[woah]

The problem was ultimately in the bridge’s design and implementation. Even though it was sold as a decentralized system it was a multisig with very few signatories. A properly designed decentralized bridge would require the compromise of many validators, each with a different infrastructure setup. This is why you never hear about Ethereum itself getting hacked.

Instead, the Axie bridge was a multisig, and as of that wasn’t bad enough, most of the signatories were controlled by the same organization on the same infrastructure. Really demonstrated that concerns about decentralization are not just pedantic or academic.

[3np]

IIRC the 9 nodes where effectively controlled by 3 sets of keys so they only had to compromise 2 to take control. And they took weeks to discover it happened. The incompetence and brazenness astonishes. Team as well as investors.

[jollofricepeas]

Weeks is a short amount of time for security detection. Most high level threat actors are in systems for months.

They’re called Advanced Persistent Threats for a reason.

No snark intended.

[3np]

Its not a short amount of time to realize that your treasury has been looted. They should have had monitoring in place before they had a percentage of the locked up value.

[jollofricepeas]

Most security professionals will tell you that even with monitoring the average MTTD is 212 days.

It’s been a big problem that needs fixing across the industry.

https://venturebeat.com/security/report-average-time-to-dete...

[3np]

I was not referring about the timeline from the breach but the timeline from the transfer of funds, which by their nature are visible by the blockchain and even with everything else failing wouldn't this be on dashboards and part of regular monitoring anywhere else?