Comment by Mistletoe
20 hours ago
My understanding is this multisig failed because, like most security, everyone just pressed yes and didn’t communicate, investigate, or ask questions, defeating the purpose of a multisig.
20 hours ago
My understanding is this multisig failed because, like most security, everyone just pressed yes and didn’t communicate, investigate, or ask questions, defeating the purpose of a multisig.
Yea, how is it that multiple people signed a transaction for over a billion dollars of assets without due diligence?
If you did this for non crypto there would be lawyers, bankers, etc involved in the transaction.
Root certificate authorities have already solved this problem with signing rituals which take place in person in an air gapped vault on specialized hardware and multiple parties as witness.
They didn't sign a transaction for 1 billion dollars. They all signed what they thought was a routine transfer, but in reality what they signed gave the hacker full control of the smart contract (the Gnosis Safe) in which the 1.4B $ of tokens were stored.
The hackers, having gained control of the smart contract, proceeded to empty it of funds.
TFA seems to suggest that the thieves modified the signers’ applications to display a routine transaction but actually sign the heist transaction.
Given that the UI they saw was compromised, they likely believed they were signing some routine 1M rebalancing transaction.
Odd that you wouldn't use separate keys for that given the wildly different levels of risk involved.
3 replies →
The concept of strong safeties was not in place. Safeties refer to layers that go beyond common trust mechanisms. In this case, signing a transaction of that magnitude solely based on multi-signature approval was completely insufficient. There should have been additional safeguards, such as special approvals and extra verification steps, specifically designed for transactions within that amount range.
Indeed. As in, the organization should only sign such transactions when all signers are present in person in a secure location and they follow a procedure witnessed by independent auditors. “Work from home” when you control billion in value does not cut it.
They didn't sign a transaction for 1 billion dollars. They all signed what they thought was a routine transfer, but in reality what they signed gave the hacker full control of the smart contract (the Gnosis Safe) in which the 1.4B $ of tokens were stored. The hackers, having gained control of the smart contract, proceeded to empty it of funds.
The displayed information was tampered due to malware. communication would not have helped.