Analysis of the Massive Abnormal Outflow of Multichain Tokens: Not Simply a Hack, Nor Loss of Complete Control due to Uncontrollable Factors

Analysis of the Abnormal Outflow of Multichain Tokens: Not a Hack or Complete Loss of Control

Researcher 0xLoki wrote an article on the characteristics of the large-scale abnormal outflow of Multichain tokens, and made deductions based on these characteristics. They believe that this event is more likely due to some uncontrollable factors resulting in loss of complete control, rather than a simple attack. In addition, 0xLoki also stated that MPC itself is not the problem, but rather the issue lies with a natural person who is in possession of a shard exceeding the threshold, and is located in a jurisdiction where cryptocurrency activities are banned or not protected.

Several characteristics: 1) The duration of asset transfer is quite long, indicating that the transferor is not in a hurry; 2) A small test of 2 USDC was conducted before the asset transfer, and 2U was also transferred, indicating that the transferor has sustainable transfer capacity; 3) Each asset was transferred to an independent wallet, and no further action was taken afterwards (such as transfer to an exchange, swap, or mixing); 4) The receiving wallet is completely clean, without even any gas.

Inferred information based on these characteristics: 1) The transferor has sufficient time. Considering the technical characteristics of MPC, the transferor may have obtained complete control over the private key shards exceeding the threshold in some way; 2) The attack method is very simple, just a simple transfer operation, without contract, and with testing, the attacker is most likely not a hacker; 3) The operator did not further dispose of or cash out the transferred assets, and may not have absolute decision-making power.

• A glimpse of the emerging new use cases for ZK: zkML, ZK Games, ZK ID
• Decoding the DEX newcomer Vertex: average daily trading volume of about 40 million US dollars in the past 7 days, with a daily trading volume market share of about 10%.
• Can ERC’s Finalize establish its orthodox status?

What will happen next: 1) The assets controlled by Multichain MPC multisignature are no longer under control. Correspondingly, if the holders of other MPC or multisignature shards exceeding the threshold hold those uncontrolled shards, all of these assets and contracts may also be out of control; 2) See what the receiving address will do.

Reference: https://twitter.com/Loki_Zeng/status/1677133369149390849

We will continue to update Blocking; if you have any questions or suggestions, please contact us!