In the Bybit stolen asset tracking and analysis report disclosed by the @ SlowMist_Team @ evilcos security team yesterday, it was mentioned that 15000 cmETH was luckily prevented from being withdrawn by @ mETH Protocol, recovering a loss of $42m. Many friends must be curious about what's going on here? METH Protocol is a liquidity staking protocol launched on the Ethereum mainnet by Mantle layer2 chain to enable users to generate native returns when depositing ETH in layer2. It is a liquidity staking asset with a cumulative deposit volume second only to stETH, wBETH, and rETH. Mantle uses mETH as its core tool to absorb liquidity on different layer2 chains, and once became the interactive liquidity scheduling center for layer2. It can be imagined how important mETH is to the strategic value of Mantle chain. CmETH is a re pledged asset of mETH, which means that users can re pledge their circulating mETH assets to exchange them for cmETH assets. Compared to mETH, although cmETH bears an additional risk of re pledging leverage, it can mine in various campaigns of layer 2 to obtain its new protocol governance token COOK. In short, cmETH is a type of equity certificate asset circulating in the Layer2 network, which interacts with various Layer2 protocols in combination. It is precisely because of this complex business interaction logic that the cmETH protocol has incorporated three key security mechanisms in its design: 1. Address blacklist mechanism, as the name suggests, can quickly blacklist addresses marked as hackers to restrict their transfer or interaction with cmETH assets; 2. The contract can be temporarily suspended. In case of emergency, the team has the authority to urgently suspend withdrawal operations to prevent the circulation of suspicious assets; 3. The delayed withdrawal mechanism adopts a FIFO (first in, first out) queue mechanism, and the contract has a built-in withdrawal delay of up to 7 days (8 hours for this event), which is equivalent to a calm processing response time, giving the team enough time to identify abnormal withdrawal behavior on the chain. Although it may seem that a certain degree of decentralization has been sacrificed for security, don't forget that cmETH is a re collateralized (leveraged) asset stacked on top of mETH. Its main business scenario is to mine as equity certificates in various DeFi protocols, and its security will affect the overall liquidity security of various cross chain and cross protocol systems. At present, as an important component of the Mantle ecosystem, it is reasonable to consider and design additional security mechanisms to cope with hacker attacks and unexpected situations. I just didn't expect that cmETH's design didn't play out in the complex combination ecosystem of DEX on the chain, but instead made a big contribution to Bybit blocking assets.