Phan Tan Kiet
566 posts
I will launch THE $ICP appstore
Bybit is handling the hack admirably, best wishes from DFINITY. Re: hackers "musking" the Safe UX, this shouldn't even be possible, but traditional smart contracts can't securely serve UX from chain. In 2018, I had DFINITY develop smart contracts for ICP that can serve UX themselves, directly from chain. This was 1) to prevent "musking" happening to dapps on the Internet Computer, and 2) also to provide a means for other chains to obtain similar security (more below). I have been talking about this specific web3 security problem for a long time. In fact, as part of the early Ethereum community, in 2015, I discussed this problem with Martin Koppleman himself, the founder of Gnosis, the source of Safe. I have long believed in genuinely fully-onchain web3, where web applications, and other services, are constructed from advanced smart contracts that serve their web experiences from the blockchain themselves, directly to users. The Internet Computer introduced this at launch, May 2021, but this capability remains unique in the industry: thus, while the Safe service holds tokens inside smart contracts on Ethereum, which define the multisig access control logic, the Safe web experience was actually served from somewhere else. To be clear: the Safe UX/user experience (i.e. the web experience users interact with) does not benefit from end-to-end blockchain security. The hackers knew its web experience was not being served from the blockchain, and found a way to modify it, musking the UX for the user, and making it display misleading information and tricking multiple signers. Although multiple signers had to sign, they were all tricked into signing the same bad transaction, because the musked UX they were interacting with told them they were signing something else! One of the following probably happened: 1) the web assets (html, js, etc) were modified at source, wherever that was, or 2) a network node proxying the web content on its way to the signers' web browsers, was able to maliciously modify the content (a third possibility is that they all had malware on their computers, but that seems less likely). When smart contracts are serving the web experience themselves, then problem (1) cannot happen, and if there is a concern that problem (2) is a risk, and security concerns are high, then this can also be prevented with certainty. (Technical tip: if you need to be sure (2) is impossible when interacting with ICP dapps, simply install this software, which checks the "chain key" signatures on all assets served from the Internet Computer github.com/dfinity/http-p….) The good news for the World Computer (which I define as the amalgamation of all blockchains that can host tokens and smart contracts), is that the Internet Computer can fix this for *everyone*. The Internet Computer's "chain key" engine enables its smart contracts to sign smart contract transactions that run on *other* blockchains (currently Bitcoin, Ethereum and Solana also have native API-level support on the network, and this is expanding). This means that it's possible to build web experiences on the Internet Computer that trustlessly build on smart contracts hosted by other blockchains. In this case, Safe's UX could have been built on the Internet Computer, while the exact same smart contracts on Ethereum could have been used. It's time for crypto to end these endless hacks by creating web3 experiences that are hosted on the blockchain end-to-end (this is what the Internet Computer community means by "fully onchain"). The good news is we have been working on these problems for years, and the technological solutions are here, and already highly mature. For those new to this fully onchain paradigm, here are some useful links that help illustrate the different world that is possible: oisy.com – a 100% onchain multi-chain wallet, which you authenticate to using Internet Identity passkey technology, whose underlying smart contract software, which maintains your tokens, and serves you the web experience you interact with, is updated by the ICP's Network Nervous System (one of the largest and most secure DAOs in the world today) oc.app – a 100% onchain chat service and social network, where you can send "chain key" bitcoin in chat messages at almost zero cost, with 1 second finality. This is also fully autonomous, and its smart contract software is updated by its own DAO. github.com/dfinity/http-p… – this is an open source project developing an app designed to run on the Internet Computer, which can be used to create a decentralized versions of Fireblocks (i.e. to maintain custody of multichain assets, and define complex workflows). Institutions seeking more security and decentralization in their crypto asset custody processes, can contact DFINITY for help using the software. Let's keep working across our industry, in a non-partisan way, to bring these security problems to an end, once and for all 💪
I usually try not to criticize other industry players, but I still do it once in a while. 😂 This update from Safe is not that great. It uses vague language to brush over the issues. I have more questions than answers after reading it. 1. What does "compromising a Safe {Wallet} developer machine" mean? How did they hack this particular machine? Was it social engineering, a virus, etc? 2. how did a developer machine have access to "an account operated by Bybit"? Some code got deployed from this developer machine straight to prod? 3. How did they fool the Ledger verification step at multiple signers? Was it blind signing? or did the signers not verify properly? 4. So, was $1.4 billion the largest address managed using Safe? How come they didn't target others? 5. What lessons can other "self-custody, multi-sig" wallet providers and users learn from this? 🤷♂️
🎉 SoSoValue Connect Tokyo Was a Blast! 🙌 Huge thanks to everyone who showed up and made it an unforgettable night! We had a great time diving into SoSoValue’s vision, what we're building, and the future of #SSI with our amazing Japanese community. Next stop: Osaka! Get ready for another epic meetup - see you tomorrow! #SoSoValueConnectJapan #Mag7SSI
