# RPC Related Articles

HTX News Center provides the latest articles and in-depth analysis on "RPC", covering market trends, project updates, tech developments, and regulatory policies in the crypto industry.

North Korean Hackers Loot $500 Million in a Single Month, Becoming the Top Threat to Crypto Security

North Korean hackers, particularly the notorious Lazarus Group and its subgroup TraderTraitor, have stolen over $500 million from cryptocurrency DeFi platforms in less than three weeks, bringing their total theft for the year to over $700 million. Recent major attacks on Drift Protocol and KelpDAO, resulting in losses of approximately $286 million and $290 million respectively, highlight a strategic shift: instead of targeting core smart contracts, attackers are now exploiting vulnerabilities in peripheral infrastructure. For instance, the KelpDAO attack involved compromising downstream RPC infrastructure used by LayerZero's decentralized validation network (DVN), allowing manipulation without breaching core cryptography. This sophisticated approach mirrors advanced corporate cyber-espionage. Additionally, North Korea has systematically infiltrated the global crypto workforce, with an estimated 100 operatives using fake identities to gain employment at blockchain companies, enabling long-term access to sensitive systems and facilitating large-scale thefts. According to Chainalysis, North Korean-linked hackers stole a record $2 billion in 2025, accounting for 60% of all global crypto theft that year. Their total historical crypto theft has reached $6.75 billion. Post-theft, they employ specialized money laundering methods, heavily relying on Chinese OTC brokers and cross-chain mixing services rather than standard decentralized exchanges. Security experts, while acknowledging the increased sophistication, emphasize that many attacks still exploit fundamental weaknesses like poor access controls and centralized operational risks. Strengthening private key management, limiting privileged access, and enhancing coordination among exchanges, analysts, and law enforcement immediately after an attack are critical to improving defense and fund recovery chances. The industry's challenge now extends beyond secure smart contracts to safeguarding operational security at the infrastructure level.

marsbit04/23 01:49

North Korean Hackers Loot $500 Million in a Single Month, Becoming the Top Threat to Crypto Security

marsbit04/23 01:49

LayerZero Breaks Silence On $290 Million KelpDAO Crypto Exploit

LayerZero has addressed the $290 million exploit affecting KelpDAO's rsETH, asserting it was not a protocol failure but a result of KelpDAO's decision to use a single-DVN (Decentralized Verifier Network) configuration. The company claims the attack was isolated to this specific setup and confirms no contagion risk to other assets or applications. Preliminary analysis suggests the attack was executed by a sophisticated state actor, likely North Korea's Lazarus Group. The method involved poisoning RPC infrastructure used by the LayerZero Labs DVN, swapping binaries on compromised nodes, and using DDoS attacks to force traffic to the malicious infrastructure. However, LayerZero states its least-privilege principles prevented a direct compromise. The exploit was only possible due to KelpDAO's 1-of-1 verifier setup, which contradicts LayerZero's recommended multi-DVN redundancy model. A properly configured system with multiple independent DVNs would have prevented the attack. LayerZero has deprecated affected nodes, restored its DVN, and will no longer support 1/1 configurations. Aave has frozen rsETH and WETH reserves on its platforms as a precaution while confirming rsETH on Ethereum mainnet remains fully backed.

bitcoinist04/20 15:01

LayerZero Breaks Silence On $290 Million KelpDAO Crypto Exploit

bitcoinist04/20 15:01

Solayer Launches Real-Time Stablecoin Payments on Live InfiniSVM Mainnet

Solayer Labs has launched the public mainnet of its InfiniSVM network, enabling wallets, explorers, and dApps to connect. This infrastructure supports over 330,000 TPS with ~400ms finality, providing high-speed, real-time execution. One of the first products leveraging this is Solayer Pay, a stablecoin payment layer designed for fast, low-fee transactions. It features an incentive model with referral rewards and cashback, redistributing a portion of the 0.5% deposit fee. The platform also announced a $35 million ecosystem fund to support projects in DeFi, payments, and AI-driven onchain systems built on InfiniSVM.

TheNewsCrypto03/13 04:53

Solayer Launches Real-Time Stablecoin Payments on Live InfiniSVM Mainnet

TheNewsCrypto03/13 04:53

Stop Saying ‘We Need Privacy’

Title: Stop Saying ‘We Need Privacy’ The article argues that "privacy" is not a single concept but rather five distinct problems in the context of blockchain and cryptocurrency. When people demand privacy, they are often referring to one of the following: 1. **Intent Privacy:** Hiding transaction details from observers before execution to prevent front-running by MEV bots. Solutions include private transaction delivery (e.g., Flashbots Protect) and encrypted mempools (e.g., Shutter Network). 2. **Value Privacy:** Concealing the amounts transferred. This is achieved through shielded systems (e.g., Zcash, Penumbra) that use cryptographic proofs to verify transactions without revealing values. Privacy can still be compromised by user behavior patterns. 3. **Graph Privacy:** Protecting the relationships and patterns of who transacts with whom. Techniques include pooled unlinkability (e.g., Tornado Cash mixers) and stealth addresses (e.g., ERC-5564) to break direct on-chain links between transactions. 4. **State Privacy:** Keeping DeFi positions, balances, and liquidation thresholds hidden. This requires storing state as private records and using zero-knowledge proofs (ZK-proofs) to validate state changes without revealing underlying data (e.g., Aztec). Composability and edge interactions remain challenges. 5. **Execution Privacy:** Hiding the computation logic itself, crucial for strategies like auctions or liquidations. Methods include using Trusted Execution Environments (TEEs) (e.g., Secret Network) or ZK-proofs for private execution. The article concludes that privacy often fails at the edges, such as at the RPC (Remote Procedure Call) layer, where providers can collect IP addresses and wallet information. The key is to ask which surface is being protected and where information might leak when users interact with the real world, rather than seeking a single winning privacy model.

比推02/13 00:39

Solana Gets A Big Infra Signal As Alibaba Demos High-Performance RPCs

Alibaba Cloud demonstrated high-performance Solana RPC connectivity during a keynote, showcasing a significant infrastructure development for the blockchain. The demo highlighted a migration of a Solana archive node to Alibaba's in-house database, completed in just two days with the aid of AI-assisted coding. Key improvements included a reduction in RPC call latency; a "get slot" call dropped from 25ms to 10ms, while a "get block" call for a 4MB payload saw latency fall to under 200ms. This was achieved by routing traffic through Alibaba's private backbone network instead of the public internet, emphasizing stability and suitability for low-latency, trading-heavy applications. The company also highlighted its global data center footprint as a perfect match for Solana's needs. Although not a formal product announcement, the public benchmarking by a major cloud provider is a notable vote of confidence for the Solana ecosystem.

bitcoinist02/11 17:02

Solana Gets A Big Infra Signal As Alibaba Demos High-Performance RPCs