David Hoffman
👤 SpeakerAppearances Over Time
Podcast Appearances
They were kind of like top 30, but they were the biggest, I think, on Solana, at least one of the largest on Solana.
And as you said, I mean, this ranks as one of the biggest hacks ever, certainly the largest on Solana.
This reminded me a little bit of the Ronin sidechain hack.
Do you remember 625 million?
That was in 2022.
That was also a multi-sig type hack, social engineering, compromised keys.
Like these multi-sigs are, they are just hazardous for protocols to have in place, right?
And I mean, what are the lessons that we learned from this?
Certainly, even if you have a multi-sig, there are better ways to design it.
It was only a two of five, right?
You could do a five of seven or something like this.
There's all sorts of time delays, all sorts of things you could have done.
I think another lesson learned is the social engineering behind these hacks is getting crazy sophisticated.
Right.
So how they got these signers to actually sign, I don't know if that's completely known, but it could be like supply chain attacks where like there's some kind of code library that they downloaded as a dependencies now infected their machine.
I mean, if you're a multi-sig signer, you should be concerned with your setup at all times and be paranoid about it.
David, there was something that big that came out of ECC this week that caught my eye.
I want to tell you about it.
That OK?
I would I would love to hear.