BingX Sentinel: CipherBC’s MPC Wallet Shielding Exchange
On Friday, September 20th, BingX fell victim to a hacker attack, resulting in the theft of approximately $43 million worth of cryptocurrencies from the exchange’s hot wallet. Downplaying the event’s significance, BingX stated that the network breach caused only “minor” losses. Product Manager Vivien Lin affirmed, “BingX’s own funds will fully bear all user losses from this hack.” Lin further mentioned that security firms had assisted in freezing around $1 million of the stolen funds at the time of writing. BingX is still assessing its total losses.
Hackers Initiating Fund Transfers and Token Exchanges
As per monitored blockchain data, a wallet address suspected to be controlled by hackers (0xf7e…) has begun conducting multiple token exchanges via the decentralized trading platform Kyberswap, gradually transferring assets to numerous new wallet addresses. This tactic complicates tracking of the funds, indicating the hacker’s attempt to obfuscate asset flow by distributing them among multiple wallets. Subsequently, the hackers drained BingX’s hot wallet of 360 other tokens, converting them on decentralized exchanges like Uniswap and KyberSwap into ETH and BNB.
Security Mechanisms of Hot and Cold Wallets
To elucidate the incident, BingX detailed its asset management approach. The platform employs a layered security management system, with most user assets stored in relatively secure cold wallets. Cold wallets, being offline, are impervious to direct network intrusions by hackers. These wallets serve the purpose of long-term storage for significant assets and are not utilized for day-to-day trading or withdrawal operations.
Conversely, hot wallets cater to daily user withdrawal and trading needs. While offering greater convenience, hot wallets are susceptible to attacks due to their constant online presence. Therefore, BingX stores only limited assets in hot wallets for short-term withdrawal requirements. In this incident, the attack’s impact was minimized due to the restricted funds in the hot wallet, and the platform swiftly implemented emergency measures to prevent further losses.
The breach of BingX’s hot wallet has prompted widespread attention, underlining the importance of wallet security in the crypto industry. Particularly for large institutions like exchanges, the design of wallet systems is critical.
CipherBC’s MPC Wallet Approach
CipherBC’s employment of MPC technology presents an innovative security solution for exchanges, replacing traditional private key management with distributed node co-signing of transactions. This technology offers a high level of security and enables exchanges to better safeguard user assets without compromising operational efficiency.
Real-time Update System for Encrypted Key Shards
Initially, the private key is divided into three key shards, stored in different locations, but not just split into three parts; they are encrypted into other data forms. Hackers attacking the MPC provider or malicious insiders can easily disrupt vulnerable databases, rewrite ledgers, alter ownership policies, or allow different addresses and call trades to suit their purposes. CipherBC employs algorithms that update key shards regularly without changing addresses . In other words, hackers need to break into all servers and decrypt all private keys within the next time window to break into our system. The system ensures periodic updates to the encrypted key shards, ensuring that them are distinct, adding an extra layer of protection.
Enhanced Operational Flexibility with MPC Technology
With organizational growth, adjustments to processes for accessing and transferring digital assets are inevitable. This includes determining the number of employees required to sign transactions, gradually adding new key shares as new staff members join, revoking key shares when employees leave, and adjusting thresholds as necessary for transaction signing.
领英推荐
However, in such scenarios, multi-signature addresses pose various challenges for your organization as they are predefined. Once a wallet is created with an “M of N” structure, it remains fixed. For instance, changing from “3 of 4” to any other setting necessitates:
Create a new wallet with the new scheme.
Transfer all assets to the new wallet.
Inform all partners of the change in wallet addresses.
However, it is challenging and risky as partners may inadvertently send funds to the old deposit address, resulting in permanent loss of those funds.
In contrast, MPC wallets empower continuous modification and maintenance of signature schemes. For instance, changing from “3 of 4” to any other setting requires existing shareholders to agree to the new distribution computation and add new user shares. Throughout this process, the blockchain wallet address (deposit address) remains unchanged, meaning:
You do not need to create a new wallet.
You do not need to transfer any funds.
Your partners can continue using the existing address.
CipherBC Flexify — Stringent Approval Processes with RAFP
In the latest MPC Wallet CipherBC Flexify launch, CipherBC leverages its unique RAFP to personalize approval processes. For instance, when interacting with decentralized platforms like Uniswap during transfer transactions, approval nodes such as HR and the Finance team can be custom-set for review. Only approved transactions can be transformed by the RAFP and be submitted onchain, further ensuring the accuracy of transaction information to prevent internal fraud and human errors.
Amid the escalating trend of hacker attacks, CipherBC leverages MPC technology and RAFP systems to provide comprehensive security protection for exchanges, effectively preventing asset theft incidents and elevating overall exchange security.