Justin Leroux on Warpcast

Justin Leroux pfp

1/ The crypto industry needs to wake up to its biggest blind spot: signing security. Most crypto losses involve private key management and blind signing. If experts get hacked regularly, what hope is there for mass adoption? We need better tools.

1 reply

0 recast

2 reactions

Justin Leroux pfp

2/ The Bybit and Radiant hacks -where a transaction looked legitimate on a computer but is replaced before reaching a hardware wallet- undermines the security benefit of smart contract multisig wallets. If you can't verify what you're signing, the best software tools offer no protection at all.

1 reply

0 recast

0 reaction

Justin Leroux pfp

3/ It’s not a bug or a bad UI. It’s a systemic failure in how we handle transaction verification. Attackers are exploiting the gap between what humans can verify and what machines actually sign - and there’s no effective defense with current tools.

1 reply

0 recast

1 reaction

Justin Leroux pfp

4/ If we don’t fix this, we’ll keep seeing bigger and bigger exploits. Minor positive steps -air-gapping, MPC, AA wallets, better signing flows- cannot solve this alone. Transactions must be verifiable on secure hardware, by humans, in a trustless way.

1 reply

0 recast

0 reaction

Justin Leroux pfp

5/ This isn't just about big exchanges and onchain treasuries. This impacts us all - 1 out of 5 crypto users have lost funds due to private key exploits. The industry tells users it's their responsibility to educate themselves and be more careful instead of fixing the problem.

1 reply

0 recast

0 reaction

Justin Leroux pfp

6/ The only real solution is easily readable signing on secure hardware, displayed on a secure screen. There's no solution using only phones or computers: everyone needs a fully independent, tamper-resistant way to verify exactly what they’re approving.

1 reply

0 recast

0 reaction

Justin Leroux pfp

7/ Crypto has grown too important to rely on outdated security solutions we already know leave us all exposed to risk. We all need to collaborate and coordinate to address this problem. If we don't, no mythical killer app will get us the mass adoption we're building for.

1 reply

0 recast

0 reaction

Justin Leroux pfp

8/ Our team at gridplus.io focused on this specific problem early on because we realized legacy BTC HW wallets didn't protect us as Ethereum users. Our first step was introducing hardware clear signing for EVM transactions, but fully addressing this requires broad collaboration.

1 reply

0 recast

1 reaction