Author: Kane Wang, Safeheron CTO
Overview of the Bybit Incident
On February 21, 2025, at 22:13 (Singapore time), the Bybit team initiated a transfer from a cold wallet to a hot wallet using the multi-signature process of Safe{Wallet}. CEO Ben verified the target address through Safe{Wallet}, but during the final confirmation using Ledger, as Ledger only displayed the contract interaction parameters and not the complete transaction information, the attackers seized the opportunity and successfully stole nearly $1.5 Bit in assets.
On February 26, 2025, Sygnia released the investigation results, confirming that the AWS S3 bucket of Safe{Wallet} had been compromised by hackers who deployed malicious JavaScript code targeting Bybit, with the primary purpose of effectively altering the transaction content during the signing process. At the same time, Safe{Wallet} stated that the Safe smart contract was not affected.
This incident bears similarities to the recent attack that caused Radiant Capital to lose $4.5 million, sounding the alarm for the entire digital asset security industry.
Kane Wang, Safeheron CTO (the only open-source MPC digital asset self-custody security service provider in Asia), has also conducted an in-depth analysis of this incident:
Fundamental Vulnerability: "What You See Is Not What You Sign"
The Bybit incident has revealed a fatal flaw in the wallet architecture: there is a huge gap between the displayed transaction intent and the actual executed operation, a problem that is widespread in many wallet systems:
A. Infrastructure Compromised
The attackers hijacked the wallet's UI (in this case, Safe{Wallet}) or the backend, and the user may have unknowingly approved malicious operations disguised as legitimate transactions. Although the wallet solution based on smart contracts (such as Safe{Wallet}) has performed well in key splitting, it has not completely solved the problem of transaction integrity verification.
B. Ecosystem Compatibility Issues
The Bybit incident exposed a critical defect in ecosystem compatibility: even when using secure devices like Ledger, the lack of seamless integration between different systems can still lead to compromised security. In this attack:
· Safe's UI was tampered with: The attackers manipulated the displayed target address to make it appear legitimate.
· Ledger's offline verification failed: As the last line of defense, Ledger failed to effectively implement the "what you see is what you sign" verification mechanism. Due to its poor compatibility with Safe's UI, Ledger only displayed the contract interaction parameters and not the friendly transaction information, resulting in critical transaction details not being verified.
The combined use of Ledger and Safe was intended to ensure more secure fund usage, with a "cold + hot" combination, but we found a lack of integrated security depth design, exposing unexpected security blind spots.
This incident emphasizes the need for more advanced security measures for institutional-level wallets to ensure the authenticity of transactions and withstand sophisticated attacks in high-risk environments. Adopting multi-layered security solutions to address increasingly sophisticated attack methods is of utmost importance.
How Enterprises Can Build a "Crypto Security Fortress"
1. Multi-Device Signing:
During transaction signing, different signers should use different hardware devices to avoid having a single device bear all signing operations, reducing the risk of a single point of failure.
2. Focus on Risk Exposure and Systematic Protection:
Security infrastructure service providers and exchanges should systematically recognize risk exposure and reduce risk exposure points. In the Ledger+Safe combination, if the Safe official UI is maliciously tampered with or hijacked, the risk exposure will be further expanded. When choosing a solution, exchanges need to clearly identify the potential security issues in each link and strengthen the construction of key risk exposure points. For example:
· The security infrastructure service provider can concentrate the risk exposure on the App and ensure that it has independent "what you see is what you sign" capabilities and TEE (Trusted Execution Environment) verification. Even if the server is hacked, the client's assets can still remain secure. That is, even if the service provider's internal personnel are malicious or the system is hacked, as long as the wallet App is functioning normally, the service provider cannot steal the user's private keys or transfer the client's assets.
In addition, the service provider should also implement the DevSecOps principle, further ensuring the security of the system through a secure App build environment, strict approval and verification processes. Reducing risk exposure and implementing DevSecOps are also the persistent principles of Safeheron.
· When using a cold wallet solution, the cold wallet, as the risk exposure point, can have a friendly "what you see is what you sign" capability, a whitelist capability, and effective wallet firmware updates to effectively ensure the secure use of the wallet.
3. Diversified Asset Management:
Concentrating a large amount of funds in a single wallet poses a high risk, and if the security is compromised, it could result in a complete loss. Therefore, we can set up "hot wallets," "warm wallets," and "cold wallets" for layered management based on the frequency of fund transfers. When using cold wallets, we can also further subdivide the use of funds, achieving effective fund isolation.
If Bybit had distributed the $1.5 Bit in ETH across wallets with different usage frequencies, the loss would have been much less, and they might have even escaped unscathed, as the hackers might have targeted other "big fish" instead.
Institutional Wallet Security: Architecture Determines Survival
The security construction of institutional asset management requires continuous investment. We predict that the future trend of digital asset management will be: hot wallets adopting MPC-TSS multi-signature management, warm wallets combining multi-signature and risk control strategies to achieve refined operations, and cold wallets adopting institutional-level solutions to achieve true offline "what you see is what you sign," continuously building a multi-layered defense system for user and institutional asset security.
About Safeheron
Safeheron is a provider of digital asset custody solutions based on MPC+TEE, and is the world's first and Asia's only company to open-source a C++ MPC threshold signature protocol library.
