The ledger remembers what the code forgot. On February 15, 2025, Sablier Labs announced it would cease active product development and enter maintenance mode until June 2028. The news landed with the thud of a sealed vault door. Over 345,000 Ethereum addresses have interacted with Sablier’s token streaming contracts. Yet now, the team behind those contracts is stepping back. The protocol will keep running—immutable, permissionless, and unmaintained.
For those who rely on Sablier for payroll, token vesting, or airdrops, the surface-level message is reassuring: existing streams, vesting schedules, and distributions will continue as programmed. But beneath that reassurance lies a structural fragility that demands immediate attention. I have spent years auditing smart contracts at the code level, and I know that unmaintained code is a ticking time bomb. This is not about whether the contracts work today—it’s about what happens when they break tomorrow.
Let me contextualize the event. Sablier Labs, led by CEO Paul Berg, pioneered token streaming—a mechanism that releases funds continuously over time, second by second. It was a clever solution for vesting, payroll, and grants, and it was adopted by DAOs, projects, and enterprises. The protocol sits squarely in the application layer of Ethereum’s L1, with no additional security assumptions. Its smart contracts have been battle-tested, but “battle-tested” is a static snapshot, not a guarantee. Once a team stops development, the protocol freezes in time. Every Ethereum upgrade, every new attack vector, every discovered edge case becomes an unpatched vulnerability.
Now, the core analysis. The event is not a technical failure but an operational retreat. Sablier’s technology remains sound for now—the code is deterministic, the contract storage persists. But the team’s decision to halt development means the end of safety updates and security audits. I have personally stress-tested liquidity pools and oracle manipulation scenarios; I understand that even simple contracts can hide logic flaws that only surface under novel conditions. In 2024, I led a team auditing Layer 2 dispute resolution logic and found a critical bug that could have allowed state root manipulation. That bug was patched before funds were lost, precisely because the team was active. Sablier now lacks that protection.
The quantitative dimension matters here. 345,000 unique addresses have used Sablier. That is a large surface area. But usage does not equal safety. Each active stream represents locked value that could be exposed if a vulnerability is discovered. The protocol’s TVL is not disclosed in the original announcement, but based on typical vesting amounts, the figure likely runs into hundreds of millions of dollars. Without an active team, there is no one to coordinate a response, no emergency multisig, no white-hat rescue.
Digging into the mechanics: Sablier’s core contract relies on a set of schedule-driven functions—createStream, withdrawFromStream, cancelStream—that have been audited multiple times. Past audits are memorialized on ChainSecurity and ConsenSys Diligence. But those audits reflect an earlier state of the art. New Solidity compiler bugs, new gas-tick exploits, new patterns of reentrancy have emerged since. The contracts are not upgradable by default; the only path to fix a bug would be a community-led fork. That is a non-trivial effort requiring coordination, funding, and trust. Most users will simply move to an actively maintained alternative such as Superfluid or Zebec.
Here is the contrarian angle: The conventional wisdom is that Sablier’s contracts are safe because they have been used for years without incident. I call this the “audit fallacy”—the belief that a past clean audit guarantees future safety. In reality, the risk profile of any unmaintained protocol increases over time. The Ethereum network itself evolves: upcoming EIPs could change opcode gas costs, introduce new state access patterns, or shift the consensus rules. A contract designed for the current environment may misbehave in the next. Furthermore, the team’s decision to set maintenance mode until June 2028 is suspicious. That date likely corresponds to the depletion of their treasury runway. After that point, the servers hosting the front-end, API, and explorer will go dark. Users will be forced to interact with the contract directly via Etherscan or a command-line tool. That friction will cause many to abandon their streams.
Another blind spot: the absence of any bug bounty program. Sablier no longer offers incentives for security research. White-hat hackers who might have privately disclosed vulnerabilities now have no financial reason to do so. Any discovered flaw will likely be kept quiet or sold to malicious actors. The silence in the logs speaks loudest.
Based on my experience auditing 0x Protocol’s atomic swap logic in 2018, I know that enthusiasm for infrastructure projects often blinds users to their fragility. Sablier was a solid project, but its transformation into a zombie protocol is a textbook case of value destruction. The team claims the protocol will continue operating, but “operating” and “healthy” are two different things. Every pixel holds a transaction history, but that history does not protect against future exploits.
What should users do? Immediate action is rational. Cease creating new streams on Sablier. Withdraw any funds that are currently locked in vesting schedules—even if it means paying a penalty or rewriting contracts. Migrate to a protocol that is actively maintained, such as Superfluid, which offers composability with money streaming and batch operations. For DAOs and enterprises that rely on Sablier for payroll, begin the transition now. The cost of migration is a few gas fees and some internal coordination. The cost of staying is unknown disaster.
Let me be clear: I am not predicting an imminent hack. But stability is engineered, not emergent. Without an engineering team, the protocol’s stability degrades over time. The decision to enter maintenance mode is a signal that the creators have abandoned ship. Wise operators will treat it as a fire alarm, not a comforting hum.
Finally, the takeaway. Sablier’s story illustrates a broader truth about DeFi infrastructure: Code is law, but only until it breaks. The ledger remembers what the code forgot—in this case, the human commitment to maintain it. I foresee elevated risk for any funds locked in Sablier streams beyond 2025. If you hold a Sablier-based vesting or payroll contract, treat it as an active liability, not an asset. The market will eventually price in this risk, leading to a discount on any secondary claims. The rational path is to exit before the discount widens.
Forensics reveals the intent behind the hash. The hash of Sablier’s announcement reveals a deliberate, quiet retreat. Do not mistake quiet for safety.
— Lucas Thompson, Layer2 Research Lead, Shenzhen.

