Comment by jgilias
18 hours ago
Given that the UI they saw was compromised, they likely believed they were signing some routine 1M rebalancing transaction.
18 hours ago
Given that the UI they saw was compromised, they likely believed they were signing some routine 1M rebalancing transaction.
Odd that you wouldn't use separate keys for that given the wildly different levels of risk involved.
Separate keys for what? They believed they were signing a routine transaction. That’s the whole idea of the hack.
Splitting funds over 100 wallets would’ve helped. A 100x lower amount would be lost.
And/Or having separate hardened devices used only for signing.
Separate keys (ie wallets) for routine small transactions versus the cold wallets used for huge sums. Perhaps I've misunderstood but it sounded like they performed a rare transaction while being led to believe it was a routine one. I'm wondering why you wouldn't split the infrastructure given the differences in risk.
1 reply →