• Safe.global was compromised.

• EF donates $1.25m Pertsev’s defense.

• Holešky fork rescue efforts continue.

• Clave releases ZK Email Recovery.

Listen on: Apple | Spotify | Castbox | YouTube 

Preliminary investigations into the $1.5 billion ByBit hack revealed that the breach originated from a compromised Safe.Global front end, likely due to a leaked AWS S3 or CloudFront account key. The Safe team later confirmed that an employee’s device had been compromised, granting the attacker server access to the Safe front end. Forensic analysis revealed that malware, injected through JavaScript from app.safe.global, altered transaction data to divert funds to the hackers. The malicious code specifically targeted ByBit's addresses, one of the largest accounts on Safe. Currently, the Safe front end is available in a limited capacity. Safe founder Martin Koeppelmann recommended not to interact with Safe at this time.

The Ethereum Foundation donated $1.25 million to support the legal defense of Alexey Pertsev, a developer who helped write open-source code for Tornado Cash. Pertsev was arrested in August 2022 on allegations of money laundering linked to Tornado Cash. In April 2024, he was sentenced to 64 months in prison. He is now preparing to appeal the conviction. The donation by the Ethereum Foundation comes about a month after Paradigm donated $1.25 million for the legal defense of Roman Storm, another Tornado Cash developer facing similar charges in the U.S. who will begin trial in April 2025. Last month, the Texas Court of Appeals overturned sanctions on Tornado Cash smart contracts.

Holešky validators and full nodes are urged to come back online and attempt to sync as part of ongoing efforts to stabilize the testnet after a chain split. The testnet is showing signs of recovery, with validators now producing between 4 to 10 blocks per epoch. The primary focus is on reducing the rate of missed slots to below 25%, which will enable developers to begin coordinated slashing. Even for validators that previously attested to the wrong block, their slashing protections are still in place, allowing them to continue block production. Despite the incident, there is a consensus among developers to move forward with the scheduled activation of the Pectra upgrade on the Sepolia testnet, set for March 5, 2025, at 7:29 UTC.

• RIG seeks a Protocol Researcher

• Base 27 Mgas/s gas target

• Blocknative introduces Gas Network

• Consensys community values

• Clave releases ZK Email Recovery

• GHO hits 200m market cap

• ByBit Hack FBI alert

• Astria introduces Bridging Protocol

• How to use multisigs safely

• How to manually create Safe tx

See disclosures

• Holesky testnet suffers a chain split.

• SEC ends its investigation into Uniswap.

• Aya steps down as EF Executive Director.

• ByBit hackers launder 89.5k ETH.

Listen on: Apple | Spotify | Castbox | YouTube 

The Pectra upgrade activated on the Holesky testnet on February 24th at 21:55 UTC, but the testnet failed to finalize due to a configuration bug in majority Execution Layer clients Nethermind, Geth, and Besu. The clients did not configure the correct staking deposit contract address for Holesky, resulting in the production of an invalid block that propagated across the network. Minority clients Erigon and Reth continued to produce valid blocks. The situation led to a chain split, in which the majority clients justified an invalid chain. Node operators intervened by shutting down enough validators on the invalid chain to prevent it from finalizing. The affected Execution Layer clients have issued updated versions with a fix. Node operators are urged to update their clients. Ethereum developers are now focused on stabilizing the Holesky testnet by building on and finalizing the minority chain. The network will slash the clients that verified the incorrect chain. A debrief is scheduled for 26th February at 14:00 UTC to discuss the incident and its impact on the Pectra upgrade timeline.

Uniswap Labs announced that the SEC has ended its investigation into Uniswap, with the agency deciding not to take any enforcement action or impose any penalties on the DeFi protocol. In April 2024, the SEC issued a Wells Notice to Uniswap Labs, which signaled intentions to prusue enforcement action over allegations of operating as an unregistered exchange and broker. The dismissal comes a few days after the SEC also terminated its legal action against Coinbase. Uniswap Labs' COO, Mary-Catherine Lader, coined the outcome as a significant victory for the broader DeFi ecosystem. Uniswap Labs expressed its appreciation towards the recent change in leadership at the SEC.

Aya Miyaguchi announced her resignation as the Executive Director of the Ethereum Foundation after seven years. She will transition into her new role as President at the EF where she will support the foundation's institutional relationships. Miyaguchi noted that the Ethereum Foundation's mission is to support, not control, Ethereum's development. Vitalik Buterin said that further details about the new leadership structure at the Ethereum Foundation would be announced soon. The announcement follows calls from the Ethereum community in recent months for changes in leadership, including the resignation of Aya Miyaguchi and the appointment of Danny Ryan as the executive director.

• Latest on L2 Interop

• Lodestar hotfix release

• ByBit recovers $42m

• ByBit hackers launder 89.5k ETH

• L2Beat adds DA Throughput

• Proposal to unlock OBOL

• Migrating to Lens Chain

• EF Research Team AMA

• Ethereum cannot "rollback"

• Safe[Wallet] Phased Rollout

• New FDIC docs released

See disclosures.

• ByBit suffers a $1.4 billion hack.

• The SEC drops lawsuit against Coinbase.

• Lens Chain proposal to join Elastic Network.

• Zora introduces tradable coins.

Listen on: Apple | Spotify | Castbox | YouTube 

Bybit, a top-five centralized crypto exchange, suffered a $1.4 billion hack early Friday morning, with over 400,000 ETH and 90,000 stETH in stolen assets. Attackers were able to manipulate a transaction from Bybit's multi-sig ETH cold wallet. It is suspected that the hackers compromised the devices used by the signers to display the correct addresses but altered the tx signing message. Despite the substantial loss, Bybit committed to covering the losses for its users. Further analysis by ZachXBT identified the attackers as the Lazarus Group, a notorious North Korean hacking group. Following the attack, the hackers converted stETH and cmETH into native ETH and dispersed the funds across numerous wallets.

Coinbase CEO Brian Armstrong announced that the SEC is dropping its lawsuit against Coinbase, resulting in no fines, settlements, or changes to Coinbase. The victory marks the end of nearly two years of costly legal battles that began when the SEC sued Coinbase in June 2023, alleging the exchange operated as an unregistered securities exchange, broker, and clearing agency. Coinbase's Chief Legal Officer, Paul Grewal, emphasized that Coinbase will continue to advocate for clear legislative measures to avoid similar challenges in the future. He affirmed that Coinbase will persist in working with Congress and the SEC to foster the growth of the crypto industry in the U.S. The official confirmation from the SEC to dismiss the case is expected next week.

Lens Chain submitted a ZKsync Improvement Proposal to include Lens Chain in the Elastic Network. Upon deployment, all existing user data, including profiles, followers, and publications, will be seamlessly migrated from Lens V2 on Polygon PoS to the new Lens Chain.  The Elastic Network enables interoperability, secure bridging, and unified liquidity for all chains on the network. The migration to Lens Chain will allow users to automatically access their profiles and data immediately upon launch. In the coming weeks, the migration proposal will go up for a vote on the ZK governance portal. Lens Protocol, a web3 social graph, has over 600,000 profiles and 45,000 weekly active users.

Zora introduced tradable NFT coins represented as ERC-20 tokens. When users publish a post on Zora, their NFT will automatically have a total supply of one billion coins with 10 million coins immediately allocated to the creator. Additionally, creators earn a 1% commission on every secondary market trade of their coins. Users can buy, sell, and trade these coins through a Uniswap liquidity pool.

• Farcaster introduces a wallet

• Pectra $2m audit competition

• Firefly spins out of Mask Network

• ACD Feb 2025 wrap up

• EOF introduces complexity

• Obol announces RAF1 results

• Lido V3 is live for Early Adopters

Follow us on X, Lens, and Farcaster. See disclosures.