The hot project Hyperliquid (HYPE) today experienced the largest pullback since its launch.
Bitget's market data shows that as of around 2:00 pm Beijing time, HYPE was temporarily reported at 26.21 USDT, with a daily drop of as high as 20.5%.
Are North Korean hackers targeting Hyperliquid?
Looking at market news, the biggest event discussed in the Hyperliquid community today is a warning from the well-known security researcher Tay (@tayvano_) - several North Korean hacker addresses marked as such have recently been transacting on Hyperliquid, currently with a total loss of over $700,000.
Although as of the time of writing, Hyperliquid has not yet shown any signs of being attacked, but as Tay said, "If I were one of the 4 validators of Hyperliquid, I might have already pissed my pants right now"... The signs of activity from the strongest hacker force in the cryptocurrency world may mean that North Korean hackers have identified Hyperliquid as a potential target and are testing the system's stability by executing transactions.
After Tay's post was released, it immediately sparked heated discussion in the community, especially the issue of the "4 validators" mentioned by Tay, which some community users even saw as the weakest link in the current Hyperliquid system security.
Potential threat: $2.3 billion relies on 3/4 multi-signature
Abstract developer cygaar explained that the Hyperliquid bridge contract deployed on Arbitrum currently has $2.3 billion in USDC, and most of the functions in this bridge contract require signatures from 2/3 of the validators to execute (since there are only 4 validators, it actually requires 3 signatures).
Assuming that the majority (3/4) of the validators are compromised, the compromised validators can submit a request to withdraw all the USDC from this bridge contract and send them to a malicious address. Since the attackers have control of the majority of the validators, they will be able to successfully pass and ultimately confirm the withdrawal request, meaning that the $2.3 billion in USDC will be transferred to the attackers.
There are currently two lines of defense that can intervene to prevent these USDC from being lost forever.
The first line of defense is to defend at the USDC contract layer. Circle's blacklist mechanism can completely prohibit the transfer of USDC to specific addresses, and if they act quickly enough, they can prevent the attackers from transferring the stolen USDC, effectively freezing the funds and reimbursing the Hyperliquid bridge contract.
Regarding this line of defense, security expert ZachXBT commented that Circle's efficiency is very low and not to expect them to take any remedial action, but ZachXBT also clarified that this comment was only about Circle and did not involve any views on Hyperliquid.
The second line of defense is to defend at the Arbitrum network layer. The Arbitrum L1/L2 bridge contract on Ethereum is currently protected by a 9/12 multi-signature contract (Security Council). Assuming the attackers somehow gain control of this $2.3 billion USDC and immediately convert it to other tokens, thereby avoiding Circle's blacklist mechanism. In theory, Arbitrum's Security Council can also change the state of the chain, roll back and prevent the initial attack transaction from occurring. In "emergency situations", this council can vote to decide whether to intervene.
cygaar added that the last line of defense is obviously highly controversial and should only be used in the most dire situations.
"Intentional FUD" or "Well-intentioned warning"? Community reactions are mixed
Regarding Tay's warning post, the community reaction has shown a clear polarization.
On the one hand, some community members believe that Tay's warning is an exaggeration, especially after the HYPE price drop, many community users believe that Tay is just "intentionally FUDing".
· Some community members pointed out that North Korean hackers will target any protocol with high TVL, and the mere discovery of hacker traces does not mean the protocol is under threat;
· Some community members also pointed out that Tay himself actually works for ConsenSys, and his so-called "warning" may have ulterior motives, which is actually just to help ConsenSys reach the most favorable cooperation with the Hyperliquid team.
On the other hand, some well-known figures have also chosen to support Tay's security work.
· Well-known white hat hacker samczsun said that although Tay has been serving the cryptocurrency industry for free for several years, he is now being heavily criticized just because HYPE's price dropped significantly after this warning was released...
· Evgeny Gaevoy, founder and CEO of Wintermute, also said that Tay's communication style may be a bit rough (after this tweet was posted, Tay and some users who accused him had a heated argument), but you can't ignore information like this.
In summary, for Hyperliquid, which has been smooth sailing since its launch, today's discussion can be said to be a not-so-small incident in the project's operation. It's not so small because Hyperliquid has not actually been attacked; it's not so small because some of Hyperliquid's system-level vulnerabilities have been exposed, and the community consensus on this incident has shown a certain degree of divergence... But as a leading player aiming to revolutionize industry rules, this incident is more of a good touchstone than a difficulty. How Hyperliquid will solve the 3/4 multi-signature issue and calm the FUD will also be a good opportunity for the market to re-evaluate the quality and efficiency of this project.
Welcome to join the official BlockBeats community:
Telegram subscription group: https://t.me/theblockbeats
Telegram discussion group: https://t.me/BlockBeats_App
Twitter official account: https://twitter.com/BlockBeatsAsia
