ReportWire

Tag: ChainSecurity

  • L2 Blast on multi-sig debate: Security exists on spectrum, nothing is fully secure

    L2 Blast on multi-sig debate: Security exists on spectrum, nothing is fully secure

    [ad_1]

    Paradigm-backed network Blast addressed skepticism surrounding its blockchain model following a swift rise to over $300 million in market cap and promises of a token airdrop.

    Blast Bridge, an L2 network on Ethereum, pushed back on security concerns espoused by some in the crypto community due to the protocol’s smart contract architecture which safeguards assets using a multi-signature build.

    On Nov. 24 via an X thread, the project said no contract code security is completely airtight and that each smart contract design has its associated vulnerability. Blast pointed to other layer-2 blockchains like Arbitrum and Polygon that use multi-sig wallets to hold funds, adding that this option holds benefits if executed correctly.

    You want to make sure that each signing key of a multi-sig is independently secure. This helps make the multisig antifragile. Each key should be in cold storage, managed by an independent party, and geographically separated.

    Blast L2 via X

    Blast stressed that veteran technical engineers comprise the five signatories for its multi-sig wallet. The project also shared plans to further bolster resilience and mitigate black swan events by initiating an upgrade to the underlying hardware wallet provider leveraged for its contentious multi-sig structure.

    This will ensure that no single hardware wallet type is used 3-of-5 times, maintaining safety even in an unprecedented hardware wallet compromise scenario.

    Blast L2 via X

    Blast captured attention as Tieshun Roquerre, aka Pacman, co-founder of NFT marketplace Blur, announced the L2 network after raising $20 million from investors like Paradigm. The deposit-only protocol offers native yield to users, promising an airdrop for early supporters and a mainnet launch in the near future.

    The one-way bridge zoomed to a market cap above $300 million as of press time following massive inflows into Blasts’s contract address. Additionally, Blast’s asset portfolio provided by DeBank showed millions held in Lido’s staked Ether (stETH) and Maker’s DAI, a defi stablecoin.


    Follow Us on Google News

    [ad_2]

    Naga Avan-Nomayo

    Source link

  • Experts warn of ‘ticking bomb’ for supply chain attack

    Experts warn of ‘ticking bomb’ for supply chain attack

    [ad_1]

    Experts from Aqua Security are calling for urgent attention to the public disclosure of Kubernetes configuration secrets.

    According to recent research, experts are warning that hundreds of source code projects and organizations are vulnerable to “ticking supply chain bomb.”

    Aqua analysts Yakir Kadkoda and Assaf Morag claim they found Kubernetes secrets in public repositories. They allow access to sensitive software development life cycle (SDLC) environments and pose a serious threat of supply chain attack.

    Those affected include two leading blockchain firms and various other Fortune 500 companies that used the GitHub API to obtain all entries containing .dockerconfigjson and .dockercfg, which store credentials to access the container image registry.

    Of the 438 records are at risk of containing valid registry credentials, 203 records (around 46%) contained valid registry credentials.

    Of these, 93 passwords were manually set by individuals, as opposed to 345 computer-generated passwords. Moreover, almost 50% of the 93 passwords were considered weak. These included password, test123456, windows12, ChangeMe, and dockerhub.

    According to the latest data from DefiLlama, cybercriminals stole $1 billion in 75 attacks in 2023. This is significantly less than in 2022, when hackers lost $3.2 billion in 60 incidents. Now attackers are committing small but frequent hacks. In just 11 of the 75 incidents recorded this year, cybercriminals stole more than $10 million, indicating that cybercriminals are committing smaller, more frequent thefts.


    Follow Us on Google News

    [ad_2]

    Anna Kharton

    Source link