| ▲ | WatchDog 6 hours ago |
| > took a private key from KMS They used KMS to sign the minting operation, but they didn't "take" the key, AWS KMS doesn't let you extract keys. |
|
| ▲ | pants2 5 hours ago | parent [-] |
| ^ this is a common security misconception in crypto. "We're using an HSM, they can't steal our private key." OK genius now you still have to secure the HSM. There's no shortcut to MPC/multisig with 3+ keyholders. |
| |
| ▲ | Ferret7446 5 hours ago | parent | next [-] | | It's still significantly better, since access can be revoked, vs a leaked key where you're permanently fucked | |
| ▲ | WatchDog 5 hours ago | parent | prev [-] | | > you still have to secure the HSM Obviously. > There's no shortcut to MPC/multisig with 3+ keyholders. The whole concept of a stablecoin seems to be based on centralised trust.
Ultimately there is some org that has the fiat bank account, that mints and redeems the coins. | | |
| ▲ | idiotsecant an hour ago | parent [-] | | Nope, that is the foundation of bad stablecoin. Trustless decentralized stablecoin like DAI exist. People just largely don't do their homework and prefer scams that lure them in with promises of 'yield' |
|
|
