Audit admin keys, not just code, expert says after $200 million Drift exploit: Crypto Daybook Americas
A recent $250 million exploit of the Drift exchange highlights the critical need to audit administrative keys alongside smart contract code in DeFi security.Summary
The Solana-based decentralized exchange Drift was exploited for over $250 million due to a compromised admin key, underscoring a crucial security vulnerability often overlooked in DeFi projects. Chaos Labs founder Omer Goldberg emphasized that auditing administrative keys is just as important as auditing smart contracts, as a single compromised key can grant attackers god-like control over a protocol. The attacker exploited the key to create a fake collateral market, manipulate price oracles, and drain funds. This incident, following a similar $25 million exploit at Resolv, demonstrates that protocol safety relies heavily on robust governance and key controls. Market reactions included a near 3% drop in SOL token value, aligning with broader market weakness influenced by geopolitical tensions, specifically President Trump's statements regarding Iran. The article also provides a rundown of upcoming crypto events, governance votes, token unlocks, and market movements as of April 1, 2024.
(Source:CoinDesk)