Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
People who work in large corporate settings where things like this are a risk, do you have any existing rules or standardized best practices for how to minimize the risk? https://twitter.com/RichardHanania/status/1754257428198416393
46 replies
31 recasts
503 reactions

christopher pfp
christopher
@christopher
yes, it’s called approval levels. e.g. you need your manager, whom has a $500,000 approval limit, to approve anything. any more than that you need their manager to approve until you get to the board
1 reply
0 recast
3 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
Is this a company policy, or is it enforced in code? (whether through multisigs for cryptocurrency, or instructions given ahead of time to the bank for fiat)
2 replies
0 recast
3 reactions

Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
If company policy, then how do you deal with the risk of an attack tricking whoever is "actually" the administrator (if you can impersonate 1 person on a video call, you can probably impersonate the entire board)? (And of course, how to deal with rogue administrator risk)
4 replies
1 recast
22 reactions

Pranav Prakash pfp
Pranav Prakash
@pranav
Sometimes this is prevented at banks levels. We had a similar scenario (although not this much sophisticated) in my last startup and the Bank flagged the transaction and reported to us.
0 reply
0 recast
0 reaction