1/ the @bybitexchange hack exposes a security risk that could have been easily mitigated with our battle-tested, ultra-secure Zodiac tooling.

no protocol changes needed, quick setup on any @safe.

here's how:

Bybit detected unauthorized activity involving one of our ETH cold wallets. The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated through a sophisticated attack that masked the signing…

Bybit

Trade Daily. Earn $BTC Daily #MinersPointsPlaza #BitcoinHalving

1/ the @bybitexchange hack exposes a security risk that could have been easily mitigated with our battle-tested, ultra-secure Zodiac tooling.

no protocol changes needed, quick setup on any @safe.

here's how: 

https://x.com/Bybit_Official/status/1892965292931702929

2/ Zodiac Roles for controlled execution

Roles enforces spending limits + approved recipients, preventing any one signer (or attacker) from draining funds through predefined rules

the mod defines who can spend, how much, and where funds can go.

in Bybit’s case, a spending cap + whitelisted addresses could have restricted the damage, whether or not human signers were compromised

♉︎  good soil tooling for onchain entities

3/ Zodiac Delay for built-in reaction time

cold wallets aren’t automatically safe if a bad txn is signed

Delay queues txns first, giving time to detect + prevent unauthorized movements

even in light of increasingly sophisticated supply chain attacks, Bybit’s cold wallet could have had a built-in time buffer before execution, preventing an instant drain

3/ Zodiac Delay for built-in reaction time

cold wallets aren’t automatically safe if a bad txn is signed

Delay queues txns first, giving time to detect + prevent unauthorized movements

even in light of increasingly sophisticated supply chain attacks, Bybit’s cold wallet could have had a built-in time buffer before execution, preventing an instant drain

https://www.zodiac.wiki/documentation/delay-modifier

4/ Zodiac security principle:

the underlying security principle is the same in both cases. instead of one txn that does everything, each mod forces a two-step approach:

1. unlock (Roles) / queue (Delay) the txn
2. execute after verification

this pattern makes exploits harder and detection easier.

5/ Zodiac Pilot for @safe signer diversity

another useful tool is Pilot

to increase security, signers should use different UIs to verify txns before approval: if one UI is compromised, alternative interfaces like Pilot can expose the real blockchain state

this makes deception much harder — an attacker would need to trick multiple independent systems

5/ Zodiac Pilot for @safe signer diversity

another useful tool is Pilot

to increase security, signers should use different UIs to verify txns before approval: if one UI is compromised, alternative interfaces like Pilot can expose the real blockchain state

this makes deception much harder — an attacker would need to trick multiple independent systems

https://pilot.gnosisguild.org

6/ 3 ways to improve security with Zodiac — use them individually or together for better protection:

🔸Roles mod: limits who can act + enforces spending rules
🔸Delay mod: adds a time buffer to prevent instant drains
🔸Pilot: increases signer security by using multiple UIs

no protocol changes needed — any onchain entity can add them to their @safe today.

7/ security isn’t just about stopping hacks — it’s about protecting people, orgs, and ecosystems.

it's never too late to be proactive about security.

learn about Zodiac:
https://zodiac.wiki
https://github.com/gnosisguild

make noise in our discord:
https://discord.gnosisguild.org

2/ Zodiac Roles for controlled execution

Roles enforces spending limits + approved recipients, preventing any one signer (or attacker) from draining funds through predefined rules

the mod defines who can spend, how much, and where funds can go.

in Bybit’s case, a spending cap + whitelisted addresses could have restricted the damage, whether or not human signers were compromised https://roles.gnosisguild.org