Hot take: @safe wallets should have a default timelock for upgrades. It's a critical path that usurps all other security measures.

A doodler and computerer. I like permissive/permissionless open source, smart contracts, p2p systems, room-scale VR, and NixOS.

shazow.net

Currently: WhatsABI

Is that what happened with bybit?

Best resource?

Yea, blind signed a "musked" transaction (sounds like it implied it was just a swap to hot wallet) which turned out to be an upgrade in disguise.

Bybit ETH multisig cold wallet just made a transfer to our warm wallet about 1 hr ago. It appears that this specific transaction was musked, all the signers saw the musked UI which showed the correct address and the URL was from @safe . However the signing message was to change…

Ben Zhou

Pragmatism (Security) at OP Labs.
Prev: ConsenSys & Coinbase.

Attribs: Friendly, curious, introverted, mid-witted.
Chans: /eth-security /maurelian /stoicism




Yea, blind signed a "musked" transaction (sounds like it implied it was just a swap to hot wallet) which turned out to be an upgrade in disguise.

https://x.com/benbybit/status/1892963530422505586

how all signers saw the same UI? all hacked or somehow the hackers can change multisig UIs out there in the wild?

Alchemist. 
Block Builder. 
Creator.
Degen. 
Ethereum dev. 
Farcaster Framer.

Unclear. I'm guessing the first one was swindled through malware/false transaction, and the rest didn't bother verifying the transaction very closely.