Hack of a single multisig wallet could drain 12 Ethereum L2s of $121M
A single multisignature crypto wallet has permissions from 12 different blockchain networks, implying that if this single wallet is ever compromised — all 12 networks could be drained of their funds with a potential $121 million in losses.
The networks include Zora, Aevo, Hypr, Orderly, Ancient8, Lyra, Mode, Pgn, Parallel and Metal — all created using the Conduit rollup creation software, according to data shared to X on May 19 by L2Beat researcher Luca Donno.
However, the wallet can’t transact without three of five signatures from the team, Conduit founder Andrew Huang told Cointelegraph. The private keys to these signatures are stored on hardware wallets, making a compromise only possible by “physically compromising 3/5 individuals,” he said.
Source: Luca DonnoHuang claimed the system will be upgraded “over the coming weeks” to make it a five out of seven multisig instead of three out of five.
Centralization risk will be reduced further once layer 2s move to “stage 2” of decentralization, he said.
The data shows that multiple Conduit-based networks use the same wallet to handle tasks such as upgrading the network’s bridge. L2Beat’s Aevo data states its account has “unlimited upgrade power” and the ability to “potentially [gain] access to all funds.” Aevo has over $72 million in total value locked (TVL).
Aevo conduit multisig permissions. Source: L2Beat.Conduit network Lyra has over $20 million TVL and L2Beat lists the same wallet as the “ConduitMultisig” similarly with the potential to gain access "to all funds.”
Lyra permissions. Source: L2Beat.Identical statements can be found on the pages for other Conduit networks, including Zora, Hpyr, Orderly, Ancient8, Mode, Pgn, Parallel, and Metal. All blockchains have a joint total TVL of approximately $121 million — all tied to a single multisignature wallet.
Related: Vitalik Buterin wants rollups to hit stage 1 decentralization by year-end
Layer 2 networks have dramatically lowered gas fees for Ethereum users, but some critics claim they are too centralized and do not provide a good enough user experience to allow for the mass adoption of crypto.
Layer 2 developers claim such blockchains will become more decentralized as they progress through Ethereum founder Vitalik Buterin’s decentralization plan published in November 2022.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitcoin metric breakout teases 'inevitable' 90% BTC price rally next
Morpho (MORPHO): Unlocking the Power of Decentralized Lending
What is Morpho (MORPHO)? Morpho (MORPHO), previously known as Morpho Blue, is a decentralized lending and borrowing protocol that operates on the Ethereum blockchain and other compatible networks. Its primary purpose is to facilitate overcollateralized loans—a system where borrowers must deposit co
ACRA analysts listed the regions of Russia that are optimal for mining
Dogecoin Chart's Second Bull Flag Will Lead to $0,90 Breakout