Author: Zuoyewai Bozi Mountain

Hackers eat to their heart's content, and the generals smile with joy.

I came from Dandong, taking away your E, the general said nothing, only taking away Bybit's Ethereum.

In the crypto memory, only Kraken has not experienced serious security incidents, with only a case of a large account being hacked and the assets being stolen in 2019. The Kraken main site seems to have never lost any assets, of course, this may also be due to Kraken's good public relations.

Returning to the incident of Bybit being stolen of $1.4 billion, the real culprit should be the design problem of the multi-signature contract of the Safe company, which allowed the hacker to break through the layers of defense and successfully attack the assets in the cold wallet. The configuration of cold wallet + multi-signature is already the highest security standard that the industry can provide.

Fortunately, except for CZ's "normal performance" as always, the rest of the exchanges, OTC and large accounts have publicly expressed their support, stabilizing the sentiment of the retail investors, who ultimately bear all the consequences.

Ben Zhou worries at night, with no FUD in the group

Lessons from the past, the industry impact of the Mentougou and FTX incidents saved Bybit.

After the Mentougou incident, the entire crypto industry entered its first winter, when the main trading cryptocurrencies were BTC, far fewer than the Altcoins and Meme coins later, where one's gain is another's loss.

In 2022, FTX was not hacked, but scammed, with SBF scamming users and CZ scamming SBF, with Sun Yuchen's usual antics mixed in.

SBF claimed not to have misappropriated user assets, but the actual debt exceeding assets led to user withdrawal difficulties, and FTX did not prohibit withdrawal suspension in a timely manner, which led to the frantic withdrawal of users. The CZ, who pointed out the emperor's new clothes, first expressed support for SBF and even wanted to acquire FTX, and then said that FTX was insolvent and gave up the acquisition.

In an instant, CZ's few tweets on Twitter completely destroyed FTX.

So when Ben Zhou saw CZ commenting that users should be prohibited from withdrawing in a timely manner, he didn't know what to think. CZ may really think his suggestion is good, but Ben Zhou won't think so.

And in the OTC market, the unusually united second and third-tier exchanges collectively took action to rescue Bybit, while the US regulators remained inactive, and the large accounts and institutions did not speak, staging a "saturated rescue" that night.

Bitget provided 40,000 ETH in support, demonstrating the friendship between peers. As a struggling second-tier exchange, they took the rare step of standing together this time, and there are rumors that the two have common shareholders, but even so, it is still commendable.

However, the most critical Binance has not been seen to provide any substantive assistance beyond expressing its willingness to help, while OKX is just repeatedly auditing its own wallet, Buidling itself.

The most surprising thing is that the US regulatory agencies, such as the SEC, have also become silent this time, as they are usually not so friendly. It seems that Ma Dufeng's rectification and Trump's crypto-friendly policies have indeed been implemented to the end, and the generals and the Understandable are now all winners.

Calling back the Mentougou and FTX incidents, Bybit's best response this time was the personal effort of the boss, it seems that doing self-media really exercises people.

A trader who doesn't want to be a KOL is not a good boss

The great advantage of the crypto industry is its flatness, both internally and externally. Binance used to fire employees who traded coins without reporting, which was a compliance move to deal with old rat races, leading to missing the entire on-chain era now.

Bybit's flatness is to abandon the star CEO and professional manager mechanism of Bitget, and the boss himself takes the stage as a net celebrity, of course, the behind-the-scenes big boss still maintains his usual low profile, but Ben Zhou often appears as an English KOL, which should be one of the best foreign public figures among Chinese exchanges, second only to CZ.

But there is also a pleasant surprise, Ben Zhou's Kaito quickly rose to the top, surpassing Coinbase co-founder Armstrong, truly an exchange's misfortune and Twitter's fortune, contributing a lot of Crypto traffic to Musk.

The emphasis on traffic is also a huge plus for Bybit this time, in fact, the first priority of crisis management is to maintain calm and openness, of course, the premise is to have the capital to handle it calmly. Speaking of which, first of all, thank the hacker, who did not steal the $4.2 billion USDT in the cold wallet, because Tether will freeze it; secondly, thank SBF, it is precisely after the FTX incident that all major exchanges have adopted the PoR asset reserve proof.

And the rescue of Bybit this time also proves the effectiveness of the PoR mechanism, as the major exchanges have indeed separated their own assets from user assets, and we may also need to thank Vitalik, after all, the great development of ZK technology is also inseparable from him.

Within 48 hours of crisis management, Bybit has maintained market confidence in itself and ETH, but the problem has not been solved. Binance was fined $4.2 billion and still faces accusations of being a "girlfriend" coin, Bybit needs to maintain its market position and regain the confidence of institutional clients, which may take years.

The old topic is that the profit of the exchange comes from the client's loss, and under the asset management and pledge models, the exchange's profit can come from the on-chain, which at least theoretically avoids the accusation of using the client's loss as the profit source.

But that was in the past, and any means may appear before the huge financial losses. Now it remains to be seen whether Bybit's heart is stable and whether it is willing to spend another cycle of time to establish a normal revenue model.

Is there an opportunity for DEX to Flip CEX?

In theory, when CEXs encounter crises, there will be new traffic flowing into DEXs, after all, "Not Your Keys, Not Your Coins" is still fresh in people's minds. But today, the problem is very complex. If it's the HODL crowd who self-custody their cold wallets, then it's indeed safe.

For on-chain tools and trading products, only the OKX Web3 wallet is a non-custodial wallet, where the private key is the sole credential for accessing and controlling cryptocurrencies. Holding the private key means complete ownership of the assets in the wallet, and as long as the private key is not compromised, there will never be any problems, with security guaranteed by cryptography.

But for most trading products, custodial wallets are the norm, and the reason is not complicated - higher efficiency and smoother user trading. Security and efficiency can never be achieved simultaneously.

Especially for trading tools that focus on multi-chain and multi-currency, as well as numerous TG Bots, they basically adopt the strategy of reducing security in exchange for CEX-like features. Even Hyperliquid, which once responded to the general's hackers last year.

Exchanges can defend against 100 attacks, but hackers only need to succeed once. Defending against air raids, nine out of ten are in vain.

And in the current compensation cases, Mentougou and FTX are both eligible for the compensation process, while it is more difficult for DEXs to recover the stolen assets, such as the recent DEXX.

Worse, all security cannot last forever, and Curve had fixed the contract, not expecting the programming language used to write the contract to have problems. In the end, they could only encourage users to migrate assets and rewrite the contract, personally feeling that this is already the safest approach for DEXs, but still cannot stop the "diligent" hackers.

Epilogue

Humans don't thank Luoji, and users have more than just Bybit, it's just that they have a sense of empathy. In the dark forest of the chain, adhering to social Darwinism for a long time, the theft of Bybit is social news, while the daily hacking of retail investors is even more tragic, not even making the news. This is probably the reason why retail investors sympathize with Bybit.