When Multi-Signature is No Longer Safe
On February 21, 2025, the cryptocurrency exchange Bybit suffered a hacking attack that resulted in approximately $1.5 billion in assets being stolen. This incident not only set a new record for cryptocurrency theft but also shocked the entire industry: the attack bypassed the multi-signature security mechanism that is considered the industry standard.
Post-incident analysis revealed that the hacker compromised the developer's device for Safe and modified the front-end JavaScript code on the Safe{Wallet} server. When Bybit multi-signature holders logged in, the interface displayed normal transactions, but what was actually signed was completely different content, leading to the theft of funds.
This incident sparked profound reflection: Is the multi-signature wallet really the problem? Or is it the way we use it that is flawed?
The Blind Spot of Security: Invisible Single Points of Failure
After the Bybit incident, a question emerged: Is Safe really secure?
It must be acknowledged that the Safe contract itself is secure. It is fully open-source, audited by multiple security firms, and has not shown significant contract vulnerabilities in its historical operation. However, security is not just a matter of contract code.
In fact, security risks involve a long chain of trust. When using a Safe wallet, signers rely on many components: signing devices, operating systems, browsers, wallet plugins, Safe UI, RPC nodes, blockchain explorers, hardware wallets, and their software. This chain is too long; hackers often only need to compromise one link to gain substantial rewards.
In the Bybit incident, the attacker chose a seemingly inconspicuous link: the web front end. The hacker attacked the Safe{Wallet} server and replaced the JavaScript. Users thought they were signing normal transactions, but in reality, they were authorizing a malicious upgrade (changing CALL to DELEGATE_CALL).
Further analysis revealed that the root of such security vulnerabilities lies in the "cross-points in the trust chain." A multi-signature wallet should create a secure chain verified by multiple individuals, with each link overseen by independent entities. Ideally, each signer should use separate tools and methods to verify transactions. However, in reality, signers often share the same web interface, the same set of RPC nodes, similar types of hardware wallets, and similar verification processes.
This highlights a critical security vulnerability: when all signers rely on the same web interface, an attacker only needs to control this shared single point to deceive all signers simultaneously. It is worth noting that this is not a problem unique to Safe, but a common blind spot in multi-signature practices that is often overlooked.
These shared points are the weaknesses in the security chain. A hacker only needs to compromise one cross-point to simultaneously affect everyone.
This profound lesson tells us that security is not a tool but a set of systematic practices. Having top-notch multi-signature tools is not enough to ensure security; the key lies in how to build a complete security process with them.
For institutions and exchanges, this realization is particularly urgent. Data from 2024 shows that losses from cryptocurrency theft increased by 67%, reaching $494 million, but the number of victim addresses only increased by 3.7%. Attackers have clearly shifted to "precision strikes" on high-value targets, with the largest single theft amounting to $55.48 million. When your asset scale reaches an institutional level, you become a prime target for hackers, and any security compromise can lead to disaster.
The losses at Bybit serve as the most profound lesson, ringing alarm bells for the entire industry: true multi-signature security requires multiple independent verification paths, not just multiple signers. If everyone relies on the same information source, no matter how many signers there are, true security cannot be achieved.
In other words, Safe itself can be very secure, but only if you use it correctly and understand every link in the entire security chain. This is especially important for high-net-worth users.
MPC + Safe: A More Powerful Security Combination?
If the $1.5 billion loss from the Bybit hack taught us anything, it is to rethink the essence of security: the safety of a multi-signature wallet does not lie in the number of signers but in the independence of the verification paths.
When everyone looks at the same web interface, it creates a perfect single point of failure. A hacker only needs to compromise this point to deceive everyone. This is the truth of the Bybit incident.
So, how can we strengthen the independence of verification paths while maintaining the advantages of decentralized multi-signature permissions?
The combination of MPC and Safe may be the answer. This combination not only inherits the advantages of both but may also create a new security paradigm that fundamentally addresses the "shared trust point" problem in current multi-signature practices.
The security design of Cobo Portal's MPC+Safe combination is based on two core principles:
Decoupling Verification Links
In traditional multi-signature solutions, all signers share the same interface, RPC nodes, and parsing logic, forming a dangerous "concentrated trust point." A more secure solution should break this model and establish a separate verification system:
Separate signing infrastructure (such as MPC or HSM)
Independently maintained RPC node network (not relying on nodes provided by Safe)
Independent service layer for parsing transaction content (ensuring each signer sees the real transaction content)
Dedicated approval interface, completely isolated from the main web UI
Cobo's "Safe{Wallet} co-signing" solution is developed based on this concept and can serve as a signer in the Safe multi-signature wallet while being completely independent of other signers.
Its working principle is as follows: Cobo Portal pulls pending transactions to be signed from the Safe service, reviews them through an independent risk control system, then uses an MPC wallet or fully managed HSM wallet to complete the signing and pushes the signed results back to the system.
Taking the Bybit incident as an example, even if hackers hijacked the Safe interface, Cobo's independent verification system would still display the real transaction content and risk warnings.
Principle of Least Privilege
As a security product of Cobo, the Cobo Safe permission separation module implements a simple yet powerful concept: cold wallets never need full permissions.
For exchanges, the main job of a cold wallet is to transfer funds to a hot wallet. However, every time the hot wallet needs funds, the administrator must use the full control of the cold wallet to make the transfer, which increases unnecessary risk exposure.
The Cobo Safe solution is straightforward, allowing the creation of a special "restricted operator" role that has only one permission: to transfer specific whitelisted tokens to a pre-set hot wallet address. Daily operations can be conducted through this low-permission address, and the main Safe does not need to be frequently accessed. Users can also configure the black and white lists of Safe themselves, including restrictions on callable target contracts, further enhancing permission control.
This means that even if hackers completely control this operator account, the only thing they can do is transfer funds to the exchange's own hot wallet—without permission to modify wallet settings, redirect to other addresses, or use non-whitelisted tokens.
If Cobo Portal had been used, would the $1.5 billion theft incident still have occurred?
Once we understand how attackers operate, we can design effective defenses. Let's simulate the attacker's action path and see how Cobo Portal's protection would function in the Bybit attack scenario.
Scenario Recreation
Attack Step 1: Malicious JavaScript code injected into the Safe front end
Under the Safe multi-signature scheme: all signers use the same attacked interface and see the disguised transaction content;
Under the Cobo Safe{Wallet} co-signing scheme: although the Safe interface is attacked, Cobo's independent approval app remains unaffected and displays the real transaction content.
Attack Step 2: Disguised transaction request for signing
Under the Safe multi-signature scheme: the signer sees "transfer to hot wallet," but is actually authorizing an upgrade;
Under the Cobo Safe{Wallet} co-signing scheme: the independent verification link parses the real transaction as a Delegate Call operation, and the app displays a risk warning.
Attack Step 3: Collecting signatures to execute the attack
Under the Safe multi-signature scheme: after collecting enough signatures, the contract control is obtained by the attacker;
Under the Cobo Safe{Wallet} co-signing scheme: the real transaction content and risk prompts are displayed, allowing signers to recognize the attack behavior.
Attack Step 4: Bypassing the multi-signature defense line
Under the Safe multi-signature scheme: after the attacker gains control of the contract, they can transfer all assets;
With the use of the Cobo Safe solution: even if all previous defenses are breached, Cobo Safe's permission separation ensures that the attacker can only execute pre-authorized operations (such as transferring to a whitelisted hot wallet).
Under the independent verification protection of Cobo Portal, the Bybit attackers would be intercepted at multiple stages. It is important to emphasize that while Cobo Safe{Wallet} co-signing and Cobo Safe are two independent products, using both together provides a higher level of security. If the independent verification defense is breached, the permission separation system can still effectively limit the potential loss range. Through this deep defense strategy, the loss of $1.5 billion in assets could have been completely avoided.
Security is like insurance. People only realize its importance after a disaster occurs.
Unfortunately, this industry has already paid astronomical tuition fees, but this also provides us with an opportunity to rethink crypto security, which is an asymmetric game. Attackers only need to find one vulnerability, while defenders must guard against all. When billions of dollars in assets are at stake, top hackers and even state-level attackers with unlimited resources will spend months or even years studying your system, looking for that one weakness.
This is precisely why Cobo developed the Safe{Wallet} co-signing solution. We want to solve a core problem: how to eliminate single points of failure? The answer is to reconstruct the entire verification process to achieve multiple security guarantees. For institutions managing large assets, security has never been the opposite of efficiency; it is a prerequisite. Without security, efficiency is meaningless.
Cobo has been using this system internally, and after frequent security incidents, we realized that these security practices should not belong only to us but should benefit more users. Therefore, we have productized it and launched a 30-day free trial. We hope it can not only protect your assets but also continuously optimize and upgrade through your feedback, making the security system more robust.
Security is not a one-time investment but a continuously evolving process. As threats escalate, security protections must also be continuously iterated. Only through focus and persistence can we truly respond to the ever-changing risk environment.
If you are managing large cryptocurrency assets or are a high-net-worth user, we welcome you to try the Cobo Safe{Wallet} co-signing solution and share your experience with us. In the crypto industry, security is always the most important thing.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
