Quick Take
Safe.global was compromised.
EF donates $1.25m Pertsev’s defense.
Holešky fork rescue efforts continue.
Clave releases ZK Email Recovery.
Listen on: Apple | Spotify | Castbox | YouTube
ByBit Hack Linked To Safe Server
Preliminary investigations into the $1.5 billion ByBit hack revealed that the breach originated from a compromised Safe.Global front end, likely due to a leaked AWS S3 or CloudFront account key. The Safe team later confirmed that an employee’s device had been compromised, granting the attacker server access to the Safe front end. Forensic analysis revealed that malware, injected through JavaScript from app.safe.global, altered transaction data to divert funds to the hackers. The malicious code specifically targeted ByBit's addresses, one of the largest accounts on Safe. Currently, the Safe front end is available in a limited capacity. Safe founder Martin Koeppelmann recommended not to interact with Safe at this time.
EF Donates $1.25 Million To Pertsev
The Ethereum Foundation donated $1.25 million to support the legal defense of Alexey Pertsev, a developer who helped write open-source code for Tornado Cash. Pertsev was arrested in August 2022 on allegations of money laundering linked to Tornado Cash. In April 2024, he was sentenced to 64 months in prison. He is now preparing to appeal the conviction. The donation by the Ethereum Foundation comes about a month after Paradigm donated $1.25 million for the legal defense of Roman Storm, another Tornado Cash developer facing similar charges in the U.S. who will begin trial in April 2025. Last month, the Texas Court of Appeals overturned sanctions on Tornado Cash smart contracts.
Holešky Fork Rescue Efforts
Holešky validators and full nodes are urged to come back online and attempt to sync as part of ongoing efforts to stabilize the testnet after a chain split. The testnet is showing signs of recovery, with validators now producing between 4 to 10 blocks per epoch. The primary focus is on reducing the rate of missed slots to below 25%, which will enable developers to begin coordinated slashing. Even for validators that previously attested to the wrong block, their slashing protections are still in place, allowing them to continue block production. Despite the incident, there is a consensus among developers to move forward with the scheduled activation of the Pectra upgrade on the Sepolia testnet, set for March 5, 2025, at 7:29 UTC.
Other News
RIG seeks a Protocol Researcher
Base 27 Mgas/s gas target
Blocknative introduces Gas Network
Consensys community values
Clave releases ZK Email Recovery
GHO hits 200m market cap
ByBit Hack FBI alert
Astria introduces Bridging Protocol
How to use multisigs safely
How to manually create Safe tx
See disclosures
