Lưu trữ cho từ khóa: #DeFi

DeFi

What will it take to accomplish real blockchain interoperability? | Opinion

Để lại phản hồi

For years, blockchain interoperability has been a buzzword and a top priority within the crypto and web3 industry. Despite numerous platforms, protocols, and projects dedicated to solving the lack of inter-blockchain communication, broad interoperability within the widening ecosystem remains out of reach.

Despite the up-and-down crypto price swings we’ve seen lately, the foundation of the digital assets sector, which includes blockchain, is much more mature, stable, and focused on solving real-world problems. We’ve also seen blockchain technology adoption within numerous industries, including supply chain management, where it’s improved efficiency by removing the need for multiple intermediaries through its transparent and traceable characteristics.

We can’t diminish blockchain’s progress over the last year or two, both within web3 and with its expansion to other industries such as real estate and healthcare. Despite advances in areas like decentralized finance, decentralized physical infrastructure networks, and tokenized real-world assets, how can we expect mainstream adoption if assets can’t be smoothly transferred between major blockchain networks like Solana (SOL) and Ethereum (ETH)?

Whether cross-chain bridges like Wormhole, layer-2 solutions like Arbitrum, interoperable-oriented blockchains like Polkadot (DOT), or interoperability protocols like Chainlink (LINK), each of these solutions tends to solve only one aspect of the problem.

Security vulnerabilities associated with cross-chain bridges and sidechains have been well-documented as they rely on complex smart contracts and often employ centralized custodians to hold funds during transfers. This creates a single point of failure that hackers can and have exploited. All we have to do is examine the Ronin Bridge hack from 2022, where a hacker ran off with about $625 million in crypto through a hacked private key, to understand the risk they pose.

Blockchains like Polkadot or Cosmos have implemented innovative and sophisticated mechanisms to try and solve the interoperability puzzle. However, Polkadot’s interoperability is limited to its ecosystem and isn’t scalable. Cosmos offers a bit more flexibility, but it suffers from security weaknesses and hasn’t fulfilled its mission of being the “Internet of Blockchains.”

The main issue with today’s limited blockchain interoperability is that it fragments the space into disparate ecosystems, essentially turning the industry into a growing number of isolated liquidity islands. Polkadot’s parachains can communicate with each other, but being able to transfer assets and data between blockchain networks such as Ethereum or Binance would be immensely more beneficial for the entire web3 space.

Solving this would enable seamless asset transfers by making it faster, cheaper, and more secure, even enhancing the utility of stablecoins, altcoins, and tokens across multiple chains. Furthermore, interoperability would greatly enhance the role of DeFi protocols by enabling the creation of unified liquidity pools, which would create deeper and more stable markets and reduce slippage in larger trades.

Breaking down these liquidity barriers doesn’t just equate to a smoother flow of funds and higher token values. It can also translate to reduced dependence on centralized exchanges, which essentially serve as risky bridges, improved scalability, a more user-friendly experience, and greater potential for innovation across web3.

While interoperability seems less and less a priority as other web3 developments and trends steal the headlines, there is still plenty of behind-the-scenes R&D taking place. Various projects are developing their own solutions, but there is no single framework that’s emerged as a universal standard.

Kima, for instance, represents one of the most promising interoperability protocols currently developing a solution to unify the entire blockchain ecosystem. As an asset-agnostic, peer-to-peer money transfer, and payment protocol, Kima has developed a flexible decentralized solution to move assets between blockchains without using smart contracts. Powered by its decentralized settlement layer, universal payment rail, and liquidity cloud, Kima has undergone three years of intense R&D as it prepares for its upcoming mainnet and token launches. 

Kima has secured pre-launch support for all the major blockchains and is developing partnerships with a wide range of web3 and TradFi players because its protocol is also built to link digital assets with fiat systems like bank accounts and credit cards. By facilitating smooth transfers between fiat and crypto, Kima positions itself as a crucial infrastructure piece at the intersection of both DeFi and finance.   

Fostering true blockchain interoperability is certainly a challenge, but progress is being made. It requires broad collaborations among competing networks and a commitment to a universal standard. Standardizing communication protocols, facilitating the highest degree of security, and maximizing decentralization are a good starting point. Continued investment in research along with a flourishing community of dedicated developers provides enough optimism that genuine interoperability is achievable.  

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Công nghệ

Bitfinex backs payments chain Plasma’s bid to expand USDT on Bitcoin

Để lại phản hồi

Bitfinex has invested in Plasma, a payments, real-world assets and decentralized finance infrastructure platform focused on Bitcoin.

The Bitfinex team announced via X on Oct. 18 that it had invested in Plasma to help scale Tether (USDT) usage on Bitcoin (BTC).

According to a blog post introducing Plasma, the platform is eyeing a zero-fee payment rail for USDT.

It’s a network where users can send U.S. dollar denominated assets to anyone around the world with no fees and leveraging Bitcoin. Rather than BTC as the native payment asset, Plasma looks to tap into the benefits of USDT and such other stablecoins, with its network as the execution layer.

Plasma allows for gas fees payment with BTC as it has native UTXO support. The account architecture also means a hybrid environment on which users can unlock staking and other benefits on Bitcoin. It also offers Ethereum virtual machine compatibility.

As well as solving global payments challenges, Plasma aims at sparking further adoption of the Bitcoin network across RWAs and DeFi, according to the blog post.

Commenting on the investment, Bitfinex chief technical officer (also chief executive officer of Tether) Paolo Ardoino, said:

“Bitfinex is excited to support the growing Bitcoin ecosystem with our investment in Plasma. With the uncertainty that covenants will come to fruition, it’s very important to explore different avenues to build on top of the most secure, decentralized, and resilient money and speech network ever built by humanity: Bitcoin”

Plasma has also attracted financial backing from Apeiron Investment Group founder and investor Christian Angermayer. Others include venture capital platforms Split Capital, Manifold and Anthos Capital.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Post-mortem reveals stealthy malware injection led to $50m Radiant Capital exploit

Để lại phản hồi

Radiant Capital attackers used malware to hijack developer wallets and swipe over $50 million in assets.

According to Radiant Capital’s post-mortem report, the attack on Oct. 16, 2024, which led to losses upwards of $50 million, was “one of the most sophisticated hacks ever recorded in DeFi.”

The attackers compromised the hardware wallets of at least three Radiant developers through a sophisticated malware injection, though it is believed that more devices may have been targeted. 

The malware manipulated the front-end interface of Safe{Wallet} (formerly known as Gnosis Safe), displaying legitimate transaction data to the developers while executing malicious transactions in the background. 

The attack was executed during a routine multi-signature emissions adjustment process, which takes place periodically to adapt to changing market conditions. Despite multiple layers of verification through Tenderly simulations and manual reviews, no anomalies were detected during the signing process, the report added.

The attackers took advantage of Safe App transaction resubmissions, a common occurrence due to issues like gas price fluctuations or network congestion. By mimicking these routine errors, the attackers collected multiple compromised signatures unnoticed, eventually signing the “transferOwnership” function, which transferred control of Radiant’s lending pools to the attackers.

The breach affected Binance Smart Chain (BSC) and Arbitrum, with the attackers using these signatures to alter smart contracts, specifically exploiting the transferFrom function as previously reported by Web3 security firm De.Fi. This allowed them to drain assets from users who had granted approval to the lending pools.

Further, the report added that many protocols might be at risk and suggested several preventative measures. These include implementing multi-layer signature verification, using an independent device for verifying transaction data, avoiding blind signing for critical transactions, and setting up error-triggered audits to catch potential issues before signing.

In an Oct. 18 X post, Independent programmer Daniel Von Fange noted that the attackers were still draining any assets being transferred to the compromised wallets and advised users to quickly revoke any approvals they had given to the affected contracts to avoid further losses.

Post-hack measures

Radiant Capital has since paused its lending markets on BNB Chain and Arbitrum. In an Oct. 17 X post, Radiant confirmed it was working with several cybersecurity firms, including SEAL911, Hypernative, and Chainalysis, to investigate the incident and recover the stolen assets.

The lending protocol’s immediate preventive measures include generating fresh cold wallet addresses using uncompromised devices for each member of the Safe, reducing the number of signers to 7, and increasing the signing threshold to 4 out of 7. Further, contributors will also double-confirm transaction data for each transaction using the input data decoder on Etherscan to ensure added accuracy before signing.

The company is also working with U.S. law enforcement agencies to freeze the stolen funds and trace the attackers while collaborating with ZeroShadow to analyze the digital footprint left by the exploiters.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

POPCAT jumps 13.6% as analysts eye new highs

Để lại phản hồi

Popcat emerged as the top gainer of the day, fueled by improved community sentiment and a notable jump in its futures open interest.

Popcat (POPCAT) is up 13.6% in the past 24 hours and is trading at $1.37 at the time of writing. Its price has also appreciated 90.5% over the last 30 days, with its market cap surging to $1.33 billion. A spike in 24-hour volume to $151.8 million confirms the growing interest.

The broader crypto community remained predominantly bullish on Popcat’s prospects, according to data from CoinMarketCap.

POPCAT’s price rally coincided with a rise in futures open interest. According to CoinGlass data, open interest in futures market jumped by 21% over the last 24 hours, indicating traders’ growing interest in the meme coin.

The number of Popcat holders has also surpassed 80,000, an indicator of expanding community participation and investor confidence.

On the 1D POPCAT/USDT chart, the meme coin’s price currently stands above its middle Bollinger band suggesting a potential continuation of the bullish trend. Moreover, the Relative Strength Index has fallen from its Oct. 12 overbought levels and currently stands at 60 suggesting there is still room for further gains before hitting the overbought zone again.

POPCAT 1D price, Bollinger Bands, and RSI chart — Oct. 18 | Source: crypto.news

Meanwhile, analysts are optimistic about Popcat. Per pseudo-anonymous market analyst Trading Tank, POPCAT is currently heading toward a strong resistance level at $1.54, its all-time high which also serves as the neckline of a bullish double-bottom price action pattern. 

According to the analyst, if POPCAT breaches the neckline, there is a strong possibility that the meme coin could reach a new high in the short term.

They also highlighted Popcat’s next potential targets. According to them, the meme coin faces resistance at $1.9250. Should bulls manage to break above this, the next targets could be $2.3850 and $3.310.

Other analysts have predicted much more bullish targets for Popcat. 

In an Oct. 17 post on X, Trade4ddict suggested that Popcat could continue its ascent toward $4, given its recent breakout above the $1 resistance level. Analyst Murad shared a similar outlook, forecasting that POPCAT could reach $5-$6.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Worldcoin rebrands to ‘World,’ debuts layer-2 network and new features

Để lại phản hồi

Worldcoin has rebranded as World, alongside the launch of its Ethereum layer-2 network World Chain, and unveiled several key developments.

During its Keynote address on Oct. 17, Worldcoin founder Sam Altman announced the rebranding alongside upgrades for its iris-scanning Orb devices. The company has already rebranded to “World,” and the change is now visible across its social media platforms and website.

Meanwhile, the new Orb devices are getting an upgrade with Nvidia hardware, making it up to five times more powerful than before, all while shrinking in terms of its carbon footprint and needing fewer parts. 

The new Orbs will soon pop up in self-service kiosks, though they’ll initially be available only in select markets, the company added. This is expected to accelerate the deployment of proof of human verifications across the globe.

World is also expanding its identity verification beyond the Orbs, and users would be able to verify their identity via other avenues, including a program called World ID Credentials. This allows users to verify themselves using NFC-enabled government-issued passports, adding extra flexibility to the process.

The company also introduced World App 3.0, bringing new features to the platform. One of the standout additions is the World ID Deep Face feature, which the company claims can detect and block deepfakes. This tool is designed to ensure the authenticity of video content, offering users enhanced security in an era of increasing AI-generated media.

Alongside these innovations, World announced integrations with popular apps such as WhatsApp, FaceTime, and Zoom, making it easier for users to verify their identity and access World’s services within platforms they already use.

World Chain mainnet launch

The highly anticipated Ethereum layer 2 network, first announced in April, also went live following the keynote event. World Chain is expected to enhance efficiency and bring new functionality to users by integrating World ID, World App, and the Worldcoin cryptocurrency (WLD).

The network will prioritize onboarding verified human users over bots, giving them access to block space and offering an allowance of free gas to further incentivize participation.

The new blockchain already plays host to some of the top projects in the industry like Uniswap, Optimism, Alchemy, and Dune among others. 

WLD price tanks

Despite strong performance in recent weeks, the price of WLD didn’t react to the latest announcements, slipping 1.4% to $2.20 at the time of writing. However, the token remains up 28.4% over the past week and has gained over 47% in the past month.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

DeFi exchange Ambient Finance recovers domain after DNS attack

Để lại phản hồi

DeFi platform Ambient Finance regained control of its website after hackers commandeered its domain.

Ambient Finance became the latest decentralized finance protocol to face a series of front-end attacks launched by unknown cybercriminals. On Oct. 17, Ambient notified its decentralized exchange users of a Domain Name System issue with its website.

DNS exploits occur when hackers compromise a platform’s domain registrar credentials, often aiming to steal assets and funds by embedding malicious links into the website.

Ambient Finance reassured users that its smart contracts and on-chain infrastructure remained secure from attackers. However, the DEX warned users against visiting the website or signing any transactions until further notice to safeguard user assets.

Two hours after the problem was first reported, Ambient Finance announced on X that the issue had been resolved and its DNS was in the process of being repaired.

We have recovered the domain, and DNS is updating now. Since DNS propagation takes time, users should wait for the all-clear before interacting with the front-end site.  Contracts and funds are safe and unaffected.

Ambient Finance on X

A surge of cyberattacks has plagued DeFi and crypto protocols in recent months, indicating that security concerns persist despite growth in the on-chain sector.

In September, Ethereum-based automated market maker Balancer confirmed a front-end incident caused by a social engineering attack. Several DeFi platforms lost control over domains and websites in a July DNS siege. Ethena Labs was forced to temporarily halt its website last month, noting issues with its website.

While cybercriminals were on the prowl, on-chain users continued flocking to blockchain services and cryptocurrency protocols. DeFi remains popular as crypto usage explodes in 2024, a report from Andreessen Horowitz stated on Oct. 16.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Fracture Labs accuses Jump trading of market manipulation in new lawsuit

Để lại phản hồi

A lawsuit filed by game developer Fracture Labs accuses Chicago-based trading giant Jump Trading of running a pump-and-dump scheme.

According to an Oct. 15 filing, Fracture Labs has accused Jump Trading of misusing its role as a market maker to artificially inflate the value of its DIO token, the native cryptocurrency for the web3 game Decimated, before offloading it for millions in profit.

Per the complaint, the two companies entered into an agreement in 2021 in which Jump would act as a market maker for the initial offering of DIO on Huobi, now known as HTX. As part of the deal, Fracture Labs lent Jump 10 million DIO tokens, worth around $500,000 at the time, and sent another 6 million tokens, valued at $300,000, to HTX.

Fracture Labs further adds that after DIO launched, HTX brought in influencers to hype up the token, which pushed its price up to $0.98, and in turn, inflated the value of the borrowed tokens to $9.8 million.

But then, according to the lawsuit, Jump dumped all its tokens, causing the price to crash down to just $0.005. After the plunge, Jump allegedly bought back the tokens for only $53,000 and returned them to Fracture Labs, effectively ending the agreement.

Fracture Labs argues that this move tanked the token’s value, making it hard for the game developer to reel in investors. 

The suit also claims that Jump Trading breached the agreement by failing to maintain DIO’s price within the limits that Fracture Labs had agreed to with HTX. Jump had promised to help keep the token’s price stable, but it didn’t follow through.

As part of the agreement with HTX, Fracture Labs transferred 1.5 million USDT into a holdings account as a guarantee that they wouldn’t manipulate the market during the first 180 days of trading. But after the price drop, HTX refused to refund most of that deposit.

As such, the lawsuit accuses Jump Trading of fraud, conspiracy, and breach of contract and is seeking a jury trial, damages, and the return of any profits Jump allegedly made from the scheme.

Legal troubles

This isn’t the first time Jump Trading has come under legal scrutiny. Last year, the market maker was implicated in a class-action lawsuit involving the alleged manipulation of Terraform Lab’s stablecoin TerraUSD (UST). 

More recently, The U.S. Commodity Futures Trading Commission launched an investigation into the firm’s investing activities. Just days later, the firm’s former president Kanav Kariya resigned.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Web3 security firm’s mistake exposes victims of $50m exploit to wallet drainer

Để lại phản hồi

Victims of DeFi lender Radiant Capital’s exploit were thrown into further disarray when a security firm erroneously shared a link to a wallet drainer while attempting to help them.

On Oct. 17,  web3 security startup Ancilia was criticized for its negligence after it redirected victims of the attack to an X account masquerading as the DeFi lender to dupe users into visiting a malicious site designed to drain users’ assets via approval phishing.

Security experts tricked

Ancilia was the first to report the exploit on Oct. 16, which saw Radiant Capital’s smart contracts on BNB Chain and Arbitrum compromised via the ‘transferFrom’ function, allowing attackers to drain over $50 million in assets, including USDC, WBNB, and ETH.

Following the breach, Radiant urged users to revoke all approvals using Revoke.cash, a tool that allows users to disconnect their wallets from potentially malicious smart contracts, to prevent further losses. 

This step was necessary because the attackers had gained control of several private keys, allowing them to control the DeFi protocol’s multi-signature wallet by transferring ownership.

Crypto scammers jumped on the opportunity, impersonating Radiant Capital on X and pushing fake links disguised to mimic the Revoke.cash platform. Ancilia, not realizing the scam, accidentally shared the fake post, while asking users to “follow the link,” which led straight to the wallet drainer.

Deleted post from Ancilia reposting a Radiant Capital impersonator | Source: Spreek/X

If unlucky victims clicked through and connected their wallets, approving the permissions, their funds would’ve been siphoned off.

Eagle-eyed community members were quick to point out the security firm’s blunder and criticized Ancilia’s negligence as a “‘trusted’ security account.” Subsequently, Ancilia deleted the post, issued an apology, and pointed users to the original Radiant Capital account.

The severity of these scams is highlighted by the fact that the bad actors orchestrate these approval phishing campaigns from hijacked X accounts that often bear the golden verification checkmark, which is designated to verified organizations on the social media platform.

Then, by slightly modifying the account’s name and handle, scammers are able to trick web3 users. In this instance, they changed the account name to “Radiarnt Capital” instead of “Radiant Capital” and altered the handle to “@RDNTCapitail” instead of “@RDNTCapital.” While these changes may seem easy to spot, many users often miss them at first glance.

At the time of writing, several instances of the aforementioned phishing post were still live under Ancilia’s posts.

Impersonation scams

Impersonating genuine projects to trick crypto investors has become one of the most common tools for scammers to lure victims onto phishing platforms. 

Earlier this year, cybersecurity firm SlowMist warned that over 80% of the comments under posts from major crypto projects were scams. Meanwhile, a ScamSniffer report pointed out that this tactic was the go-to move for scammers, causing millions of dollars in losses for crypto investors in February.

Just a day before the recent attack, bad actors were seen running a similar campaign to dupe WLFI investors. Scammers have even targeted Revoke Cash users by impersonating the service in early September and promoting a malicious site using Google Ads.

In related news, this was the second time Radiant Capital was exploited this year. Hackers were able to get away with $4.5 million from the protocol in a January flash loan attack. 

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

DeFi Report: Ethereum generated $261m in fees in Q3, its worst performance since Q4 2020

Để lại phản hồi

In a recent analysis published by the DeFi Report, Ethereum’s network fees generated $261 million in Q3-2024, down 47% compared to the last quarter. Ethereum’s layer 1 fees in Q3 were the lowest the network has seen since Q4 of 2020.

In “The ETH Report: Q3-24” published on Oct. 16, Ethereum(ETH)’s layer 1 in Q3 of 2024 were shown to be the lowest since 2020. The DeFi Report believes that this is due to the emerging growth of layer 2 networks, the introduction of EIP 4844, and the decrease of new crypto users in Q3.

Not only that, the report revealed that Ethereum’s Total Value Locked dropped 14% in the quarter but was up 133% over the last year. The token itself was down 21% this quarter, with more tokens being issued than burned on the network.

In their analysis, the DeFi Report stated they predicted the dip in Ethereum’s fees as a result of
the added EIP4844 update, the introduction of modular data availability network Celestia as well as new cheaper data availability networks popping up.

The launch of Uniswap Labs’ new latest layer 2 solution, Unichain, could also bring about more loss to Ethereum.

“The optics don’t look great. Fees are down. Inflation is up. Uniswap (controls 20% of gas fees to Ethereum validators) is now building their own L2,” said the DeFi Report in their latest analysis.

The founder of DeFi Report, Michael Nadeau, said Ethereum validators could use the opportunity to increase transactions and burn more tokens by driving down fees, which could boost token demand and bring in more profit for the network

“We view this as a win, win, win for app developers, users, and ETH validators or holders. With that said, as L2s scale, we expect that there could be a period where L1 validator revenues drop until the new supply of block space is ultimately filled by new use cases coming to market,” he wrote in The Ethereum Investment Framework.

Earlier this week, Nadeau commented in an X post that Ethereum validators and token holders could lose around $368 million in settlement fees paid by Uniswap with the launch of Unichain. Instead, the funds will go to Uniswap Labs and possibly Uniswap token holders.

ETH token holders could also suffer losses due to the protocol burning less ETH and the allocation of settlement fees going to UNI token holders instead.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News