> The attacker used social engineering to induce Drift Security Council multisig signers into pre-signing transactions that appeared routine but carried hidden authorisations.

So much for the "Security Council". What an embarrassment to be in a team/org like that and fail your most basic duty which would be "look at what you sign".

▲

lokar 3 hours ago | parent [-]

That was inevitable, and all designs like that will eventually yield the same outcome.

The people who should be embarrassed are the ones who thought having a group of humans routinely review (possibly complex) transactions for correctness, with no ability to undo/revert the outcome, was a good idea.

▲

lokar 3 hours ago | parent [-]

Also, how could one reasonably disprove that the signers were not in on the scam?

▲

bombcar 3 hours ago | parent [-]

That’s the best part, you can’t!

▲

sebgan 2 hours ago | parent [-]

This is conveniently suspect, no? “Drift migrated its Security Council on March 27 to a new 2-of-5 threshold with zero timelock. That eliminated the delay that would have allowed detection before admin actions took effect.” This was after the perp started working on the heist earlier in the month.

▲

gus_massa an hour ago | parent | next [-]

> 2-of-5

Just to be sure... They need less than half of the Security Council to approve it?

	▲	bombcar 18 minutes ago \| parent [-]
		If it's a "time-safe" kind of thing, 2-of-5 is common. No one person can open it, but any two can.

▲

solguarddev 12 minutes ago | parent | prev [-]

[dead]