Hello there! 👋
Glad to have you as a part of the Safient family. Welcome to our newsletter. At, Safient we prioritize community growth through product growth, making us a reliable and trustless protocol. Our ecosystem offers every individual to be a contributor by simply joining our community, tap on the discord server link https://discord.safient.io to join us today!
Our weekly newsletter includes:
A week in crypto
Self custody Gyaan
Safient weekly inside
Another week and yes another hack! A week in crypto would have us discuss the recent exploitation of the Binance chain bridge and what it means for the crypto space. Our self-custody gyaan would educate us on Multi-Party Computation, how they protect private keys and yes finally we would give you weekly updates on the Safient inside. Ready? Sit back and let us make the next 6-8 minutes worth your while☺️.
A WEEK IN CRYPTO
There was yet another major hack in the world of crypto as the world’s largest centralized crypto exchange by trading volume had a major issue on the network. Hackers drained through mischievous means two million BNB, the native token of the Binance network, out of thin air due to a vulnerability that resulted in the hack of an estimated $570 million.
The bear market has hit the crypto market to a great extent, with many high-profile coins dropping 70+ percent in value since the start of 2022. As we assess the latest crypto scandal in a series of hacks, thefts, and frauds, let’s unpack this BNB hack and figure out what it means for the cryptocurrency space.
The BNB is the native token that powers the Binance chain ecosystem. It was first reported that $100 million was hacked, and then the number went up drastically. About 2 million tokens of BNB (worth about $570 million) were withdrawn. The Binance co-founder and CEO Changpeng Zhao (“CZ”) announced that the hack happened on a cross-chain bridge where users transfer digital assets from one blockchain to another. The hackers were able to create 2 million BNB tokens out of thin air. The attacker was able to exploit a vulnerability in the Binance Bridge, and they sent themselves one million BNB tokens twice in a row. The hack happened because of a bug in the Binance bridge smart contract where hackers could forge a proof required to withdraw the funds from the bridge without actually sending any actual funds. Luckily things were sorted out quickly as validators were asked to temporarily suspend BSC, and this helped to contain the issue. But it wasn’t a great day for the decentralization and censorship advocates as the network was taken down and the questions of centralization of the chain were raised by many.
If you are looking for a technical answer to what happened, here is a Twitter thread on it:
Five hours ago, an attacker stole 2 million BNB (~$566M USD) from the Binance Bridge. During that time, I've been working closely with multiple parties to triage and resolve this issue. Here's how it all went down. https://t.co/E0885Dc3lW
— samczsun (@samczsun)
Oct 6, 2022
WHAT HAPPENED TO BNB?
The price of BNB dropped slightly on Friday after the hack on Thursday evening. The good news is that the entire blockchain didn’t collapse as the issue was contained and handled almost immediately since the blockchain was turned off with the validators working together promptly. BNB holders also didn’t lose $570 million collectively, as the media headlines may have been confusing. It was then reported that the hacker only made off with about $110 million instead of $570 million. The blockchain was also able to freeze another $7 million due to the help of the security partners. The Binance Smart Chain community will now hold a vote to determine the next steps. There’s a consideration for freezing the stolen funds and setting a bounty for catching the perpetrators of this hack.
Understanding Multi-Party Computations
We are sure many of you heard of the term Multi-Party Computation (MPC) floating around in the crypto space for some time, especially dealing with wallets. So, in a nutshell, this is a mechainsm that is being explored in the wallet space to ensure that the concept of single point private key to perform crypto transactions could be eliminated. So, this will ensure more security and accessibility for the users.
MPC can be defined as a cryptographic technic that enables multiple parties to have access to computation without having to reveal any private information or related secret data.
MPC provides a trustworthy solution to the problems of security, recovery, and accessibility, especially in blockchain technology. The use cases of MPC are generic and are increasingly being used to protect sensitive data by acting as a digital non-disclosure agreement that controls which information is disclosed to whom.
What does it mean to crypto space?
One of the main applications of MPC can be used to protect private keys, in other words, eliminate the need for a single private key to perform crypto transactions.
One of the key features of MPC is its ability to protect a single piece of sensitive data owned by one entity — like the private keys controlling digital assets. Without MPC, private keys are mainly stored in one place; either in a hot crypto wallet (connected to the internet) or in cold storage (offline). In the terminology of system design, this creates a “single point of failure” that is an irresistible target for hackers. MPC is a vast topic and one of the implementations of MPC is Threshold Signature Scheme (TSS) that is relevant to perform transactions for any blockchain.
Using a Threshold Signature Scheme (TSS) it is possible to create and distribute independently held secret shares of a private key such that no single person controls the private key entirely. These shares in the private key material are distributed between nodes running a multi-party computation protocol. As such, we can say that no whole, individual private key ever exists—only the distributed shares controlled by different people, spread across multiple nodes.
When a transaction needs to be signed, rather than invoking a single private key, the MPC process is triggered and each independent node cooperates to sign the transaction in a distributed way — much like a group of people singing in harmony to produce a special musical note which cannot be achieved by one voice alone. As you can see multiple threats of hack on a single entity and losing access to funds when one loses access to the sole private key can be eliminated with this technique.
Although MPC is a convenient solution, its implementation is hard for commercial purposes. As of only enterprise solutions like Fireblocks are leveraging this entirely. A few other non-custodial wallet solutions like Zengo and Coinbase have also started implementing MPC.
At Safient, we currently use Threshold encryption in our protocol but we are exploring TSS implementation to provide greater security for the enterprise solutions.
SAFIENT WEEKLY INSIDE
Let us update you on what are we up to at Safient this week.
Safient Voucher demos and early access:
As we pointed out in our last post, we started onboarding the community to Safient Voucher through one on one demos. We are getting great feedback that will ensure to incorporate it before the public launch🚀. And we will aggressively onboarding many in the coming weeks.
Safient at BUIDL Together: Community Showcase!
For the last few months, Safient was part of a web3 cohort (BUIDL Together) by Together Fund and OG Club DAO community. After months of mentorship, one on ones with well-known personalities in the web3 space, it is coming to an end. It was a great experience for Safient to be part of the cohort.
As a final step of the cohort, Safient will be presenting the solution to the ecosystem and forging partnerships, investments, and team building.
We’d be thrilled to have you as one of our guests — this will give us the chance to interact with you and gain some solid feedback.
This is an entirely virtual event It's happening on: 🗓️20th October ⏱️9 PM to 11 PM IST
Please register for the event using this link: https://lu.ma/BUIDLTogether
Safient at Token 2049 Singapore:
And yes, we were at the Token 2049 Singapore and Filecoin Summit event earlier this month. It was a great event where we interacted with many Web3 builders, founders, and VCs,
Hope you enjoyed this newsletter. Have a great weekend. Cheers!