Wonderland And SEAL Introduce DARC
Wonderland and SEAL unveil DARC: A New Standard for Digital Asset Risk and Compliance.
Wonderland and SEAL have launched DARC, the Digital Asset Risk & Compliance standard, a purpose-built opsec framework with continuous monitoring service designed specifically for crypto protocols and teams. DARC features controls across 12 domains, continuously monitored across GitHub, infrastructure, multisig wallets, and DNS.
Notable controls include hardware wallets required for all multisig signers, mandatory transaction simulation before execution, two or more audits for core contracts with timelocks on privileged operations, RPC redundancy, and 24/7 monitoring with paging for incident response. Wonderland is an Ethereum infrastructure contributor and SEAL is the leading crypto security alliance.
ETHConf lands in NYC June 8-10, bringing together 5,000+ attendees, 150+ speakers, and 100+ companies across Ethereum, stablecoins, and institutional adoption.
Get your tickets at ethconf.com and use code ETHDAILY for 30% off General and 20% off VIP.
Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created
LayerZero Publishes Full Post-Mortem On $292M KelpDAO Exploit
LayerZero Labs traces the $292M April 18 attack on KelpDAO's rsETH bridge to TraderTraitor, a developer machine compromise, and poisoned internal RPC nodes.
LayerZero Labs published a full post mortem on the April 18 attack on KelpDAO's rsETH bridge. LayerZero attributed the attack to TraderTraitor, the same group behind the $1.5B Bybit hack in February 2025. The attack began six weeks earlier, on March 6, when an attacker tricked a LayerZero developer into cloning a malicious GitHub repo that dropped malware on their macOS machine, harvesting session keys and opening a path into LayerZero's internal RPC infrastructure.
The attacker quietly poisoned two internal RPC nodes to return forged chain state while appearing clean to LayerZero's own monitoring tools. On the day of the exploit, the attacker launched a denial-of-service attack against an external RPC provider to force the DVN signing service onto the compromised nodes exclusively.
The result was a valid attestation for a fabricated cross-chain message. LayerZero again pointed blame to KelpDAO's single-DVN setup that allowed one valid attestation to unlock 116,500 rsETH on Ethereum. LayerZero says it will now refuse to sign as the sole required attestor on any channel. KelpDAO's rsETH recovery entered its final stage earlier this month, and Kelp resumed withdrawals on May 15.
ETHConf lands in NYC June 8-10, bringing together 5,000+ attendees, 150+ speakers, and 100+ companies across Ethereum, stablecoins, and institutional adoption.
Get your tickets at ethconf.com and use code ETHDAILY for 30% off General and 20% off VIP.
Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created
Ethereum Foundation Launches Clear Signing Standard
The standard ships ERC-7730 descriptors, a neutral mirrorable registry, ERC-8176 auditor attestations on EAS, and ERC-8213 cryptographic fingerprints, with Ledger, Trezor, MetaMask, and WalletConnect onboard.
The Ethereum Foundation launched Clear Signing, an open standard designed to end blind signing, where raw hex transaction data is approved without signers being able to read what they're signing. The standard ships four coordinated infrastructure pieces, including an updated ERC-7730 for human-readable transaction descriptors, a neutral mirrorable registry, ERC-8176 for auditor attestations built on the Ethereum Attestation Service, and ERC-8213 providing cryptographic fingerprints.
The Clear Signing working group members include Ledger, Trezor, MetaMask, WalletConnect, Cyfrin, Fireblocks, Zama, and Sourcify. Its guiding principle is "What You See Is What You Sign." ERC-7730 descriptors map contract function calls to readable intents and field-rendering instructions, converting raw calldata into a readable display. The descriptors are curated by protocol teams, reviewed, and collected in the EF-hosted registry. Protocols can add support without redeploying contracts.
ETHConf lands in NYC June 8-10, bringing together 5,000+ attendees, 150+ speakers, and 100+ companies across Ethereum, stablecoins, and institutional adoption.
Get your tickets at ethconf.com and use code ETHDAILY for 30% off General and 20% off VIP.
Disclaimer: Content is for informational and educational purposes only and does not constitute financial, investment, legal, or other professional advice. No representations or warranties are made as to accuracy, completeness, or timeliness. Use of this content is at your own risk, and you should consult a qualified professional before making decisions. No fiduciary or advisory relationship is created