• bitcoinBitcoin (BTC) $ 108,143.00
  • ethereumEthereum (ETH) $ 3,946.29
  • tetherTether (USDT) $ 1.00
  • bnbBNB (BNB) $ 1,102.66
  • xrpXRP (XRP) $ 2.37
  • solanaSolana (SOL) $ 185.79
  • usd-coinUSDC (USDC) $ 0.999823
  • staked-etherLido Staked Ether (STETH) $ 3,941.89
  • tronTRON (TRX) $ 0.320476
  • dogecoinDogecoin (DOGE) $ 0.194180
  • cardanoCardano (ADA) $ 0.645514
  • wrapped-stethWrapped stETH (WSTETH) $ 4,793.25
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 4,256.73
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 107,867.00
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.00
  • ethena-usdeEthena USDe (USDE) $ 0.999837
  • chainlinkChainlink (LINK) $ 17.13
  • wrapped-eethWrapped eETH (WEETH) $ 4,256.78
  • stellarStellar (XLM) $ 0.316302
  • hyperliquidHyperliquid (HYPE) $ 37.11
  • bitcoin-cashBitcoin Cash (BCH) $ 470.56
  • suiSui (SUI) $ 2.56
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 1.00
  • wethWETH (WETH) $ 3,940.82
  • leo-tokenLEO Token (LEO) $ 9.44
  • avalanche-2Avalanche (AVAX) $ 20.35
  • usdsUSDS (USDS) $ 0.999888
  • usdt0USDT0 (USDT0) $ 1.00
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 107,945.00
  • hedera-hashgraphHedera (HBAR) $ 0.168992
  • litecoinLitecoin (LTC) $ 93.00
  • mantleMantle (MNT) $ 1.87
  • whitebitWhiteBIT Coin (WBT) $ 41.17
  • shiba-inuShiba Inu (SHIB) $ 0.000010
  • moneroMonero (XMR) $ 312.35
  • the-open-networkToncoin (TON) $ 2.19
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.20
  • crypto-com-chainCronos (CRO) $ 0.146800
  • daiDai (DAI) $ 0.997780
  • polkadotPolkadot (DOT) $ 2.98
  • bittensorBittensor (TAO) $ 434.32
  • zcashZcash (ZEC) $ 239.24
  • uniswapUniswap (UNI) $ 6.23
  • okbOKB (OKB) $ 168.66
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.129932
  • memecoreMemeCore (M) $ 2.04
  • aaveAave (AAVE) $ 221.28
  • ethenaEthena (ENA) $ 0.470664
  • bitget-tokenBitget Token (BGB) $ 4.65
  • pepePepe (PEPE) $ 0.000007
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • nearNEAR Protocol (NEAR) $ 2.23
  • paypal-usdPayPal USD (PYUSD) $ 0.999884
  • usd1-wlfiUSD1 (USD1) $ 1.00
  • jito-staked-solJito Staked SOL (JITOSOL) $ 229.54
  • susdssUSDS (SUSDS) $ 1.07
  • c1usdCurrency One USD (C1USD) $ 0.999914
  • ethereum-classicEthereum Classic (ETC) $ 15.64
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,947.79
  • aster-2Aster (ASTER) $ 1.17
  • ondo-financeOndo (ONDO) $ 0.724608
  • aptosAptos (APT) $ 3.17
  • tether-goldTether Gold (XAUT) $ 4,253.74
  • falcon-financeFalcon USD (USDF) $ 0.993712
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 5.38
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.193499
  • worldcoin-wldWorldcoin (WLD) $ 0.898198
  • htx-daoHTX DAO (HTX) $ 0.000002
  • gatechain-tokenGate (GT) $ 15.83
  • usdtbUSDtb (USDTB) $ 1.00
  • hash-2Provenance Blockchain (HASH) $ 0.035888
  • rocket-pool-ethRocket Pool ETH (RETH) $ 4,510.15
  • story-2Story (IP) $ 5.45
  • kucoin-sharesKuCoin (KCS) $ 13.50
  • arbitrumArbitrum (ARB) $ 0.314262
  • bfusdBFUSD (BFUSD) $ 1.00
  • pi-networkPi Network (PI) $ 0.204793
  • binance-staked-solBinance Staked SOL (BNSOL) $ 200.42
  • internet-computerInternet Computer (ICP) $ 3.04
  • algorandAlgorand (ALGO) $ 0.181774
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 4,159.78
  • cosmosCosmos Hub (ATOM) $ 3.22
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 4,198.97
  • vechainVeChain (VET) $ 0.017518
  • wbnbWrapped BNB (WBNB) $ 1,102.68
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 37.25
  • pump-funPump.fun (PUMP) $ 0.003989
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 4,219.24
  • kaspaKaspa (KAS) $ 0.052237
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.021923
  • skySky (SKY) $ 0.058607
  • pax-goldPAX Gold (PAXG) $ 4,252.99
  • flare-networksFlare (FLR) $ 0.017310
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 107,933.00
  • render-tokenRender (RENDER) $ 2.49
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 4,182.16
  • syrupusdcSyrup USDC (SYRUPUSDC) $ 1.13
  • sei-networkSei (SEI) $ 0.194132
  • official-trumpOfficial Trump (TRUMP) $ 5.93
  • chainopera-aiChainOpera AI (COAI) $ 5.96
  • nexoNEXO (NEXO) $ 1.17
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 1.00
  • bonkBonk (BONK) $ 0.000014
  • jupiter-exchange-solanaJupiter (JUP) $ 0.348625
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 107,886.00
  • xdce-crowd-saleXDC Network (XDC) $ 0.060447
  • filecoinFilecoin (FIL) $ 1.52
  • morphoMorpho (MORPHO) $ 2.00
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998118
  • immutable-xImmutable (IMX) $ 0.508296
  • mantle-staked-etherMantle Staked Ether (METH) $ 4,253.36
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.86
  • spx6900SPX6900 (SPX) $ 0.996588
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 212.57
  • rna-2RNA (SN117) $ 4,708.96
  • global-dollarGlobal Dollar (USDG) $ 0.999904
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 108,144.00
  • fasttokenFasttoken (FTN) $ 2.02
  • ripple-usdRipple USD (RLUSD) $ 0.999645
  • clbtcclBTC (CLBTC) $ 108,913.00
  • celestiaCelestia (TIA) $ 1.01
  • injective-protocolInjective (INJ) $ 8.47
  • doublezeroDoubleZero (2Z) $ 0.232609
  • lido-daoLido DAO (LDO) $ 0.888708
  • ousgOUSG (OUSG) $ 112.98
  • blockstackStacks (STX) $ 0.431922
  • msolMarinade Staked SOL (MSOL) $ 247.51
  • optimismOptimism (OP) $ 0.436957
  • curve-dao-tokenCurve DAO (CRV) $ 0.545487
  • cgeth-hashkey-cloudcgETH Hashkey Cloud (CGETH.HASH) $ 3,837.75
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.284885
  • aerodrome-financeAerodrome Finance (AERO) $ 0.821128
  • plasmaPlasma (XPL) $ 0.402624
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,941.45
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.09
  • usdx-money-usdxStables Labs USDX (USDX) $ 0.997762
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.86
  • the-graphThe Graph (GRT) $ 0.063832
  • sonic-3Sonic (S) $ 0.174636
  • pyth-networkPyth Network (PYTH) $ 0.113785
  • flokiFLOKI (FLOKI) $ 0.000066
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,945.94
  • tezosTezos (XTZ) $ 0.594086
  • tbtctBTC (TBTC) $ 107,729.00
  • kaiaKaia (KAIA) $ 0.105222
  • stader-ethxStader ETHx (ETHX) $ 4,226.79
  • gtethGTETH (GTETH) $ 3,937.72
  • ether-fiEther.fi (ETHFI) $ 1.07
  • newton-projectAB (AB) $ 0.007126
  • usdaiUSDai (USDAI) $ 1.02
  • iotaIOTA (IOTA) $ 0.142665
  • conflux-tokenConflux (CFX) $ 0.111426
  • beldexBeldex (BDX) $ 0.076082
  • saros-financeSaros (SAROS) $ 0.214145
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.35
  • theta-tokenTheta Network (THETA) $ 0.558845
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 4,338.14
  • usual-usdUsual USD (USD0) $ 0.998116
  • pendlePendle (PENDLE) $ 3.16
  • dashDash (DASH) $ 42.58
  • havvenSynthetix (SNX) $ 1.54
  • swethSwell Ethereum (SWETH) $ 4,344.78
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999793
  • dogwifcoindogwifhat (WIF) $ 0.524830
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.789596
  • galaGALA (GALA) $ 0.011068
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999823
  • mantle-bridged-usdt-mantleMantle Bridged USDT (Mantle) (USDT) $ 1.01
  • myx-financeMYX Finance (MYX) $ 2.67
  • ethereum-name-serviceEthereum Name Service (ENS) $ 15.36
  • the-sandboxThe Sandbox (SAND) $ 0.207300
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 108,035.00
  • swissborgSwissBorg (BORG) $ 0.511067
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.194332
  • bittorrentBitTorrent (BTT) $ 0.00000050
  • true-usdTrueUSD (TUSD) $ 0.998743
  • starknetStarknet (STRK) $ 0.114233
  • raydiumRaydium (RAY) $ 1.84
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.10
  • benqi-liquid-staked-avaxBENQI Liquid Staked AVAX (SAVAX) $ 24.97
  • jasmycoinJasmyCoin (JASMY) $ 0.009969
  • mantle-restaked-ethMantle Restaked ETH (CMETH) $ 4,252.02
  • usddUSDD (USDD) $ 1.00
  • arbitrum-bridged-wrapped-eethArbitrum Bridged Wrapped eETH (Arbitrum) (WEETH) $ 4,247.81
  • vaultaVaulta (A) $ 0.287373
  • decentralandDecentraland (MANA) $ 0.234778
  • astherus-staked-bnbAster Staked BNB (ASBNB) $ 1,165.93
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,937.86
  • flowFlow (FLOW) $ 0.273940
  • sun-tokenSun Token (SUN) $ 0.023087
  • bitcoin-svBitcoin SV (BSV) $ 21.49
  • polygon-pos-bridged-weth-polygon-posPolygon PoS Bridged WETH (Polygon POS) (WETH) $ 3,942.33
  • frax-etherFrax Ether (FRXETH) $ 3,909.84
  • jito-governance-tokenJito (JTO) $ 1.08
  • eigenlayerEigenCloud (prev. EigenLayer) (EIGEN) $ 1.08
  • syrupMaple Finance (SYRUP) $ 0.372814
  • hashnote-usycCircle USYC (USYC) $ 1.10
  • aethirAethir (ATH) $ 0.028853
  • apenftAPENFT (NFT) $ 0.00000041
  • usdbUSDB (USDB) $ 0.995904
Bitcoin

Why Crypto Protocols Need Preventative Tools to Mitigate Attacks

By admin
0 75

Why Crypto Protocols Need Preventative Tools to Mitigate Attacks

On June 2, Velocore’s protocol on Ethereum layer-2 network Linea was hacked, resulting in losses of $6.8 million worth of ETH. The attack, which leveraged a fee overflow bug, resulted in Linea halting operations for an hour in an attempt to mitigate the fallout, and prompted an extensive postmortem.

While the Velocore hack will go down as June’s first major on-chain exploit, it was by no means its last. Another six protocol hacks occurred in the month as recorded by DefiLlama, bringing June’s total losses to over $140 million, while July’s losses totaled $277 million. And May was even worse, with $373 million pocketed by attackers leveraging everything from flash loan exploits to compromised private keys.

The crypto industry has grown accustomed to hacks, which have exfiltrated $6 billion from DeFi protocols alone. This might be normal in crypto, but it isn’t in mainstream society. For as long as this problem remains unchecked, talk of Web3 mass adoption will remain a pipe dream.

While the specifics of each exploit vary, there is a common motif that runs through the major on-chain incidents: Most of these protocols were audited, and often by multiple third-parties. Velocore was audited by Zokyo, Scalebit, and Hacken, for example, and was also being monitored at the time of the hack.

While audits and monitoring solutions have their place, they risk lulling users and projects into unrealistic expectations of security. If multiple audits and monitoring can’t stop sophisticated hackers from breaking in, then it’s clear that a rethink is required.

Hackers are always gonna hack. But this doesn’t mean that DeFi projects are powerless to stop them. What it does mean is that they need to arm themselves with better preventative tools, and implement strategies to mitigate the damage should a breach occur.

Learning from hackers

DeFi projects could learn a lot from hackers, not least in their willingness to think outside the box by adopting unorthodox problem-solving approaches.

The first step is to learn the attackers’ tactics. One of the problems with audits is that they tend to be inward-looking, focusing on fortifying internal code rather than assessing the enemy’s capabilities. To cite but one example, compromised private keys account for 20% of all attack vectors; in May, Alex Labs lost $29 million in this manner.

Despite a panoply of cybersecurity firms touting crypto monitoring tools, these are largely limited to alerting protocol operators of suspicious activity. If a protocol does get hacked, then the team will be alerted to the bad news and that’s it: no attempts at mitigation, attacker identification, or counter-offensive strategy. Monitoring companies notified Velocore immediately when it was hacked, but it took Linea pausing on-chain operations for the attack to be halted.

DeFi projects shouldn’t simply rely on third-parties to resolve all their security challenges either. Rather, they should be proactively educating team members on common phishing methods and signs of suspicious activity. Technical members, meanwhile, should be schooled on the latest attack vectors, including access control exploits and proof verifier bugs.

Rather than expressing gratitude that the latest exploit befell a rival protocol, projects should study closely and apply the inevitable postmortem to their own security regime. Stay humble and study hackers.

Rewriting the playbook

But there are also more practical measures protocols can take to ensure they’re not the latest casualty. Just as humans cannot control the weather, only their preparation for it, the same holds true of hacks.

Teams need to have better solutions in place for threat prevention and tighter control of their smart contracts. Security solutions understand that it’s better to revert malicious transactions on-chain rather than warn of an occurring attack. Prevention is a solution that stops the attack before the transaction(s) are finalized on-chain—and those are the preventative measures we need in the ecosystem.

Despite ostensibly doing everything right from a security perspective, Linea had only one recourse when Velocore didn’t respond to alerts: to pause operations. Better tooling is needed to thwart hacks before they can escalate into multi-million-dollar exploits.

This much is clear: The current approach to crypto protocol security isn’t working, and a radical rethink is required. The market is in need of more security solutions that block malicious activity while maintaining business continuity, because it is time that protocols have better proactive capabilities, improved threat prevention, and a willingness to learn from the opposition.

As Sun Tzu put it, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.”

Edited by Andrew Hayward

Source

admin 14189 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.