I gave someone my btc deposit address which I generate before the exploit. The deposit will be made next week, will it still arrive in the old wallet we generated?
Unfortunately we are not able to update the deposit address from our side so I really hope somehow it will still arrive and I will be able to withdraw or trade with it.
Hi @Machine
Yes, the BTC can still arrive to the old address.
But the real risk is access—if the platform changed or old wallets aren’t supported after the exploit, you might not be able to use or withdraw it.
Best move: have them send to a new address if possible.
you can ignore the last part of the first reply that was given to you
internal wallet was not affected by the exploit, funds will be there waiting for you, you can access them even without the new hotfix release, wallet access will not be modified in that new version
Thank you!
When will there be a new version?
We are waiting for the “in the next few days” that was mentioned here
For non developers is easy to imagine that a fix is just a little thing, but depending on the complexity of the software architecture and code design sometimes the estimatives are not reached. I’m waiting for the fix as well to sell BTC, but is better keep waiting rather than release something wich allows other attacks.
it is worth to mention that releasing the new version asap is at least as important for bisq as it is for users, because trades on the platform are what pays contributors… but it would be a disaster if a fast release were to lead to yet another attack, so first and foremost the new release will have to be bulletproof, then it can be “fast” 
Yes, of course. Better to take the time.
Can you explain why there was a message saying that there is already a new version to be downloaded? It was very confusing seeing this message, but not seeing a new version.
Was it just a mistake, taken in the early moments of the exploit?
requiring a non existing new version was the fastest way to stop trading and contain the damage
Maybe so, but that doesn’t explain why the message said that the user should download a new version. The message could just say - well, it could say what was really going on, like “the developers have instructed the app to require a mandatory upgrade, but this can not be downloaded at present” instead of saying that a new version is (present tense) available.
The concern, since the message in the app does not match the messaging on this forum, is that the team that performed the exploit might have sent that message to get people to upgrade to their version of Bisq.
Otherwise, why was the messaging (like what you said above) different from what is in the app?
This is fairly basic exploit recovery/management, especially for an app with bank account information. It’s important to address this (and to use the GPG key with fingerprint B493319106CC3D1F252E19CBF806F422E222AA02 to sign the new release, once the new release is out.)
This is my final response regarding the misinformation that I read from you about about Bisq.
Both topics have been addressed in prior threads: rationale of “new version” requirement popup and signing of new releases.
Continued crossposting of unverified claims will not be tolerated, as it disrupts discussion.