Original | Odaily Planet Daily (@OdailyChina)
The popular project Hyperliquid (HYPE) experienced its largest correction since launch today.
According to Bitget, as of around 14:00 Beijing time, HYPE was reported at 26.21 USDT, with a daily drop of up to 20.5%.
Are North Korean hackers targeting Hyperliquid?
Looking at market news, the most discussed event in the Hyperliquid community today was a warning from well-known security researcher Tay (@tayvano_) — multiple North Korean hacker addresses that have been flagged are currently trading on Hyperliquid, with total losses exceeding 700,000 USD.
As of the time of writing, there are no signs of any attacks on Hyperliquid, but as Tay said, “If I were one of the 4 validators managing Hyperliquid, I might have already wet my pants”… Signs of activity from the strongest hacking forces in the cryptocurrency world may indicate that North Korean hackers have set their sights on Hyperliquid as a potential target and are testing the system's stability through trading.
After Tay's post, it immediately sparked heated discussions within the community, especially regarding the “4 validators” issue mentioned by Tay, which led to intense debates. Some community users even viewed it as the weakest link in Hyperliquid's current system security.
Potential Threat: 2.3 Billion USD Reliant on 3/4 Multi-Signature
Abstract developer cygaar explained that currently, the Hyperliquid bridging contract deployed on Arbitrum holds a total of 2.3 billion USD in USDC, and most functions in this bridging contract require 2/3 of the validators' signatures to execute (since there are only 4 validators, 3 signatures are actually needed).
Assuming that the majority (3/4) of the validators are compromised, the compromised validators could submit a request to withdraw all USDC from the bridging contract and send it to a malicious address. Since the attackers control the vast majority of the validators, they would be able to pass and finalize the withdrawal request, meaning that 2.3 billion USD in USDC would be transferred to the attackers.
Currently, there are two lines of defense that can intervene to prevent these USDC from being permanently lost.
The first line of defense is at the contract level of USDC. Circle's blacklist mechanism can completely prohibit specific addresses from transferring USDC. If they act quickly enough, they can prevent the attackers from transferring the stolen USDC, effectively freezing the funds and repaying the Hyperliquid bridging contract.
Regarding this line of defense, security expert ZachXBT commented that Circle is very inefficient, and one should not expect them to take any remedial action, but ZachXBT clarified that this comment is directed only at Circle and does not reflect his views on Hyperliquid.
The second line of defense is at the Arbitrum network level. Currently, the Arbitrum L1/L2 bridging contract on Ethereum is protected by a 9/12 multi-signature contract (security committee). Assuming the attackers somehow control the 2.3 billion USDC and immediately exchange it for other tokens, thereby circumventing Circle's blacklist mechanism. Theoretically, the Arbitrum security committee could also change the state of the chain, roll back, and prevent the initial attack transaction from occurring. In “emergency situations,” the committee can vote to decide whether to intervene in this manner.
Cygaar added that the last line of defense is obviously highly controversial and should only be used in the most critical situations.
“Deliberate FUD” or “Good Faith Warning”? Community Reactions are Mixed
In response to Tay's warning post, the community's reactions have been sharply polarized.
On one hand, some community members believe Tay's warning is exaggerated, especially after HYPE's decline, many community users think Tay is just “deliberately spreading FUD.”
Some community members pointed out that North Korean hackers target every protocol with high TVL, not just Hyperliquid, and merely discovering traces of hackers does not indicate that the protocol is under threat;
Other community members noted that Tay himself actually works for Consensys, and his so-called “warning” may have ulterior motives, essentially just to ensure that Consensys can reach the most favorable cooperation with the Hyperliquid team.
On the other hand, some well-known figures chose to support Tay's security work.
Well-known white hat hacker samczsun stated that although Tay has been serving the cryptocurrency industry for free for several years, he has faced fierce criticism for this post, simply because HYPE's price dropped significantly after the warning was issued… It’s really sad to see such news.
Evgeny Gaevoy, founder and CEO of Wintermute, also stated that Tay's communication style may be a bit harsh (after the tweet was published, Tay had intense exchanges with some users who criticized him), but you cannot ignore information like this.
In summary, for Hyperliquid, which has been smooth sailing since its launch, today's discussion can be seen as a minor incident in the project's operation. It is minor because Hyperliquid has not actually suffered an attack; it is significant because some weak links in the Hyperliquid system have been exposed, and community consensus has shown a certain degree of divergence on this issue… But as a leading player aiming to change industry rules, this incident is more of a good litmus test than a difficulty. How Hyperliquid will address the 3/4 multi-signature issue and quell the UFD will also be a good opportunity for the market to reassess the quality and efficiency of the project.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
