Four Risks Confronting Crypto Custodians
Bitcoin was originally conceived as a “trustless” payment system, because it doesn’t require counterparties have faith in one another’s likelihood to make good on their agreements. Instead, math guarantees settlement of the transaction.
Indeed, the original bitcoin whitepaper envisioned a thoroughly decentralized system of value exchange between peers, with private keys stored locally on connected devices. In such a world, the main risk of loss of access to one’s digital assets was loss of keys due to hardware loss or failure.
Of course, the entire concept put forth by Satoshi Nakamoto took on a life of its own and spawned centralized entities where private keys are held by a custodian for use on their platform. Under these circumstances, the biggest threats to access one’s assets is theft by a bad actor, though the means is not always network hacking.
These are four types of attacks that put custodial crypto at risk.
Smart Contract Vulnerability
A foundational DeFi protocol is the smart contract: a programmatically self-executing set of instructions stored on a blockchain used to automate transactions. As is the case with any code, security flaws can be exploited.
- Date: September 2022
- Amount Lost: $160 million
- Means: Bug exploit
Wintermute is an algorithmic market maker that enables high-frequency cryptoasset transactions. In September 2022, Wintermute suffered a serious hack, with initial losses exceeding $160 million. The stolen assets had been kept in hot wallets – meaning, wallets connected to the internet.
The post-mortem report showed that the attack occurred due to human error in a smart-contract’s logic tied to a protocol that allowed Wintermute customers to create personalized wallet addresses.
The exploit threatened the solvency of the platform as it quickly triggered a cumulative debt of $200 million.
Phishing attacks are those in which the attacker gains access to a network by fooling an administrator into taking steps that ultimately reveal their access credentials, most often via social engineering or malware.
Example: Axie Infinity
- Date: March 2022
- Amount lost: $625 million
- Means: Social engineering > malware > validator node takeover
The attackers, believed to be affiliated with the notorious North Korea-based Lazarus Group, targeted key employees of Sky Mavis, the parent company of Axie Infinity, a sidechain conected to the Ethereum network.
The attackers reportedly posed as recruiters reaching out to Sky Mavis engineers over LinkedIn. The targets were then put through an extensive and apparently realistic recruitment process, capped off with an “extremely generous” job offer, which was in fact a malware-infected PDF document.
With that, an engineer’s computer became compromised, and this ultimately gave the attackers control over a majority of validator nodes.
Evil, but clever.
Blockchains attain their immutability through protocols that require a majority of nodes agree, which is to say, reach consensus, on what is the true state of the ledger. Should a bad actor attain control of at least 51% of voting power, they can alter the ledger arbitrarily and to their advantage – typically by permitting double-spending.
In the case of proof of work protocols, this is done by either acquiring sufficient computing power or encumbering the capacity of other miners. In the case of proof of stake protocols, it’s done by acquiring at least 51% of the asset.
Example: Beanstalk protocol
- Date: April 2022
- Amount lost: $181 million
- Means: Governance protocol exploit
51% attacks are rare due to the vast amounts of resources required, be it financial or technical.
In the case of the Beanstalk attack, it took very few resources, thanks to an exploit of the protocol’s flash loan functionality, which allows for borrowing of large sums without collateral, if the funds are returned before the next block is mined – the goal being to capitalize on volatility.
By taking out a $1 billion flash loan, followed by a series of quickly executed conversions and transfers, the attacker was ultimately able to acquire nearly 80% of voting power within minutes. This was much more than the 67% required to make, approve and execute “emergency proposals” – two of which resulted in the theft.
Evil, but very clever.
Cross-chain bridges connect separate blockchains networks thereby enabling users to transfer their digital assets between platforms.
For example, Ren Protocol’s Badger Bridge allows users to deploy Bitcoin on the Ethereum network, by accepting BTC as collateral and minting a renBTC or wBTC on a 1:1 basis. The bridge then allows these to be swapped back into their original token.
Though very useful, bridges are considered high security risks.
Example: Wormhole Bridge
- Date: March 2022
- Amount lost: $325 million
- Means: Software bug exploit
The Wormhole bridge attack occurred after an update to the project’s GitHub repository inadvertently revealed a fix to a bug before the fix had been deployed. By the time the attacker was done exploiting that unpatched bug, they’d taken $325 million worth of wETH.
Evil, not terribly clever.
Gains from attacks on TradFi yield nothing close to these huge numbers, which is why crypto custodians are such attractive targets. This is also why insurance on crypto assets is so vital. And yet, a tiny proportion of digital assets are insured.
Evertas is the only dedicated crypto insurance company, and offers A+ rated coverage to crypto custodians intent on protecting their projects and their customers’ assets. Contact us to learn how we can work together.