飞凡
飞凡|Apr 05, 2026 12:32
The $285 million on chain heist of the Drift protocol has completely torn off DeFi's last fig leaf. It can be said that in all these years, Defi encryption has never experienced such a heavy blow. Defi is too big to be fake, The code audit reports of the world's top security companies cannot guarantee the security of the Defi protocol, The so-called encrypted decentralized security is as fragile as paper in systemic social engineering attacks. The hacker first used Tornado Cash to launder 10 ETH of startup funds and issued an air coin called CVT out of thin air. Then, through a left to right reversal transaction, the coin price surged to around $1, creating a normal asset curve. Due to the fact that the highest authority for Drift is controlled by a 2/5 threshold (only 2 out of 5 people need to agree) and a multi signature committee without any time lock. Hackers easily used social work methods to lure at least two signatories into pre signing malicious governance transactions without their knowledge or understanding. At 00:05 Beijing time on April 2nd, hackers officially broadcasted the signatures they had obtained a few days ago and took over the highest administrator privileges of the system in an instant. After obtaining the highest level of authorization, the hacker entered a deserted area: first, they forcibly listed their own Air Coin CVT, cut off the real oracle price, raised the valuation of counterfeit currency, and then unplugged the withdrawal circuit breaker mechanism. Finally, using worthless CVTs as collateral, the assets such as USDC, SOL, and WETH in the vault were emptied in 31 installments within just 12 minutes. During this process, Solana's Durable Nonce mechanism exposed high sociological risks. The mechanism was originally designed to support offline signatures and delayed submissions. Under normal circumstances, ordinary transactions that are not on the chain in a short period of time will naturally become invalid and cancelled. So once the administrator signs this transaction due to negligence or fraud, as long as the hacker holds it in their hand, the signature will remain valid forever. Hackers can carry this master key to attack the protocol at any time, while stacking Drift's zero time lock, causing the defense to have no response time for defense and notification. What's even more terrifying is that you have no idea how many protocols are being signed by hackers due to the Durable Nonce mechanism, whether it's just Drift itself or every Defi protocol. The project party has excessive permissions, including emergency permissions with agreements, as well as the ability to quickly add new collateral and modify oracle machines. In theory, this is not Defi at all. The so-called multi signature wallet is no different from centralized management. The current DeFi protocol is like an underground vault waiting in line for hackers to pick a day to withdraw money. Multiple security agencies have also highly linked this technique to the historical behavior of national level hacker organizations such as North Korea (DPRK). If Defi cannot withstand this challenge, the on chain finance that has been popular for 5 years may come to a complete end.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads