码 DABAI）| Bitget 60% 返佣（邀请码 DABAI50）

---

🔥 今日重点新闻详细报道（12 条 A 级）

1. 2026年4月14日，cow.fi域名遭攻击者通过社会工程学手段劫持，导致用户访问该域名时被引导至钓鱼网站，预估用户损失…

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：tree ｜ Web3与加密货币

2026年4月14日，cow.fi域名遭攻击者通过社会工程学手段劫持，导致用户访问该域名时被引导至钓鱼网站，预估用户损失约120万美元；目前域名已恢复并启用注册表锁定，服务正常运行。

英文原标题：POST MORTEM: Cow.fi Domain Hijack Date: April 16, 2026 Status: Published — investigation ongoing Classification: Supply-chain attack (domain registrar/registry level) Current Status: swap.cow.fi is fully operational and safe to use. The domain has been recovered, restored to our AWS account with a registry lock, and all services are running normally. You can use CoW Swap with confidence. The information presented in this incident report reflects our current understanding of events based on the evidence and communications available to us as of the date of publication. We are awaiting formal postmortem reports from the third-party service providers involved and will update this document in the event that any information received materially alters the factual account set forth herein. Executive Summary On April 14, 2026, the cow.fi domain was hijacked through a social-engineering attack targeting the .fi domain registry (Traficom) and the registrar (Gandi SAS) used by AWS Route 53, our DNS provider. For a period of several hours, users who visited cow.fi or swap.cow.fi were served a phishing site instead of the real CoW Swap interface. We know this was a frightening experience for our community, and we want to be fully transparent about what happened, what it means for our users, and what we’re doing about it. This was not a breach of CoW Protocol’s systems — our hosted zone, frontend, backend APIs, smart contracts, and all signing infrastructure remained intact and uncompromised throughout the incident. The attacker exploited weaknesses in the .fi registrar transfer process to redirect the domain’s DNS delegation away from our AWS Route 53 nameservers to attacker-controlled Cloudflare nameservers. The attack occurred entirely within the domain registration supply chain, specifically at the interface between the Finnish domain registry (Traficom) and the registrar (Gandi SAS, selected unilaterally by AWS). No CoW Protocol infrastructure was compromised. This incident is part of a documented pattern of .fi domain hijacks targeting crypto projects. The team confirmed the compromise within 19 minutes of initial detection and migrated services to cow.finance within approximately 2 hours. The domain was fully recovered on April 15 at ~16:54 UTC and restored to our AWS account with a registry lock applied – directly enacted at registrar level, something previously technically unavailable by AWS Route 53. By the evening of April 15, all services were back on cow.fi. We are deeply grateful to Blockaid, the NETIM team, NCSC-FI, Seal911, and the many community members and partners who helped flag and respond to this attack quickly. What Happened – and What Did Not What happened An attacker socially engineered the .fi domain registration system. Impersonating a senior contributor related to CoW DAO, they submitted falsified identification documents to Traficom (the Finnish Communications Regulatory Authority, which operates the .fi TLD registry), which led to a dispute process being raised against the registrar. During this process, the domain’s registered contact email was changed to an attacker-controlled address and DNS transfer was generated — both before the domain transfer took place. The mechanism by which these changes were made has not yet been determined. These changes ultimately enabled the attacker to transfer cow.fi to a different registrar (NETIM), redirect its nameservers, and serve malicious content. We have not yet received postmortems from AWS & Gandi and we will update this document when new information from those sources comes to light. What did NOT happen Our DNS infrastructure was not breached. AWS Route 53, which is the DNS service provider that hosts our DNS zone, was never accessed or modified by the attacker. Querying our AWS nameservers directly continued to return correct records throughout the incident. Our web infrastructure was not compromised. The Vercel-hosted frontend, backend APIs, and cloud infrastructure were untouched. The phishing site was served from the attacker’s own infrastructure (identified by x-turbo-charged-by: LiteSpeed headers, not our Vercel/Next.js stack). The smart contracts and protocol were not affected. The CoW Protocol settlement contracts, solvers, and order flow were never at risk. No credentials or keys were leaked. The attack required no access to any CoW-held secret. It exploited the registrar transfer process at the registry level. AWS did not facilitate the transfer. AWS confirmed: “The domain cow.fi was transferred out of your AWS account pursuant to a request made to Traficom. […] AWS did not facilitate this transfer.” How the Attack Worked The supply-chain vulnerability Domain names are managed through a layered system: the registry (Traficom, for .fi domains) maintains the authoritative database, while registrars (in our case, Gandi SAS, operating through AWS Route 53) act as intermediaries. A registrar transfer moves a domain from one registrar to another — and when that happens, the new registrar account to which the transfer was made gains the ability to change nameserver (NS) records at the registry level, effectively controlling where the domain points. The attacker exploited this system, not our infrastructure. Attack sequence This section relates only to the attack behaviour of attacker, for the avoidance of doubt. Phase 1 — Social engineering the registry (late March – early April) The attacker contacted Traficom impersonating a senior contributor related to CoW DAO, claiming that AWS/Gandi had refused to provide a transfer key. Traficom opened an investigation and requested clarifications from Gandi, which went unanswered past the April 7 deadline. Phase 2 — Unauthorized registrar actions (April 14, 12:16–12:43 UTC) According to Traficom’s .fi registry logs: At 12:16 UTC, Gandi changed the domain holder contact email from CoW’s legitimate address to an attacker-controlled email. At 12:43 UTC, Gandi created a new registrar transfer key. These actions, logged at the registry level, occurred without authorization from CoW Swap, CoW DAO, or any associated person or entity. How the attacker was able to compel Gandi to perform these actions is still under investigation. Phase 3 — Domain transfer and phishing deployment (April 14, ~13:38–14:57 UTC) Armed with the transfer key provided by Gandi, the attacker transferred cow.fi to NETIM, pointed the NS records to Cloudflare nameservers under their control, obtained a wildcard Let’s Encrypt SSL certificate, and deployed a phishing site that mimicked the CoW Swap interface. The initial phishing payload triggered wallet connection prompts on click, leading to malicious transactions. Phase 4 — Attack escalation (April 14, ~17:30–19:42 UTC) Over the course of the incident, the attacker escalated their tactics: Seed phrase theft (~17:49 UTC): Updated phishing page with fake wallet unlock modals (mimicking Rabby, Coinbase Wallet, etc.) prompting users for seed phrases and passwords. Fallback domain (~19:42 UTC): After NETIM placed cow.fi on hold, the attacker redirected to swap.cow-s.fo on a Faroe Islands TLD. Detection & Response Timeline The CoW Swap team detected the issue within minutes and moved immediately to protect users. Here’s how events unfolded: Detection & initial response (April 14) Investigation & recovery (April 15) Post-recovery (April 16) Time from detection to confirmed compromise: 19 minutes Time from detection to alternative domain operational: ~3.5 hours Time from detection to attacker’s nameservers disabled: ~4.5 hours Time from detection to full domain recovery: ~26 hours Time from recovery to all services restored on cow.fi: ~4 hours Technical Analysis DNS delegation hijack The attack operated at the .fi TLD registry level. Traficom’s authoritative nameservers for the .fi zone were updated to delegate cow.fi to the attacker’s Cloudflare nameservers, completely bypassing AWS Route 53. Our AWS Route 53 hosted zone remained untouched — querying our nameservers directly returned the correct Vercel IP throughout the incident. But because the .fi TLD delegation pointed elsewhere, no recursive DNS resolver in the world was querying our nameservers anymore. Registrar chain The attacker bypassed AWS entirely by going directly to Traficom: Phishing infrastructure fingerprints The attacker’s infrastructure was identifiably different from CoW Protocol’s legitimate stack: x-turbo-charged-by: LiteSpeed (our stack uses Vercel/Next.js) server: cloudflare via attacker’s own Cloudflare account No x-vercel-id or x-powered-by: Next.js headers Wildcard Let’s Encrypt cert issued day-of-attack (vs. our existing cert from February 2026) NS record progression Subdomain impact during the attack Why DNSSEC, CAA, CSP, and SRI would not have prevented this Several common security measures are frequently suggested after DNS-related incidents. None of them would have prevented or meaningfully mitigated this attack, because the attacker operated at the registry level and served their own infrastructure — not a tampered version of ours: DNSSEC protects against resolver-level cache poisoning — an attacker injecting forged DNS responses between a resolver and a nameserver. In this incident, the attacker obtained a legitimate registry-level transfer and controlled the NS delegation at the TLD. With full delegation control, the attacker could publish their own DNSSEC keys or simply not sign the zone. DNSSEC does not protect against the registry itself being socially engineered. CAA records allow a domain owner to specify which certificate authorities may issue certificates for the domain. However, the attacker controlled the DNS and could have added a CAA record permitting their preferred CA before requesting the certificate. CAA only prevents mis-issuance when the attacker does not control the domain’s DNS — the opposite of this scenario. CSP (Content Security Policy) and SRI (Subresource Integrity) are defenses against supply-chain tampering of your own application — for example, a compromised CDN injecting malicious scripts into your page. In this attack, the attacker did not tamper with the legitimate CoW Swap application. They served a completely separate phishing page from their own server. When the attacker controls the entire origin, they set (or omit) whatever headers they want. CSP and SRI on the legitimate site have zero effect on traffic that never reaches the legitimate server. DNS TTL configuration was not a contributing factor. The legitimate zone’s 60-second TTL is a standard AWS Route 53 configuration. During the attack, the .fi TLD delegation itself was changed (with a 21,600-second / 6-hour TTL at the TLD level), making the zone’s own TTL irrelevant to propagation of the malicious records. Communication challenges during the incident Because the domain was hijacked, all @cow.fi email addresses were unreachable during the incident. The team had to coordinate through alternative email addresses (including newly provisioned @cow.finance addresses), Slack, and direct phone contacts shared via separate channels. Abuse reports and registrar communications required using alternative emails, with team members explicitly noting the domain hijack to explain why official company emails were unavailable. This significantly complicated and slowed communications with registrars, Traficom, and hosting providers — none of which had 24-hour abuse hotlines or responsive emergency contacts. Root Cause This was a supply-chain attack exploiting the .fi domain registrar transfer process. The attacker did not need to breach any CoW system. They exploited the trust relationships and procedural gaps in the domain registration supply chain: Social engineering of Traficom — Evidence shows the attacker submitted falsified documentation to Traficom impersonating a senior contributor related to CoW DAO, which led to a dispute process being raised against the registrar. Gandi’s failure to respond — According to Traficom, Gandi did not respond to Traficom’s clarification request by the April 7th deadline, removing a potential checkpoint that could have stopped the process. Unauthorized domain holder changes — Registry logs confirm that the domain’s registered contact email was changed to an attacker-controlled address. After that, the DNS records changed while the domain was under management of Gandi and the domain was transferred shortly thereafter. These changes occurred without authorization from CoW Swap. The mechanism by which these changes were made has not yet been determined and remains under active investigation. Contributing factors Several systemic weaknesses in the .fi domain ecosystem enabled this attack: Weak identity verification at the registry level. The attacker was able to advance a transfer dispute using confirmed-fake identity documents and company registration records that were treated as credible enough to continue the process. No RegistryLock was enabled. RegistryLock was not enabled on cow.fi prior to the attack. While it is now enabled post-recovery, the .fi TLD did not support transfer lock (clientTransferProhibited) via AWS Route 53. RegistryLock adds an out-of-band verification step before any registry-level changes. However, since the attack went through Traficom’s own dispute resolution process — and Traficom is the entity that administers RegistryLock for .fi — its effectiveness depends on whether Traficom’s RegistryLock removal process requires stronger verification than their standard transfer dispute process. Limited emergency contacts at registrars and registry. Neither Gandi nor NETIM had working 24-hour abuse hotlines. Traficom’s NCSC-FI CERT did respond to an email within approximately one hour, but the initial response did not advance recovery. The team had to reach registrar executives through personal networks and word-of-mouth to initiate the recovery process. Impact Infrastructure impact Domain hijack: Starting from ~13:38 UTC on April 14, cow.fi and several subdomains started resolving to an attacker-controlled webpage instead of legitimate CoW DAO services. In the meantime, CoW DAO’s infrastructure was migrated to cow.finance (migration completed at ~18:25 UTC). The DNS records of cow.fi stopped pointing to the attacker infrastructure at ~19:37 UTC, but the cow.fi domain may have still been resolved to the malicious website after that because of the time needed to propagate the DNS changes. No backend or protocol impact: CoW Protocol smart contracts and onchain infrastructure, backend APIs and solver network, user funds held in the protocol, private keys and signing infrastructure, and AWS/Vercel/EKS infrastructure were all unaffected. User impact Phishing exposure: Users visiting cow.fi or swap.cow.fi between approximately 13:38 UTC and 19:34 UTC on April 14 were served a phishing site. The phishing site attempted wallet draining, seed phrase collection, and password theft. Estimated losses: While it is difficult to verify all claims, we conducted an initial internal analysis to assess the impact on CoW Swap users specifically. Based on this analysis, we estimate the likely loss attributable to users at approximately ~$1.2M. ⚠️ If you visited cow.fi between ~13:38 and ~19:37 UTC on April 14 The phishing site was active during this window. If you visited cow.fi or swap.cow.fi during this time, please take the following steps: Review and revoke suspicious approvals. Check your wallet for any token approvals you don’t recognize and revoke them. You can use tools like revoke.cash to review your approvals. When re-approving tokens for CoW Swap, make sure you are only signing approvals to 0xC92E8bdf79f0507f65a392b0ab4667716BFE0110 — the original GPv2VaultRelayer contract. If an approval request points to any other address, do not sign it. Review your recent transactions. Check your wallet’s transaction history for any activity you don’t recognize during the incident window. If you see unfamiliar transactions, take note of them and reach out to us. If you’re unsure whether you were affected, please reach out to us – by email at help@cow.fi, on Discord, or on Twitter – we will do our best to help. Ongoing Investigation Traficom’s detailed chronology (received April 15) confirmed key facts: Traficom did not change holder data or instruct Gandi to issue a new transfer key. The fraudulent documentation submitted by the attacker included forged identity documents, altered company registration records, fabricated AWS support chat transcripts, and AI-generated financial documents. The following questions remain open: How did Gandi change the holder email and create a new transfer key without authorization from CoW Swap? Traficom’s registry logs clearly show these changes originated from Gandi’s EPP session. Whether this was due to social engineering of Gandi staff, a procedural failure, or another vector is still unknown. What is the full scope of the .fi registrar transfer vulnerability? Prevention, Remediation & Next Steps Why this specific attack cannot happen again The attack vector that enabled this hijack has been closed. RegistryLock is now applied. The cow.fi domain has a registry-level lock (RegistryLock: locked) at Traficom. This prevents any registrar transfer, NS change, or holder contact modification without explicit, out-of-band verification — the exact steps the attacker exploited are now gated by additional authentication that cannot be bypassed through social engineering of a single party – this was enabled at registrar level, which was not previously possible through our DNS provider, Amazon Route 53. DNS records have been audited and hardened. A full audit of all DNS records was completed. Unused records were removed, and subdomain takeover vectors (e.g., GitHub Pages) were closed through domain verification challenges. A formal ICANN complaint has been filed regarding the registrar transfer process failures. A comprehensive security review is underway. We are taking this incident seriously and engaging Mandiant Cybersecurity Consulting, an external security firm, to conduct a comprehensive review of our security posture across both web3 and web2 infrastructure — inclusive of domain management, registrar configurations, DNS security, and operational security practices. Legal enforcement We are currently exploring potential legal recourse against involved parties with qualified external law firms, including possible claims based on failures in the transfer process, inadequate verification of authority, mishandling of transfer credentials, interference with our rights as lawful domain holder, and any breach of applicable registrar duties under the relevant .fi framework. User Losses and Refund Considerations Any proceeds recovered through legal enforcement actions against the involved parties will be allocated toward reimbursing users who incurred losses as a result of this incident. Any additional reimbursement measures, beyond funds recovered through legal channels, would be subject to a decision by the CoW DAO governance process. Contributors to CoW DAO will actively support these two processes, including providing updates on the legal strategy and any developments related to potential claims, as well as engaging in relevant CoW DAO governance discussions. Action tracker This document will be updated as the investigation progresses.

英文摘要：On April 14, 2026, the cow.fi domain was hijacked by attackers using social engineering techniques, causing users to be redirected to phishing websites when they accessed the domain, with estimated user losses of approximately $1.2 million. The domain has now been restored and a registry lock has been enabled, and the service is operating normally.

🏷️ 相关币种：SNT · BASED · TURBO · IP · TRUST · LIGHT

🔗 阅读原文报道 →

---

2. 比特币因轧空行情价格突破75000美元，导致市场清算总额超过2.83亿美元。

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：Cointelegraph ｜ Web3与加密货币

比特币因轧空行情价格突破75000美元，导致市场清算总额超过2.83亿美元。

英文原标题：Bitcoin liquidations top $283M after short squeeze sends BTC price above $75K

英文摘要：Bitcoin's price broke through $75,000 due to a short squeeze, resulting in a total market liquidation of over $283 million.

🏷️ 相关币种：BTC

🔗 阅读原文报道 →

---

3. 因轧空推动BTC价格突破75000美元，比特币清算额超过2.83亿美元。

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：tree ｜ Web3与加密货币

因轧空推动BTC价格突破75000美元，比特币清算额超过2.83亿美元。

英文原标题：COINTELEGRAPH: Bitcoin liquidations top $283M after short squeeze sends BTC price above $75K

英文摘要：The short squeeze pushed the price of Bitcoin above $75,000, with Bitcoin liquidations exceeding $283 million.

🏷️ 相关币种：BTC

---

4. 国内公布一季度GDP增5%等经济数据，网信办整治金融信息乱象；国际特朗普提及美伊核协议及黎以停火，美联储官员对降息表态分…

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：jin10 ｜ Web3与加密货币

国内公布一季度GDP增5%等经济数据，网信办整治金融信息乱象；国际特朗普提及美伊核协议及黎以停火，美联储官员对降息表态分歧，台积电利润大增，美军扩大对伊朗物资封锁。

英文原标题：国内新闻：
1. 一季度国内生产总值同比增长5.0%。
2. 国家网信办持续整治网上金融信息乱象。
3. 国务院国资委召开中央企业低空经济产业发展专题推进会。
4. 财政部、住建部：开展2026年度中央财政支持实施城市更新行动。
5. 中国已就限制向美国出口先进太阳能制造设备进行初步沟通？商务部回应：不了解相关情况。
6. 贵州茅台2025年实现营业收入1688.38亿元，同比下降1.21%；归母净利润823.2亿元，同比下降4.53%。
7. 中方回应特朗普制裁购伊石油国家：一贯反对没有国际法依据、未经联合国安理会授权的非法单边制裁。
8. 统计局：3月份，一线城市新建商品住宅销售价格环比由上月持平转为上涨0.2%；规模以上工业增加值同比实际增长5.7%。
国际新闻：
1. 台积电第一季度利润大增58%，超预期、创新高。
2. 俄军大规模空袭乌克兰多城，基辅、敖德萨等均遭重创。
3. 美国能源部长赖特：将采取更多措施以保持汽油价格低位。
4. 白宫拟向主要联邦机构开放Anthropic模型Mythos的使用权限。
5. 国际能源署署长警告：欧洲航空燃油库存仅够6周，部分航班取消在即。
6. 美联储—威廉姆斯：如果通胀回落至2%，降息是合适举措，但目前还没有到这个阶段；米兰：倾向于今年降息3次，也可能4次；截至今晨，利率期货对今年全年累计降息定价幅度约为9BP。
7. 伊朗局势—
①特朗普：已获一份“极具分量”的声明，以确保伊朗不会拥有核武器，有效期将超过20年。美伊可能周末复谈。愿意前往巴基斯坦推动协议达成。
②特朗普称黎以同意为期10天的停火、以总理称同意停火，将在黎南部维持驻军、黎总理欢迎特朗普宣布的停火声明。
③伊朗消息人士：美伊降低全面和平协议雄心，转而寻求达成临时协议。
④巴基斯坦外交部：美伊愿意举行会谈，进程仍在继续。下一轮美伊会谈日期尚未确定。
⑤美军已扩大对伊朗航运物资封锁范围，将武器、弹药、原油、成品油、钢铁、铝等纳入其中。

英文摘要：Domestically, China released economic data including a 5% increase in first-quarter GDP; the Cyberspace Administration of China rectified irregularities in financial information. Internationally, Trump mentioned the US-Iran nuclear agreement and the Lebanon-Israel ceasefire; Federal Reserve officials expressed differing opinions on interest rate cu…

---

5. 4月17日中东局势跟踪显示，美伊双方军事对峙升级但同时寻求临时停火协议，以黎停火谈判有进展但存分歧，霍尔木兹海峡封锁与航…

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：jin10 ｜ Web3与加密货币

4月17日中东局势跟踪显示，美伊双方军事对峙升级但同时寻求临时停火协议，以黎停火谈判有进展但存分歧，霍尔木兹海峡封锁与航运博弈持续，多方势力参与局势相关行动。

英文原标题：【金十数据整理：中东局势跟踪（4月17日）】
伊朗
1. 伊朗武装部队：伊方军队已做好全面防御准备。
2. 伊朗陆军高级官员：“12日战争”后自杀式无人机产量已提升约10倍。
3. 伊朗最高领袖军事顾问穆赫辛·雷扎伊：伊朗导弹发射装置已准备好击沉所有美国军舰。
4. 伊朗陆军发言人：伊朗武装力量当前随时处于高度戒备状态。“不能让任何一名入侵者活着离开”。
美国
1. 美防长：若伊朗不达成和平协议，美军已准备好重启作战行动。
2. 美方对伊朗启动代号为“经济狂怒”的行动，对伊朗施加最大化的经济压力。
3. 美国中央司令部：继续监视和巡逻相关区域水域，对进入或离开伊朗港口的船只实施封锁。
4. 美军已扩大对伊朗航运物资封锁范围，将武器、弹药、原油、成品油、钢铁、铝等纳入其中。
以色列
1. 以军称打死哈马斯多名指挥官。
2. 以色列部长：以总理将与黎巴嫩总统通电话。
3. 黎巴嫩一名高级安全官员表示，以色列的空袭切断了连接黎巴嫩南部与该国其他地区的最后一座桥梁。
霍尔木兹海峡
1. 伊朗——①据伊朗学生通讯社：德黑兰计划通过伊朗银行收取霍尔木兹海峡通行费。
2. 美国——①白宫高级官员称美国可“无限期”封锁伊朗港口。②美国中央司令部：14艘船只已调头以遵守封锁令。
3. 其他——①德媒：德国准备参与霍尔木兹海峡安全保障行动。②近日穿越霍尔木兹海峡的大多数货船都采用了伊朗所规定的航线。③内塔尼亚胡：特朗普告诉我，他决心继续封锁霍尔木兹海峡，并拆除伊朗的核能力。④航运数据显示，尽管美国对前往伊朗港口的船只实施了封锁，但第二艘受美国制裁的超级油轮已通过霍尔木兹海峡进入波斯湾。
停火谈判
1. 伊朗——①伊朗消息人士：美伊降低全面和平协议雄心，转而寻求达成临时协议。②伊朗驻巴基斯坦大使：伊朗下一轮谈判代表团或仍由议长率领。③伊朗高级官员：在巴基斯坦军方官员访问后，延长美伊停火和举行第二轮谈判的希望更大。在核问题上仍存在根本分歧。④伊朗驻巴基斯坦大使：伊斯兰堡是与美国进行谈判的唯一地点。
2. 美国——①特朗普：美伊可能周末复谈。或前往巴基斯坦推动与伊朗达成协议。②特朗普称黎巴嫩与以色列将停火10天。③美国务院：以黎停火协议可通过双方同意予以延长。④特朗普：我们现在与伊朗的关系非常好。伊朗几乎同意所有事项。伊朗已同意他们不会拥有核武器。
3. 以色列——①以总理称同意停火 将在黎南部维持驻军。和平协议“必须包括解除黎真主党武装”。②以媒：从媒体上得知与黎停火，以色列高官又惊又怒。
4. 其他——①黎巴嫩总理欢迎特朗普宣布的停火声明。②巴基斯坦外交部：美国和伊朗愿意举行会谈，进程仍在继续。下一轮美伊会谈日期尚未确定。③真主党议员哈桑·法德拉拉：我们收到伊朗驻贝鲁特大使的通知，可能在今晚开始为期一周的停火。此次可能达成的停火是伊朗外交努力的结果。
其他情况
1. 黎真主党：只要占领持续，黎巴嫩就有权抵抗。
2. 也门胡塞武装谴责美国以强加条件方式推进谈判。
3. 海湾国家和欧洲官员认为美国需六个月才能达成伊朗协议。
4. 黎巴嫩总统：同美国国务卿鲁比奥通话。不会与以色列总理通话。

英文摘要：The Middle East situation tracking report on April 17 showed that the military standoff between the US and Iran escalated while both sides sought a temporary ceasefire agreement, the ceasefire negotiations between Israel and Lebanon made progress but differences remained, the blockade of the Strait of Hormuz and the shipping game continued, and mul…

---

6. 伊朗外交部发言人表示，伊朗欢迎黎巴嫩停火，称其为巴基斯坦调解的伊美停火协议的一部分。

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：Reuters ｜ Web3与加密货币

伊朗外交部发言人表示，伊朗欢迎黎巴嫩停火，称其为巴基斯坦调解的伊美停火协议的一部分。

英文原标题：Iran Welcomes Ceasefire in Lebanon, Saying It Was Part of Iran-U.S. Ceasefire Understanding Mediated by Pakistan -Iranian Media Citing Foreign Ministry Spokesperson

英文摘要：An Iranian Foreign Ministry spokesperson stated that Iran welcomes the ceasefire in Lebanon, calling it part of the ceasefire agreement mediated by Pakistan between Iran and the United States.

---

7. 美国总统@POTUS表示，伊朗不会拥有核武器，不存在20年的限制，此前被问及20年最低期限是否可接受时作出该强有力声明。

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：Twitter ｜ Web3与加密货币

美国总统@POTUS表示，伊朗不会拥有核武器，不存在20年的限制，此前被问及20年最低期限是否可接受时作出该强有力声明。

英文原标题：.@POTUS on whether a 20-year minimum for Iran to stop enriching uranium is acceptable:

“We have a statement, a very powerful statement, that they will not have — beyond 20 years — that they will NOT have nuclear weapons. There’s no 20-year limit.”

英文摘要：US President @POTUS stated that Iran will not possess nuclear weapons and that there is no 20-year limit, making this strong statement after being asked whether a minimum 20-year limit was acceptable.

🔗 阅读原文报道 →

---

8. 摩根士丹利的比特币ETF在首周获得1亿美元资金流入

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：tree ｜ Web3与加密货币

摩根士丹利的比特币ETF在首周获得1亿美元资金流入

英文原标题：DECRYPT: Morgan Stanley’s Bitcoin ETF Garners $100 Million in First Week

英文摘要：Morgan Stanley's Bitcoin ETF received $100 million in inflows in its first week.

🏷️ 相关币种：BTC

---

9. Tether主导了针对遭黑客攻击的Solana交易所Drift的1.48亿美元资金追回计划。

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：tree ｜ Web3与加密货币

Tether主导了针对遭黑客攻击的Solana交易所Drift的1.48亿美元资金追回计划。

英文原标题：DECRYPT: Tether Leads $148 Million Recovery Plan for Hacked Solana Exchange Drift

英文摘要：Tether spearheaded a $148 million recovery effort for the hacked Solana exchange Drift.

🏷️ 相关币种：SOL · DRIFT

---

10. Charles Schwab宣布推出现货比特币和以太坊交易服务，其管理约12万亿美元资产并拥有数千万用户，加密货币将直接…

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：tree ｜ Web3与加密货币

Charles Schwab宣布推出现货比特币和以太坊交易服务，其管理约12万亿美元资产并拥有数千万用户，加密货币将直接整合进传统经纪账户，传统金融与加密货币的界限进一步消失

英文原标题：JUST IN: Charles Schwab is launching spot Bitcoin & Ethereum trading. ~$12T in assets. Tens of millions of users. Crypto is now built directly into traditional brokerage accounts. The line between TradFi and crypto just disappeared.

英文摘要：Charles Schwab announced the launch of spot Bitcoin and Ethereum trading services. With approximately $12 trillion in assets under management and tens of millions of users, cryptocurrencies will be directly integrated into traditional brokerage accounts, further blurring the lines between traditional finance and cryptocurrency.

🏷️ 相关币种：JST · BTC · ETH

🔗 阅读原文报道 →

---

11. Injective因近期在美国推出受监管的$INJ期货被Cointelegraph报道，$INJ成为获CFTC批准的加密…

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：tree ｜ Web3与加密货币

Injective因近期在美国推出受监管的$INJ期货被Cointelegraph报道，$INJ成为获CFTC批准的加密资产（如$BTC、$SOL）之一，允许大型机构直接接入。

英文原标题：Injective was just featured on Cointelegraph for its recent release of regulated $INJ futures in the US. $INJ now joins a highly selective group of crypto assets such as $BTC and $SOL in having proper CFTC approval status, enabling major institutions to directly onboard.

英文摘要：Injective was recently reported by Cointelegraph for launching regulated $INJ futures in the United States. $INJ is one of the crypto assets approved by the CFTC (such as $BTC and $SOL), allowing large institutions to access it directly.

🏷️ 相关币种：SOL · SNT · INJ · JST · BTC

🔗 阅读原文报道 →

---

12. 特朗普称伊朗已同意交出其浓缩铀供应

🔥 重大事件 ｜ ⚪ 中性 ｜ 热度 95 ｜ 来源：Twitter ｜ Web3与加密货币

特朗普称伊朗已同意交出其浓缩铀供应

英文原标题：#BREAKING Trump says Iran has agreed to hand over its enriched uranium supply

英文摘要：Trump says Iran has agreed to hand over its enriched uranium supplies.

🏷️ 相关币种：BTC · ETH · SOL · TRUMP

🔗 阅读原文报道 →

---

📌 其他值得关注的新闻（15 条）

Claw Wallet与GoPlus Security达成战略合作，将为AI Agent时代构建基础…

Claw Wallet与GoPlus Security达成战略合作，将为AI Agent时代构建基础安全层，包括整合SafuSkill及部署AgentGuard Protection等措施。

🏷️ LAYER · ERA · JST ｜ 来源：tree ｜ 热度：72

⚪ 中性 钱包地址0x2ce36bb42…在Polymarket平台上以71%的概率卖出了价值1331.2…

钱包地址0x2ce36bb42…在Polymarket平台上以71%的概率卖出了价值1331.25美元的“伊朗是否会在2026年12月31日前交出浓缩铀库存”事件的“Yes”方头寸，该交易属于地缘政治相关市场的复杂对冲策略的一部分。

🏷️ iran-agrees-to-surrender-enriched-uranium-stockpile-by-december-31-2026 ｜ 来源：CORRELATION_HEDGE ｜ 热度：70

Livepeer的GPU网络适合构建AI驱动的实时购物直播，其低延迟视频AI服务成本比阿里云或腾讯云…

Livepeer的GPU网络适合构建AI驱动的实时购物直播，其低延迟视频AI服务成本比阿里云或腾讯云低60-85%，可对标中国2500亿美元规模的相关市场，有望催生西方版本应用。

🏷️ LPT · VIRTUAL ｜ 来源：Twitter ｜ 热度：70

⚪ 中性 Slash Financial融资1亿美元，估值达14亿美元，年营收近3亿美元，将推出AI代理自动化…

Slash Financial融资1亿美元，估值达14亿美元，年营收近3亿美元，将推出AI代理自动化金融任务，从球鞋转售商转型后已盈利，拟与Ramp和Brex竞争。

⚪ 中性 生命科学模型系列今日起向Amgen、moderna_tx、AllenInstitute、thermo…

生命科学模型系列今日起向Amgen、moderna_tx、AllenInstitute、thermofisher Scientific等合格客户提供研究预览，可通过ChatGPT、Codex及API使用。

🏷️ GPT ｜ 来源：Twitter ｜ 热度：70

⚪ 中性 钱包0x4bfb41d5b…在Polymarket上以99.9%概率卖出Claude 4.7在6…

钱包0x4bfb41d5b…在Polymarket上以99.9%概率卖出Claude 4.7在6月30日前发布的Yes方12200美元头寸，锁定0.1%收益，该交易占市场总交易量16%，对手方为钱包0x92a6294cd…

🏷️ claude-4pt7-released-by-june-30-854-874-372-559 ｜ 来源：SETTLEMENT_ARBITRAGE ｜ 热度：70

Sergej Kunz在戛纳EthCC上表示，AI代理通过稳定币支付其他代理、向人类支付现实世界任务…

Sergej Kunz在戛纳EthCC上表示，AI代理通过稳定币支付其他代理、向人类支付现实世界任务报酬，机器对机器经济已在发生。

⚪ 中性 @helloSQD和@BarterDeFi的联合研究指出，DeFi原设计针对人类参与者，但现正被自主…

@helloSQD和@BarterDeFi的联合研究指出，DeFi原设计针对人类参与者，但现正被自主智能体取代，现有数据、路由、流动性层仍基于人类假设，智能体需程序化路由、无锁仓流动性等新基础设施，SQD和Barter等正推动相关变革。

🏷️ ETH · OP · DAI · DRIFT ｜ 来源：tree ｜ 热度：70

⚪ 中性 钱包地址0xf99f212095在Polymarket平台以45%概率卖出5700美元关于“伊朗是否…

钱包地址0xf99f212095在Polymarket平台以45%概率卖出5700美元关于“伊朗是否在2026年6月30日前同意交出浓缩铀库存”事件的Yes方份额，减持对该潜在协议的敞口。

🏷️ iran-agrees-to-surrender-enriched-uranium-stockpile-by-june-30-2026 ｜ 来源：CORRELATION_HEDGE ｜ 热度：70

⚪ 中性 4月16日，抖音副总裁李亮回应字节近亿元挖DeepSeek核心员工传闻，称无近亿元年薪招聘，Seed…

4月16日，抖音副总裁李亮回应字节近亿元挖DeepSeek核心员工传闻，称无近亿元年薪招聘，Seed团队期权收益视业务发展波动。

⚪ 中性 4月16日欧盟提案要求谷歌向OpenAI、Anthropic等AI竞争对手开放搜索数据以遏制其影响力…

4月16日欧盟提案要求谷歌向OpenAI、Anthropic等AI竞争对手开放搜索数据以遏制其影响力，要求谷歌母公司Alphabet7月底前遵守《数字市场法案》，谷歌回应将捍卫自身，称此举危及隐私安全。

地址0xd1a41405…在Polymarket以57%概率卖出USD.AI FDV上市后一日超…

地址0xd1a41405…在Polymarket以57%概率卖出USD.AI FDV上市后一日超300M美元的Yes方6.8k美元仓位，该交易为加密货币上市前敞口的对冲，该钱包在45个市场获利24.6k美元，当前持有该头寸12k股多单，市场相关性超0.6阈值

🏷️ usdai-fdv-above-300m-one-day-after-launch-673-643-134-327-974-316 ｜ 来源：CORRELATION_HEDGE ｜ 热度：70

美国卡托研究所提出应废除加密货币资本利得税以促进竞争。

🏷️ FUEL ｜ 来源：tree ｜ 热度：70

⚪ 中性 4月16日芯原股份午后跳水跌近14%，海光信息等GPU股同步跳水，市场传其业绩不及预期等未证实“小作…

4月16日芯原股份午后跳水跌近14%，海光信息等GPU股同步跳水，市场传其业绩不及预期等未证实“小作文”，公司称有技术IP优势及客户积累，一站式能力提升利于盈利

科技股推动纳斯达克和标准普尔500指数创历史新高，比特币触及75000美元

🏷️ NASDAQ · BTC ｜ 来源：tree ｜ 热度：70

---

🐦 今日 Twitter/X 热议精选（Top 10）

💬 @@elonmusk（Elon Musk）

Fed needs to cut rates faster or we’ll have a recession. Thoughts? #Fed #Economy

❤️ 50,000 ｜ 🔁 15,000 ｜ 💬 10,000 ｜ 查看原推

💬 @@VitalikButerin（Vitalik Buterin）

Excited about the latest Ethereum upgrades pushing DeFi to new heights. TVL is soaring! #Ethereum #DeFi

❤️ 15,000 ｜ 🔁 5,000 ｜ 💬 2,000 ｜ 查看原推

💬 @@markets（Bloomberg Markets）

Fed Chair Powell signals potential rate cuts if inflation cools further. Markets react positively. #FOMC #InterestRates

❤️ 15,000 ｜ 🔁 5,000 ｜ 💬 2,000 ｜ 查看原推

💬 @@cz_binance（CZ Binance）

Binance is bridging more chains! Cross-chain swaps just got easier. #Crypto #Web3

❤️ 12,000 ｜ 🔁 4,000 ｜ 💬 1,500 ｜ 查看原推

💬 @@CNBC（CNBC）

ECB holds rates steady amid eurozone slowdown. Lagarde: ‘We are data-dependent.’ #ECB #MonetaryPolicy

❤️ 12,000 ｜ 🔁 4,000 ｜ 💬 1,500 ｜ 查看原推

💬 @@AndreCronjeTech（Andre Cronje）

Yearn Finance v3 launching with improved yield farming. Let’s maximize those returns! #DeFi #Yield

❤️ 10,000 ｜ 🔁 3,000 ｜ 💬 1,200 ｜ 查看原推

💬 @@FT（Financial Times）

BOJ hints at ending negative rates as yen weakens. Impact on global markets? #BOJ #Yen

❤️ 10,000 ｜ 🔁 3,000 ｜ 💬 1,200 ｜ 查看原推

💬 @@Uniswap（Uniswap）

Uniswap v4 is here! Faster swaps, better liquidity. Dive in! #Uniswap #DEX

❤️ 9,000 ｜ 🔁 2,500 ｜ 💬 1,000 ｜ 查看原推

💬 @@zerohedge（ZeroHedge）

Geopolitical tensions rise: How Middle East conflict could spike oil prices and force Fed’s hand. #Geopolitics #Fed

❤️ 9,000 ｜ 🔁 2,800 ｜ 💬 1,100 ｜ 查看原推

💬 @@AaveAave（Aave）

Aave’s lending pools hit new TVL records. Borrow and lend with confidence. #Aave #Lending

❤️ 8,000 ｜ 🔁 2,000 ｜ 💬 900 ｜ 查看原推

---

📚 交易所教程与返佣

看完日报想交易？大白课堂提供三大交易所的完整教程和行业最高返佣：

• 📘 Bybit 教程合集 ｜ 邀请码 DABAI ｜ 40% 永久返佣 ｜ 立即注册
• 📗 Bitget 教程合集 ｜ 邀请码 DABAI50 ｜ 60% 返佣 ｜ 立即注册
• 📙 币安教程合集 ｜ 20% 返佣

⚠️ 免责声明

本日报由 AI 自动生成，数据来源于 6551 API 聚合的全球加密货币媒体和 Twitter/X 内容。看涨/看跌信号为 AI 自动判断，仅供参考，不构成任何投资建议。加密货币交易具有高风险，请自行判断并承担风险。

🔗 想实时查看最新新闻？访问 加密货币结构化日报（English），数据每小时自动更新。

• 📢 返佣频道：t.me/dabaifanyong
• 💬 私信咨询：t.me/dabaiketang