# Сопутствующие статьи по теме Security

Новостной центр HTX предлагает последние статьи и углубленный анализ по "Security", охватывающие рыночные тренды, новости проектов, развитие технологий и политику регулирования в криптоиндустрии.

Vitalik's Latest Long Read: In the AI Era, How Can Code Become More Secure?

Vitalik Buterin explores the role of formal verification as a critical tool for software security, especially in the AI era and for blockchain systems. He defines formal verification as using machine-checkable mathematical proofs to verify that code meets specified properties, moving beyond manual auditing. The article highlights that while AI can generate code and find vulnerabilities rapidly, it also makes formal verification more accessible by assisting in writing proofs. This is crucial for Ethereum's complex components like STARKs, ZK-EVMs, consensus algorithms, and high-performance EVM implementations, where bugs can lead to irreversible losses. Vitalik argues that formal verification enables a powerful "separation of concerns": AI can write highly optimized (e.g., assembly) code for efficiency, while a separate, human-readable specification defines correctness. A machine-checked proof then verifies their equivalence. This paradigm can create a more secure "trusted core" of software. However, he cautions that formal verification is not a panacea. "Proven correctness" depends on the accuracy of the specifications and proofs themselves, which can be wrong or incomplete. Risks include unverified code sections, hardware-level side-channel attacks, and overlooked assumptions. The true goal is not absolute proof but increased confidence through redundant expressions of intent—using code, tests, types, and formal proofs—and automatically checking their consistency. The article concludes that AI and formal verification are complementary: AI enables scale, while verification ensures accuracy. For critical systems, this combination offers a path toward stronger security in a future with powerful AI adversaries, helping to maintain the defensive advantage essential for a decentralized internet.

marsbit05/19 09:56

Vitalik's Latest Long Read: In the AI Era, How Can Code Become More Secure?

marsbit05/19 09:56

Following the KelpDAO Hack: $40 Billion in Assets Flee LayerZero, Chainlink Emerges as the Primary 'Beneficiary'

Following a major security breach in April where KelpDAO's bridge using LayerZero was attacked for approximately $292 million, a significant shift is underway in the cross-chain infrastructure landscape. An estimated $40 billion in assets is in the process of migrating or has already migrated from LayerZero to Chainlink's Cross-Chain Interoperability Protocol (CCIP). The attack exploited a single-point-of-failure vulnerability due to KelpDAO's 1-of-1 validator configuration within the LayerZero network. Attackers corrupted RPC nodes and used DDoS attacks to force the system to rely on compromised nodes, allowing fraudulent messages. While LayerZero acknowledged a serious error in allowing its validator network to service high-value transactions with such a configuration, the incident highlighted critical security risks. This triggered a rapid migration wave. Starting with KelpDAO on May 6th, several major protocols—including Solv Protocol, Re, Tydro, Kraken, and Lombard—announced switching their cross-chain infrastructure exclusively to Chainlink CCIP. The combined value of these migrations is estimated to be around $40 billion. This movement followed earlier major adoptions by Coinbase (in late 2025) and Circle (in early 2024). Market sentiment reflected this shift, with LINK's price showing relative stability while ZRO (LayerZero's token) declined significantly. Data indicates a net outflow of approximately $20.1 billion from the LayerZero network over 30 days. The migration is largely driven by perceived security differences. Chainlink CCIP employs a decentralized oracle network as its default consensus layer, featuring multiple independent node operators, a separate Risk Management Network, and built-in safeguards like rate limits. In contrast, LayerZero's highly modular architecture offers flexibility but places more responsibility on application developers to configure security settings, a risk underscored by the KelpDAO incident. LayerZero has since apologized for its communication handling post-attack and stated the protocol itself was not compromised, but rather its Labs DVN's internal RPC was poisoned. An official post-mortem report with external security partners is forthcoming.

marsbit05/19 08:10

Following the KelpDAO Hack: $40 Billion in Assets Flee LayerZero, Chainlink Emerges as the Primary 'Beneficiary'

marsbit05/19 08:10

Deconstructing the Real Risks of DeFi Lending: Annual Loss Rate Only 0.03%

Deconstructing the true risks of DeFi lending reveals an annual loss rate of only 0.03% from hacks and exploits. Analysis of DeFi Llama data (excluding cross-chain bridge incidents) for EVM and Solana lending protocols shows that despite high historical attack frequency due to concentrated assets, the sector's security has matured significantly. Over the past year, non-cross-chain lending on these chains saw gross losses of $309M, with net losses after recoveries at $301M. Against a daily average TVL of $99.6B, this translates to a minimal annualized loss rate of approximately 0.03%. The Euler Finance case in 2023, where $197M was fully recovered, exemplifies improving asset recovery capabilities, which now account for roughly 20% of losses in this sector. Loss events follow a log-normal distribution: most are small-scale, with catastrophic losses being rare outliers. This pattern, combined with the massive scale of the total lending market, means single incidents rarely impact the broader ecosystem. It underscores the effectiveness of portfolio diversification and provides a basis for sustainable insurance models. The data indicates DeFi lending has entered a mature phase where risks are quantifiable, categorized, and manageable. The actual financial loss relative to the total capital deployed is extremely low, challenging prevailing narratives of systemic risk.

marsbit05/19 02:15

Deconstructing the Real Risks of DeFi Lending: Annual Loss Rate Only 0.03%

marsbit05/19 02:15

Patrick Witt Teases ‘Breakthrough’ On US Strategic Bitcoin Reserve

White House digital-assets official Patrick Witt indicated an upcoming announcement on the U.S. Strategic Bitcoin Reserve, calling recent progress a "breakthrough" in establishing a legally sound and operationally secure framework. He clarified the focus is on implementation, custody, and interagency coordination for Bitcoin already held by the government, not confirming a new open-market purchase program. Witt emphasized the need for robust safeguards, citing past asset thefts, and expressed a desire to codify the reserve into law through pending legislation rather than relying on reversible executive orders. He framed the reserve as part of a broader U.S. strategy to lead in global digital asset financial infrastructure.

bitcoinist05/18 23:02

Patrick Witt Teases ‘Breakthrough’ On US Strategic Bitcoin Reserve

bitcoinist05/18 23:02

BNB Chain Releases Research Report, Exploring Post-Quantum Cryptography Migration Path for BSC

BNB Chain, a leading Layer-1 blockchain ecosystem, has released a research report exploring the potential migration path for BNB Smart Chain (BSC) to post-quantum cryptography. The study evaluates replacing traditional cryptographic systems with quantum-resistant alternatives, specifically examining the use of ML-DSA-44 for transaction signing and pqSTARK for aggregating validator consensus signatures. While quantum computers are not currently a practical threat to existing blockchain cryptography, the research represents a proactive effort to ensure long-term network security and infrastructure resilience. The report assessed several core areas of the BSC tech stack, including post-quantum transaction signing, validator signature aggregation, transaction validation, public key storage, and network performance under increased data loads. A key finding is that achieving post-quantum readiness is technically feasible today but requires significant trade-offs in scalability. Test data indicates: • Transaction size would increase from ~110 bytes to ~2.5 kilobytes. • Block size would grow from ~110 kilobytes to ~2 megabytes. • Native transfer TPS would decrease from 4,973 to 2,997. The primary performance bottleneck is not signature verification itself, but the increased network transmission overhead caused by larger transaction and block sizes. Conversely, the pqSTARK aggregation technology proved highly efficient, compressing validator signatures by an approximately 43:1 ratio, which helps manage consensus-layer overhead. The report notes that post-quantum alternatives for areas like P2P handshakes and KZG commitments were not within the scope of this evaluation and require further research and broader ecosystem coordination. BNB Chain emphasizes this work is a research-oriented exploration and not a response to any imminent security threat.

marsbit05/18 13:51

BNB Chain Releases Research Report, Exploring Post-Quantum Cryptography Migration Path for BSC

marsbit05/18 13:51

Lock.com Enters Early Access With Isolated Signing and Post-Quantum Architecture

Quantography Labs has launched the early-access phase for Lock.com, a hardware-free cryptocurrency wallet designed with an isolated, air-gapped security architecture. The platform eliminates the need for dedicated hardware wallets by separating the private key storage and signing process from internet-connected devices. Private keys remain entirely offline on a user-owned signer, while transaction creation and broadcasting occur on a connected device. This approach aims to remove dependency on third-party hardware manufacturers and their supply chains. Additionally, Lock.com integrates post-quantum cryptographic standards, including ML-DSA and ML-KEM. The early access release seeks user feedback ahead of a full public launch.

TheNewsCrypto05/18 11:52

Lock.com Enters Early Access With Isolated Signing and Post-Quantum Architecture

TheNewsCrypto05/18 11:52

Annual Loss Rate Only 0.03%: Data Disassembles the Real Risk of DeFi Lending

DeFi lending's real-world annual loss rate from hacks and exploits is approximately 0.03% of the Total Value Locked (TVL), excluding cross-chain bridge incidents. This analysis, based on data from DeFi Llama, shows that while lending protocols are frequent targets due to their concentrated assets, the actual financial impact relative to the sector's massive scale is minimal. The overall DeFi hack total of $77.51B is heavily skewed by cross-chain bridge breaches. Removing those, losses drop to $45.18B, with lending and AMM protocols being the most affected non-bridge categories. Risk has significantly improved as the ecosystem has matured. For the year leading to May 2026, net losses in EVM and Solana lending protocols were $30.1 million against an average daily TVL of $99.6 billion, resulting in the 0.03% loss rate. Notably, the industry's asset recovery capability, exemplified by the full recovery and surplus from the Euler Finance hack, mitigates net losses, with a ~20% recovery rate for non-bridge lending incidents. Attack scale follows a log-normal distribution, meaning most incidents are small, and catastrophic losses are rare. This demonstrates that diversification across protocols is an effective risk mitigation strategy. The data indicates that DeFi lending has evolved into a measurable, compartmentalized, and relatively low-risk sector within the broader digital asset landscape.

marsbit05/18 07:46

Annual Loss Rate Only 0.03%: Data Disassembles the Real Risk of DeFi Lending

marsbit05/18 07:46

Crypto Systems Could Be Outpaced By Quantum Tech By 2033, Says Hoskinson

Cardano founder Charles Hoskinson warns that quantum computers could break current blockchain cryptography by 2033, with a probability exceeding 50%. He highlighted Bitcoin Improvement Proposal (BIP) 361 as a potential path for Bitcoin to migrate to quantum-resistant addresses. Most blockchains, including Bitcoin, rely on encryption vulnerable to quantum attacks. Cardano is proactively researching lattice-based cryptography and plans to adopt federal quantum-resistant standards (FIPS 203-206), leveraging its scheduled annual hard forks for seamless upgrades. Hoskinson noted that while Cardano's transition could be straightforward, Bitcoin's path is less clear due to its slower, more contested upgrade process. The broader crypto industry faces an urgent deadline to overhaul its security systems.

bitcoinist05/18 06:46

Crypto Systems Could Be Outpaced By Quantum Tech By 2033, Says Hoskinson

bitcoinist05/18 06:46

$10M Gone: Thorchain Exploit Triggers Security Fears Across DeFi

Blockchain tracker Arkham Intelligence has identified wallets linked to a THORChain exploit, holding approximately $3 million in Bitcoin and 216 ETH. On-chain investigator ZachXBT first reported the suspicious activity, estimating total losses now exceed $10 million. The attackers moved assets like USDT, USDC, and wrapped Bitcoin across multiple chains before converting to ETH. The cross-chain trading protocol was hit simultaneously on Bitcoin, Ethereum, BNB Chain, and Base. Security firm PeckShield confirmed the breach. Following the news, THORChain's native token RUNE dropped nearly 14%. The project's team had not issued a public statement at the time of reporting, increasing market anxiety. This incident highlights the recurring vulnerability of cross-chain infrastructure in DeFi, where complex code can create significant security risks. The stolen funds remain in the identified wallets for now.

bitcoinist05/17 07:32

$10M Gone: Thorchain Exploit Triggers Security Fears Across DeFi

bitcoinist05/17 07:32

Who Will Define the Rules of the AI Era? Anthropic Discusses the 2028 US-China AI Landscape

This article, based on Anthropic's analysis, outlines the intensifying systemic competition between the U.S./allies and China for AI leadership by 2028. It argues that access to advanced computing power ("compute") is the critical bottleneck, where the U.S. currently holds a significant advantage through chip export controls and allied innovation. However, China's AI labs remain competitive by exploiting policy loopholes—via chip smuggling, overseas data center access, and "model distillation" attacks to copy U.S. model capabilities—keeping them close to the frontier. The piece presents two contrasting scenarios for 2028. In the first, decisive U.S. action to tighten compute controls and curb distillation locks in a 12-24 month AI capability lead, cementing democratic influence over global AI norms, security, and economic infrastructure. In the second, policy inaction allows China to achieve near-parity through continued access to U.S. technology, enabling Beijing to promote its AI stack globally and integrate advanced AI into its military and governance systems, altering the strategic balance. Anthropic contends that maintaining a decisive U.S. lead is essential for shaping safe AI development and governance. The core recommendation is for U.S. policymakers to urgently close compute and model access loopholes while promoting global adoption of the U.S. AI technology stack to secure a lasting strategic advantage.

marsbit05/16 05:08

Who Will Define the Rules of the AI Era? Anthropic Discusses the 2028 US-China AI Landscape