Steps to USUALLY confirming a cold wallet transaction at Bybit:
- 3 of 6 signers, sign and send the multi-sig wallet a transaction which writes to a smart contract created by SAFE.GLOBAL.
- SAFE.GLOBAL Smart Contract verifies the 3 Bybit signatures and then the funds are transferred. Example of a usual Bybit Cold Wallet Transfer to a Bybit Hot Wallet.
The Flaw:
- The multi-sig (signed by the 3 Bybit signatures) wrote to a smart contract that the HACKER CREATED and not the usual SAFE.GLOBAL contract.
- The hackers smart contract prompted a sweep of all funds from the Bybit multi-sig wallet to a wallet controlled by the hacker.
- All 3 people at Bybit that signed the transaction did not CHECK the 'TO ADDRESS' in the INPUT DATA for the transaction.
- Had they checked the TO ADDRESS they would have realized that they are placing their signature on a transaction to an UNRECOGNIZED contract/address, thereby alerting them NOT TO PROCEED.
My thoughts:
If you are an exchange, please train your signing authorities to TRIPLE CHECK the TO ADDRESS. Signing authorities should be able to DECODE INPUT DATA at the very least when signing wallets with over 400k ETH in it.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments