🌟 Cause of the Drift Hacking on Twitter + Situation Summary + Current Response Scale of the Hack → Approximately $280 million leaked (Damage centered on Vault funds) Key Cause → Not a Smart Contract Bug → Privilege escalation attack exploiting the Multisig + Nonce structure Attack Method 1. Utilization of pre-signed transactions (durable nonce) 2. Securing partial Multisig approvals (2/5) 3. Seizing administrator privileges → Withdrawal of Vault funds 4. High possibility of social engineering attack Scope of Damage → Vault / Loan / Trading funds affected → Most deposits affected → Insurance funds also planned to be used Safe Aspects → Assets not directly deposited in Drift unaffected Key Timeline → March: Nonce account setup + securing signatures → April 1: Seizing administrator privileges and executing They didn't steal the code; instead, they breached a portion of these Multisig approvals (2/5) to gain administrator privileges. Most Protocol Functions It has been suspended and multisig reconstruction is complete. They say they are tracking the funds in cooperation with the exchange and the bridge. 🗣 Tweet