Haotian: Why was the 15,000 cmETH hacked by Bybit able to be recovered?
In the recent Bybit theft incident, mETH Protocol’s security mechanism successfully intercepted 15,000 cmETH and recovered US$42 million in losses. This article will provide an in-depth analysis of the operating principle of cmETH and its three major security protection mechanisms, and explore its strategic value in the Mantle ecosystem and its key role in dealing with hacker attacks. This article is derived from a Twitter research article written by Haotian and reprinted by wublockchain.
(Preliminary summary: After the Bybit theft case, Safe multi-signature wallet suspends support for Ledger: additional transaction checks will be implemented and services will be gradually restored)
(Background supplement: mETH incentive activity: participate in Bybit Web3 staking, enjoy 7% APY and 2 times mining fee subsidy)
Bybit disclosed by @SlowMist_Team @evilcos security team yesterday The stolen asset tracking analysis report mentioned that a sum of 15,000 cmETH was fortunately blocked by @mETHProtocol from being withdrawn, saving a loss of $42m. Many friends must be curious about what is going on?
mETH Protocol is a Mantle layer2 chain that allows users to generate native income when depositing ETH in layer 2. The liquidity staking protocol launched on the Ethereum main network is a liquidity staking asset with a cumulative deposit volume second only to stETH, wBETH, and rETH.
Mantle uses mETH as the core to absorb the liquidity on different layer2 chains, and once became the interactive liquidity scheduling center of layer2. It can be imagined how important mETH is to the strategic value of the Mantle chain.
cmETH is a re-pledged asset of mETH, which means that users can re-pledge the circulating mETH assets and exchange them for cmETH assets. Compared with mETH, although cmETH bears one more re-pledge leverage risk, it can be mined in various campaign activities of layer 2 to obtain its new protocol governance token $COOK.
In short, cmETH is an equity certificate asset that circulates in the layer2 network and will interact with various layer2 protocols.
It is precisely because of this complex business interaction logic that the cmETH protocol has added three key security mechanisms in its design:
- The address blacklist mechanism, as the name suggests, can quickly blacklist addresses marked as hackers to restrict their transfers or interactions cmETH Assets;
- The contract can be temporarily suspended. In the event of an emergency, the team has permission to urgently suspend withdrawal operations to prevent the circulation of suspicious assets;
- The delayed withdrawal mechanism adopts a FIFO (first in, first out) queuing mechanism. The contract has a built-in withdrawal delay of up to 7 days (8 hours in this event), which is equivalent to a calm processing-response time, giving the team enough time to identify abnormal withdrawal behavior on the chain.
Although it seems that a certain degree of decentralization has been sacrificed for security, don’t forget that cmETH is a re-pledged (leveraged) asset superimposed on mETH. Its main business scenario is to use it as an equity certificate for mining in various DeFi protocols. Its security will affect the overall system liquidity security of each cross-chain and cross-protocol.
At this stage, as it is an important component of the Mantle ecosystem, it is natural to make some additional security mechanism considerations and designs to deal with hacker attacks and emergencies.
I just didn’t expect that this design of cmETH did not play into the complex combination ecological environment of on-chain DEX, but instead took the lead in making a great contribution to Bybit’s blocking of assets.
