- The exchange of Bybit was hacked, which resulted in a flight of $ 1.5 billion ($ 2.35 billion in).
- The co-founder of Binance, Changpeng Zhao (CZ), highlighted multisig portfolios as a common vulnerability in recent hacks, including the statement incident.
- Ledger recommended using the “clear signature” to prevent blind signature problems, which could have contributed to hacking.
- Fireblocks suggested the cup of exchange for exchange and MPC technology as potential solutions to improve safety and prevent similar exploits.
The cryptosphere was plunged into chaos as a result of news that the Go through The exchange had been hacked up to 1.5 billion US dollars ($ 2.35 billion in).
While dust is starting to settle down, industry leaders are starting to make public statements on the incident, how it has been managed and the lessons we can learn.
In particular, the community and co-founder figure of BinanceChangpeng Zhao, weighed on the hack, suggesting several security changes necessary to ensure that exchanges can avoid this fate in the future.
In relation: Violation of the appeal: $ 1.5 billion in stolen funds as exchanges promises to return the assets of customers
CZ Note Multisig portfolios as a common denominator in recent hacks
In a long post Twitter / X, Changpeng Zhao (CZ) stressed that Bybit’s feat, alongside other recent hacks, was due to multisig wallets.
Essentially, the pirates were able to hide their malicious transfer as a routine transaction on the bybit’s front-end. Thus, when several authorized signatories were presented with the data, at a glance, everything seemed normal – leading to the approval of the transaction.
According to CZ, this flight method may have been used in similar recent incidents, suggesting a need for exchanges to rethink multisig wallets.
Ledgerdevelopers of Popular nano portfoliosAgree with CZ, arguing that the “blind signature” is too important among industry.
According to Some in the communityIt was a potential cause of statement piracy – Green Lighting An apparently normal transaction that obscured its true nature.
Instead, Ledger proposes to use the “clear signature”, where the details of the transaction are always transparent, avoiding some of the fundamental problems linked to multi-sig exploits.
MPC portfolios, Ethereum withdrawal and decline: Suggestions to fight the feat of statement
Meanwhile, the Developer Web3 Fireblocks has published a blog article encouraging the Hors-Change Regulations.
The call for action suggests using collateralized and “separate” accounts, ensuring that customer assets are not at risk for exploits.
In addition, Fireblocks presented MPC technology as a potential opposite to problems with multi-sigs portfolios. Rather than requiring several signatures to authorize a transaction, MPC portfolios divide the key from a portfolio between several parties. The data remains private to each other, which means that a single compromised input cannot be used to operate a whole portfolio.
As always, the decline provides several steps that could have prevented the feat. And I hope that the greatest crypto exchange hamps in history helps to push the industry to the most secure version of itself.
However, CZ – among others – quickly rented the response of the CEO of Ben Zhou to hacking.
Ben did a good job by maintaining transparent communication and calm in the treatment of a difficult situation. This shows a strong contrast with other less transparent CEOs, such as Wazirx, FTX, etc.
Changpeng Zhao, co-founder of Binance Zhao noted that he would probably have interrupted withdrawals to be safe, an action by Bybit did not take.
Encrelar analyst and former CEO of BitmexArthur Hayes, even suggested that Ethereum is declining his blockchain in response to hacking … but this solution was not particularly popular.