Some of you will remember the $140M hack on Wormhole last year, i was wondering if any of you were at all concerned with the details of it. Obviously its great for Jump to get their 120k ETH back but it was kind of alarming how it was done.
Basically the hacker had taken some derivates positions on Maker with the stolen ETH and used Oasis to manage liquidation risk. Oasis allowed Jump to use the admin multisig keys to upgrade a contract and pay the debt and returning the collateral.
Its worth noting that Oasis has this on their page:
Can Oasis access the funds in my account or wallet? No. With Dai, you - and only you - have access and control over your Dai. Dai uses blockchain technology to ensure the highest level of trust and transparency, and because of the way blockchain technology works, you ultimately get to decide just how secure you want it to be. This does mean you are your own security ultimately, so it is very important you keep access to your Dai and Oasis account secure.
This doesnt feel entirely true if by court order they can backdoor you, kind of a meme take on decentralization. Admin multisig keys are a sketchy concept sometimes. What do you guys think about the legal precedent being set here as well as vulnerabilities in protocols like this?
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments