Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Blockchain Security. Show all posts
Cyber Crime
Blockchain Security CertiK Report Crypto Thieves Cyber Crime

Crypto Exploit Losses Plummet 90% in May to $68.3 Million as Thieves Hit Security Wall

 

Crypto thieves are hitting a major wall, with exploit losses plunging nearly 90% in May 2026. Blockchain security firm CertiK reported that crypto platform losses fell to $68.3 million last month, a dramatic drop from the staggering $650 million stolen in April. This sharp decline signals improved security measures across the industry and represents the third month in 2026 where losses stayed below $100 million. 

Code vulnerabilities were responsible for the bulk of May's damage, accounting for roughly 66% of total losses at approximately $45 million. Cross-chain bridges took the heaviest hit by category, absorbing 42% of total losses or $28.6 million. Despite the marked decrease, the sector wasn't entirely free from high-profile incidents, though the overall attack success rate has significantly diminished compared to previous months. 

The positive trend reflects multiple factors working together to protect crypto assets. Improved security measures and rapid response capabilities are driving this improvement, even as vulnerabilities persist across the ecosystem. CertiK's data shows that attackers are facing stronger defenses, with platforms implementing more robust protection systems and responding faster to emerging threats. This defensive upgrade is forcing crypto thieves to "hit a wall" as their traditional exploit methods become less effective. 

May 2026's performance stands in stark contrast to the previous quarter's chaos. The nearly 90% drop demonstrates that the industry is learning from past mistakes and adapting quickly to attack vectors. While $68.3 million in losses remains concerning, the trajectory is clearly positive, with monthly losses trending downward consistently through early 2026. Investors and platform operators are seeing tangible benefits from increased security investments. 

This security improvement offers hope for the cryptocurrency industry's long-term viability. As platforms strengthen their defenses and response times, the success rate for exploits continues declining. The trend suggests that crypto thieves are struggling to adapt to newer security protocols, marking a turning point in the ongoing battle between attackers and defenders. While attacks will continue, the dramatic reduction in losses indicates the industry is finally building effective walls against digital theft.
Read more »
quantum computing
AI AI in cybersecurity Blockchain Security Cyber Security post-quantum cryptography quantum computing

AI and Quantum Computing Convergence Raises New Security Concerns for Crypto and Digital Infrastructure

 

The long-standing debate within the cryptocurrency sector over whether quantum computing could threaten blockchain networks such as Bitcoin and Ethereum is taking on renewed urgency. Industry experts now believe that artificial intelligence (AI) may be speeding up the arrival of quantum breakthroughs, prompting concerns about the future of digital security.

Specialists working in blockchain protection and post-quantum cryptography say the intersection of AI and quantum computing is reshaping cybersecurity. AI is increasingly being used both by attackers seeking vulnerabilities and by developers strengthening defenses. At the same time, it is helping advance quantum computing research at a faster pace.

“The security landscape of the future is going to be different,” said Alex Pruden, CEO of Project Eleven, a company focused on quantum-resistant infrastructure for crypto.

“Between quantum and AI, we’re going to go into a world where security, and this is more broadly than just crypto, you simply cannot count on the way you’ve always done things,” Pruden said.

The growing concern follows warnings from technology companies and researchers suggesting that quantum computers capable of breaking current cryptographic systems could arrive sooner than expected. While experts continue to debate the exact timeline, many agree that AI could significantly accelerate progress in the field.

“AI is definitely being used to accelerate the development of quantum computing,” Pruden said. Researchers are already using machine learning systems to optimize quantum error correction, one of the field’s biggest engineering bottlenecks.

Illia Polosukhin, co-founder of NEAR Protocol and a former Google AI researcher, noted that AI has been enhancing scientific innovation for years.

“AI is becoming more and more of an accelerator,” Polosukhin said. “The rate of research is going to accelerate from here, and we have already seen progress that people didn’t expect would come this early.”

Reflecting on his experience at Google in 2016, Polosukhin explained that machine learning was already contributing to the discovery of new materials. “It might be that the next generation quantum computer will be built with AI and quantum computers of this generation,” he said. “It’s feeding into itself.”

Security experts are increasingly focused on a strategy known as “harvest now, decrypt later,” where sensitive encrypted information is collected today in anticipation of future quantum systems being able to decode it.

“If I know quantum computers are coming in a couple of years, I will start trying to capture all possible data that’s going around,” Polosukhin said.

“Everything we’re putting on the internet, if you’re identifiable as a person of interest, you can assume will be decrypted in two years,” he added. “It’s most likely happening already.”

For the cryptocurrency industry, the risks are particularly significant. Most blockchain networks rely on elliptic curve cryptography, a security standard widely used across the internet. A sufficiently advanced quantum computer could potentially derive private keys from public keys, exposing wallets and digital assets to theft.

However, experts argue that the real challenge lies not in quantum computing alone but in its combination with AI, creating an ongoing cybersecurity arms race.

Artificial intelligence is becoming increasingly capable of identifying coding weaknesses, software flaws, and security vulnerabilities. According to Pruden, these advances may increase the frequency and sophistication of cyberattacks.

“I would expect the advent of AI to accelerate… even more hacks,” Pruden said. “You have these AI models that are able to find either implementation bugs in the underlying cryptography or increasingly, I think, break the cryptography itself.”

At the same time, developers are leveraging AI to improve software security through code reviews, testing, and formal verification processes.

“AI can help with formal verification of post-quantum systems,” Pruden said. “That theoretically makes them more secure.”

Researchers believe this evolving environment means security can no longer be treated as a static framework that receives occasional updates. Instead, digital systems may require constant adaptation to stay resilient.

“Nothing is going to be as static as it’s been in the future,” Pruden said. “Either a quantum computer comes online to break some fundamental assumption, or AI gets smart enough to break that assumption too.”

This shift is already influencing blockchain ecosystems. Networks including Ethereum, Zcash, Solana, Ripple, and NEAR are exploring or implementing strategies designed to support post-quantum security.

NEAR recently revealed plans to integrate post-quantum cryptography into its account architecture, enabling users to switch cryptographic methods without moving assets to new wallets.

“Back in 2018, when we were designing [NEAR], we were like: ‘Hey, quantum will come, we should have an easy way to do it,’” Polosukhin said.

Despite growing momentum, the transition remains challenging. Current post-quantum cryptographic solutions often require more computational resources and larger data sizes than existing standards.

“The cryptography that’s currently standardized for post-quantum is very big and slow,” Polosukhin said.

According to researchers, the broader impact of AI and quantum computing is forcing a rethink of one of the digital era’s core assumptions—that encryption can remain secure for extended periods. As technology evolves, cybersecurity may increasingly depend on continuous upgrades and adaptive protection mechanisms rather than long-term static safeguards.

Read more »
Technology
Bitcoin Security Blockchain Security Cryptographic Risk Digital Asset Security ECDSA Vulnerability Post Quantum Cryptography Quantum Computing Quantum Threat Technology

Quantum Technology Emerges as a Potential Threat to Bitcoin Networks


 

Bitcoin's security architecture has been based on a foundational assumption that modern cryptographic protections will remain computationally impractical to violate at scale for more than a decade. 

Now, with quantum computing transitioning from theoretical research into an emerging engineering reality capable of challenging the mathematical foundations behind digital signatures and blockchain authentication, this assumption is coming under renewed scrutiny. 

With the development of quantum technologies, security researchers and blockchain developers are increasingly evaluating the potential exposure of private keys, compromise of wallet integrity, and weakening of transaction trust in decentralised ecosystems as quantum capabilities continue to mature. 

While the discussion extends beyond the quantum threat itself, it emphasises the enduring importance of private key protection and the operational limitations of hardware wallets, where computational efficiency, power constraints, and algorithm compatibility are critical factors determining the viability of next-generation cryptographic defences. It is against this backdrop that a proposal from Avihu Levy has been widely discussed in regard to Bitcoin's post-quantum transition strategy. 

Quantum Safe Bitcoin (QSB) is a transaction model proposed by Levy that is designed to preserve cryptographic security even in the presence of an advanced quantum system capable of executing Shor's algorithm against conventional public-key cryptography. There is particular interest in the proposal within the Bitcoin ecosystem because it does not require consensus-level changes to the Bitcoin protocol itself, thus avoiding the difficult and political process typically associated with network upgrades.

Due to its ability to layer quantum-resistant protections onto existing infrastructure rather than replacing the protocol foundation entirely, the architecture has been widely regarded as an elegant piece of engineering. The emergence of this technology coincides with a general acceleration in industry readiness for post-quantum risks, as governments, semiconductor firms, and major cloud providers intensify migration planning around potential cryptographic risks in the near future. 

While QSB has gained significant popularity, security researchers note that the proposal addresses a much narrower segment of the quantum problem than public discussion sometimes implies. In light of the broader operational challenges associated with exposing private keys, implementing wallets, and ensuring long-term cryptographic survival across decentralised networks, this proposal offers a broad perspective on the quantum problem. 

Quantum computing is of concern to a larger audience because it could undermine public-key cryptography, which encrypts blockchain ecosystems with public keys, particularly signature schemes like ECDSA, which is used across Bitcoin and Ethereum networks. Using publicly exposed wallet data, an advanced quantum system could theoretically be able to derive private keys, enabling forged transactions and unauthorised transfers of funds. 

While researchers generally agree that quantum hardware is not yet capable of executing such attacks at scale, the debate has intensified due to the inherent slowness and operational sensitivity of blockchain migrations across decentralised communities, and the difficulty in coordinating across them. Bitcoin is often viewed as particularly vulnerable in this context due to its conservative governance structure and historically cautious approach towards protocol-level changes. 

There is current evidence that approximately 6.5 to 6.9 million bitcoins are at risk of quantum exposure due to their public keys being visible on the blockchain, which represents approximately one-third of the total circulating supply of bitcoins. This includes older pay-to-public-key (P2PK) addresses that were widely used during Bitcoin's early years, and are believed to be linked to Satoshi Nakamoto's dormant wallets. 

Blockchain records directly contain the public key of legacy address formats, allowing for the reconstruction of the private key by a future quantum computer using Shor's algorithm, thereby obtaining the funds. As a result of the newer pay-to-public-key-hash (P2PKH) structures, public keys are concealed behind cryptographic hashes until a transaction is initiated, reducing the exposure of public keys. 

Once funds are spent from a P2PKH wallet, the public key becomes permanently visible on the blockchain, creating a long-term attack surface if the address is reused in the future. Researchers are also warning against utilising "harvest now, decrypt later" strategies, which involve adversaries collecting encrypted blockchains and transaction data in advance of quantum capabilities. 

The implementation of cryptographic upgrades more rapidly may be possible on proof-of-stake networks such as Ethereum, although experts caution that if defensive migration timelines fail to keep pace with computational advances, validator infrastructure and signature keys could eventually face quantum-era risk. After Google researchers released updated projections in March that indicated that it could take nearly twenty times fewer physical qubits to compromise Bitcoin's elliptic curve cryptography than estimates prepared a year earlier, concerns regarding the timeline of quantum risk intensified further. 

Despite the fact that practical quantum attacks against Bitcoin are currently outside of operational capability, the revised calculations confirm an industry understanding that the threat is gradually moving from theoretical modelling to engineering inevitability in the long term. As a result, Bitcoin is challenged by an inseparability between the technical challenge and governance. 

A consensus has not been reached on how vulnerable dormant wallets should be handled if quantum-capable systems eventually emerge. The failure to freeze or invalidate those holdings would introduce direct intervention into property ownership within a system designed specifically to resist central control, effectively creating a future race for quantum-enabled theft. There are also equally controversial implications associated with burning inaccessible balances, which force the network to make unprecedented decisions regarding asset legitimacy and protocol authority. 

In spite of all proposed mitigation strategies, the issue of who has the authority to make such decisions for a decentralised monetary system remains fundamentally unresolved. Although Bitcoin Core developers are permitted to propose code changes, they are not allowed to unilaterally modify ownership records or dormant balances without coordinated consent from miners, exchanges, custodians, node operators, and other stakeholders. 

The governance tension represents an aspect of the quantum problem that can not be fully addressed through cryptography alone in proposals such as Quantum Safe Bitcoin. In decentralised infrastructure, the underlying assumption for many years has been that any architectural limitations can eventually be resolved through upgrades and coordination with enough time and consensus. 

Quantum computing is now testing that assumption under an externally imposed technological timeframe driven not by community preference, but by advancements in physics, semiconductor engineering, and computational science. The process of transitioning Bitcoin toward post-quantum resilience will probably take time, money, and political compromise if it is to be successful. 

The network may face the fact that, if coordination fails to keep pace with technological advancement, foundational cryptographic choices made during Bitcoin's earliest design phase will not always remain secure in light of evolving computational power indefinitely. Quantum Safe Bitcoin has received a great deal of attention, but researchers emphasise that it focuses on only one layer of a much wider structural problem. 

By successfully introducing transaction-level quantum resistance, QSB provides a practical defensive mechanism for protecting active holdings against future cryptographic threats by reducing computational overhead. There is much more to the issue than just protecting individual wallets. The central challenge for Bitcoin is determining whether a decentralised network without a governing authority will be able to realistically move hundreds of millions of addresses toward a new cryptographic standard prior to quantum technologies becoming available. 

When considering the dormant wallets and inaccessible coins that cannot voluntarily participate in such a transition, the problem becomes even more complex. In order to execute an extensive migration strategy, developers, miners, exchanges, custodians, infrastructure operators, and long-term holders will need to work together as a consensus-driven governance group with incentives that may not fully align. 

While quantum computing advances are achieved through concentrated research and technological breakthroughs, decentralised coordination is generally characterised by a slow and sometimes prolonged period of ideological disagreement.

Many analysts believe this is the real test for Bitcoin in the quantum era, not in the design of stronger cryptography, but in the ability of a globally distributed financial system to collectively adjust to external technological pressures without compromising its principle of decentralisation. Bitcoin's cryptography is no longer the single focus of the quantum debate, however. Instead, the question is whether decentralised systems are capable of coordinating fast enough to survive the technological transition they cannot control. 

Post-quantum research is accelerating across the government and private sectors, resulting in unprecedented scrutiny of long-term security assumptions, dormant asset exposure, and governance resilience within the cryptocurrency industry. 

As a result of this challenge, Bitcoin's cryptographic architecture may ultimately be examined in terms of its durability, as well as its practical limits under real-world computational pressures related to decentralised consensus.
Read more »
Quantum threats
Bitcoin Security Blockchain Security Cryptographic Attacks Cyber Security Cyber Threats Elliptic Curve Cryptography Post Quantum Cryptography Quantum computing Quantum threats

Bitcoin Edges Closer to Q-Day Following Quantum Key Breakthrough


 After an anonymous researcher was able to compromise a simplified Bitcoin-style encryption key with the help of a publicly accessible quantum computer, a new and increasingly significant phase has emerged in the race between cryptographic resilience and quantum capability. 


By using a variant of Shor's algorithm, the breakthrough has been demonstrated as the largest quantum attack against elliptic curve cryptography (ECC) to date, and the security of Bitcoin and other blockchain networks relying on public-key cryptographic systems Project has been heightened as a result of this event. 

Eleven confirmed it had awarded its 1 Bitcoin “Q-Day Prize,” valued at nearly $78,000, to Italian researcher Giancarlo Lelli for successfully breaking a 15-bit ECC key. The demonstration was conducted using a highly simplified cryptographic model rather than a production-scale Bitcoin wallet, but it reinforced warnings from cybersecurity and quantum research communities that theoretical quantum threats are narrowing faster than previously anticipated as practical exploitation becomes more accessible.

In response to the rapid advancement in quantum computing research, digital assets have received renewed scrutiny due to the cryptographic foundations of digital assets. The publication of several research papers in March 2026 indicates that large-scale quantum systems may be able to undermine commonly used encryption methods far before earlier projections indicated. There is a concern concerning Shor's algorithm, a quantum technique capable of solving mathematical problems such as integer factorization and discrete logarithms for elliptic curves, which serve as the foundation for cryptocurrencies, secure communications, and digital authentication. 

Researchers at Google Quantum AI recently reported that a sufficiently advanced quantum computer capable of deriving a Bitcoin private key from its associated public key in less than ten minutes if it contained fewer than 500,000 physical qubits. This further raised concerns. As a result of such a capability, classical systems will no longer face computational infeasibility, which would result in years or even centuries of work to accomplish the same task. 

According to the study, blockchain developers, cryptographers, and security analysts are reassessing how rapidly they may need to prepare for "Q-Day" – a phenomenon when quantum computers become sufficiently powerful to compromise current cryptographic standards at scale and threaten global digital infrastructure integrity. It is noteworthy, however, that despite the growing alarm, the current hardware does not meet the threshold required for a real-world attack on Bitcoin. 

The most advanced quantum processors currently operate at approximately 1,000 qubits, leaving a significant technological gap before practical cryptographic compromise is feasible. Project Eleven's latest experiment, however, has been regarded as an early indicator that the cryptocurrency sector is entering a transition period where quantum-resistant security models are required to be developed before theoretical risks become operational threats. 

Increasing quantum developments are transforming broader market sentiment about digital assets, as concerns about cryptographic durability have moved beyond theoretical discussions and have become institutional risk assessments. Bitcoin's security architecture relies on the elliptic curve cryptography system to authenticate ownership and to secure transactions over the network for many years. 

Quantum research is progressing, however, which is leading analysts and security experts to question whether future quantum systems will undermine the mathematical assumptions underlying blockchain security. The debate is already influencing financial positioning within traditional markets. Upon the removal of Bitcoin from Jefferies' model portfolio, Christopher Wood, global head of equity strategy, noted that continued advances in quantum computing could adversely affect the credibility of the cryptocurrency as a long-term store of value, unless its cryptographic protections are successfully compromised. 

The concerns gained additional traction after Google Quantum AI released a whitepaper on March 31, which presented significant reductions in hardware requirements for executing quantum attacks against the elliptic curve cryptography that is used by Bitcoin, Ether, and most major blockchain networks. 

Researchers have estimated that fewer than 500,000 physical qubits of a superconducting quantum computer could theoretically be sufficient to compromise these cryptographic systems, a number twenty times lower than earlier projections that suggested the requirement would be in the multimillion-qubit range. Several academics and institutions contributed to the research, including Justin Drake, Dan Boneh, and six researchers from Google Quantum AI led by Ryan Babbush and Hartmut Neven. 

Google also disclosed the research had been coordinated with U.S. government stakeholders prior to publication. Coinbase, Stanford Institute for Blockchain Research, and Ethereum Foundation were among the organizations that collaborated with Coinbase to develop the report. Research indicates, however, that quantum computing is not yet able to reach the operational scale required to perform such attacks on live blockchain networks. 

Google's most advanced quantum processor, Willow, currently operates with 105 qubits-well below the company's projections for such processors. Despite this, the industry's perception of the timeline has changed due to the rapid reduction in estimated hardware requirements. The concept was once considered a distant theoretical possibility, but is now increasingly seen as a long-term engineering challenge that must be mitigated with proactive measures, especially as the interval between quantum capabilities and cryptographically relevant quantum systems continues to narrow faster than many researchers expected. 

Project Eleven's "Q-Day Prize" launched in 2025 to assess whether publicly accessible quantum systems could progress beyond the limited proof-of-concept exercises that have long defined the field has also gained renewed visibility through the latest demonstration. It was designed to counter persistent criticisms that existing quantum hardware has only been able to demonstrate mathematically trivial demonstrations, including dividing the number 21 into 3 and 7, in an attempt to counter persistent criticism that quantum computers will be capable of breaking modern cryptographic systems at scale. 

During Giancarlo Lelli’s successful attack on that boundary, he solved a 15-bit elliptic curve cryptography problem covering 32,767 possible values, resulting in a significant improvement in the complexity publicly achieved using accessible quantum infrastructure.

In the opinion of Project Eleven co-founder Alex Pruden, the significance of the result has less to do with the size of the broken key than it does with the evidence of sustained technological advancement within quantum science. "The good news here is that progress is being made," Pruden said, arguing that the experiment demonstrates quantum computing has advanced beyond symbolic accomplishments. 

As reported by the media, the attack involved the implementation of a quantum system with approximately 70 qubits which was executed within minutes of the algorithmic framework having been finalized. 

A qubit is different from classical binary bits, in that they can exist simultaneously in multiple probability states, allowing quantum systems to perform certain cryptographic calculations exponentially faster under the right conditions. 

In the report, it was stated that Lelli's submission was reviewed by a panel of independent researchers from academia and industry, including experts associated with the University of Wisconsin–Madison and the quantum software company qBraid. Quantum hardware developers and academic institutions continue to publish increasingly ambitious projections for attaining cryptographically relevant quantum systems at the time of this announcement. 

Google Quantum AI made public commitments to transitioning its infrastructure to post-quantum cryptography by 2029 as a result of rapid advances in quantum hardware scalability, error correction techniques, and declining estimates for computing resources required to compromise current encryption standards in March. As a consequence, competing research estimates continue to narrow the perceived distance to practical attacks on blockchain cryptography. 

Using Google's estimate, less than 500,000 physical qubits are required to compromise Bitcoin's elliptic curve protection. However, a separate study conducted by the California Institute of Technology and Oratomic indicates that a neutral-atom quantum architecture may be able to reduce the amount of qubits required to 10,000 to 20,000. 

The focus of Pruden's organization is currently on 2029 as a worst-case estimate for the arrival of "Q-Day," emphasizing that forecasting the pace of scientific breakthroughs remains inherently uncertain due to the unpredictable nature of both engineering improvements and human innovation. The Project Eleven project estimates that approximately 6.9 million Bitcoins currently stored in wallets with publicly exposed keys on the blockchain could become theoretically vulnerable to quantum-based attacks if such systems eventually come into existence. 

However, it remains the belief of many within the cryptocurrency sector that the issue is more of a long-term infrastructure challenge than an immediate threat to the system. A number of defensive proposals are being discussed among Bitcoin developers with the purpose of transitioning the network to quantum-resistant cryptographic models. 

A proposed upgrade such as BIP-360 introduces quantum-secure transaction formats, while BIP-361 phases out older signature schemes and may freeze dormant coins unable to migrate to the enhanced security protocols. A dedicated post-quantum security initiative has been launched by the Ethereum Foundation, with co-founder Vitalik Buterin presenting plans for replacement of vulnerable components of Ethereum's cryptographic architecture over the long term.

Pruden also emphasized that advances in artificial intelligence could accelerate Q-Day even further by increasing quantum error-correction efficiency, thereby aiding researchers and attackers in quickly identifying weaker cryptographic targets, potentially compressing the timeframe available for blockchain networks to implement defensive transitions. 

In spite of the ongoing debate within the cryptocurrency industry regarding the urgency of quantum threats, the direction of research suggests that the conversation has shifted from theoretical speculation to strategic planning for the long term. Currently, Bitcoin and other blockchain networks remain protected by an enormous technological gap that separates current quantum hardware from the capability required to conduct a successful cryptographic attack.

Despite this, the steady reduction in estimated qubit requirements, combined with rapid advancements in quantum engineering and artificial intelligence, are intensifying pressure on developers and exchanges to prepare for a post-quantum future as soon as possible. Institutions are now reviewing their risk models as blockchain ecosystems move towards quantum-resistant security standards, and emergence of a "Q-Day" is no longer considered a question of whether it will occur, but rather a question of when.
Read more »
Token Minting Flaw
Blockchain Security Crypto Hack Cyber Attacks Decentralized Finance DeFi Risk Digital Asset Theft Smart Contract Vulnerability Stablecoin Exploit Token Minting Flaw

24.5 Million Dollar Hack Exposes Vulnerabilities in Resolv DeFi


 

The concept of stability is fundamental to the architecture of decentralized finance - it is the foundation upon which trust is built. A stablecoin brings parity with the dollar to the decentralized finance system, providing a quiet assurance that one token will reliably mirror one unit of currency. 

The premise of this proposition has been severely undercut with the case of Resolv, where the USR token now trades at less than a third of its intended peg and hovers around 27 cents, clearly demonstrating a structural breakdown that cannot be rectified by simple recalibration. 

During the early hours of Sunday morning, at approximately 2:21 a.m. UTC, an attacker exploited a vulnerability within the protocol's minting contract, fabricating nearly 80 million tokens without backing. A swift and systematic unwinding of value followed-those artificially created assets were funneled through decentralized exchanges, exchanged for more liquid stablecoins, and eventually consolidated into Ether. 

After completing the activity, the attacker had obtained digital assets worth approximately $25 million, leaving behind not only a depegged token, but also a stark reminder of how confidence can rapidly erode when mathematical foundations of financial systems fail to hold up. It is evident from the mechanics of the breach that there was a deeper architectural weakness rather than a momentary lapse that led to the breach. 

A capital injection of $100,000 to $200,000 in USDC was sufficient to engage the protocol's minting interface under normal conditions at the beginning of the sequence. However, what occurred afterward diverged significantly from what was expected. By exploiting a flaw in the authorization flow, the adversary was able to generate approximately 80 million USR tokens, a number that is significantly greater than the initial collateral provided. 

Ultimately, this breakdown occurred as a result of an off-chain signing service entrusted with a privileged private key that authorised the minting of mint quantities. The contract verified the presence of a valid cryptographic signature, but failed to impose any intrinsic ceiling on issuance. Therefore, a critical control was externalized without being enforced on the blockchain. 

Having created the unbacked tokens, the attacker moved with calculated precision to convert USR into its staked derivative, wstUSR, and unwind the position using decentralized liquidity pools. Upon incremental exchange of the assets for stablecoins and then consolidation of Ether, the proceeds could be absorbed into deeper market liquidity, thereby providing a greater level of market liquidity. 

Parallel to the sudden injection of uncollateralized supply, USR's market equilibrium was destabilized, resulting in a rapid depreciation of almost 80 percent. As a result of establishing the sequence of events, the incident demonstrates the importance of investigating the minting architecture and implicit trust assumptions that enabled such a breach to occur.

Rather than limiting themselves to Resolv's immediate ecosystem, the repercussions of the exploit have been emitted across interconnected DeFi infrastructure protocols. A detailed internal assessment has now been initiated to determine the extent of exposure for organizations that integrated USR into shared liquidity pools, accepted it as collateral, or relied on its yield mechanisms. 

Decentralized finance is based on the premise that it can be layered, enhancing efficiency as well as reducing risk, and this chain reaction is indicative of this. As a result of the sudden depegging of USR, platforms upstream have encountered balance sheet inconsistencies. 

As a precautionary measure, select operations were suspended, withdrawals and deposits were restricted, and governance-driven responses were initiated to mitigate potential deficits. This requires a more detailed audit of smart contract states and liquidity positions to reconcile the impact of a compromised asset than surface-level accounting.

As a result of the episode, DeFi remains aware of a persistent structural reality: vulnerabilities at a foundational layer can lead to instability throughout the entire stack, thereby exposing even indirectly exposed participants to disruption. There has been an increase in attention on the post-exploit environment, where the trajectory of stolen assets may influence recovery prospects. 

On-chain observations indicate that the majority of the approximately $25 million extracted remains consolidated within wallets controlled by the attacker, with no visible signs of obfuscation by mixing or crossing chains. It has historically been observed that such inactivity precedes negotiation attempts, as demonstrated in prior incidents involving attackers engaging with protocol teams under whitehat or quasi-whitehat frameworks to return funds in exchange for incentives. 

In addition to unclear whether Resolv's operators have initiated similar outreach or structured a formal bounty, no confirmation regarding direct communication with the attacker has been released to date. While blockchain analytics firms are actively tracing transaction flows, no parallel involvement by law enforcement agencies has been reported. 

Near-term, the focus is on transparency and remediation for affected users and counterpart protocols monitoring official disclosures, evaluating exposure statements, and waiting for comprehensive post-incident analyses along with compensation frameworks. 

Decentralized finance continues to gain momentum as it moves toward broader adoption; however, the incident once again illustrates that there is still a significant gap between innovation and security assurance in systems where trust is distributed but accountability can become muddled.

A number of factors contribute to the shift in focus from attribution to prevention in the aftermath of the incident, underlining the need for more resilient design principles across decentralized systems. Consequently, security in DeFi cannot be partially delegated to off-chain mechanisms or implicit trust models; critical controls must be enforced at the protocol level by ensuring deterministic safeguards, limiting minting logic, and continuously validating changes to the state. 

During this conference, protocol architects and developers are reminded of the importance of minimizing privileged dependencies, implementing rigorous audit layers, and stress testing composability risks under adversarial conditions. 

Participants are reminded that it is imperative that not only yield opportunities are evaluated, but that underlying mechanisms are also examined for structural integrity. It is expected that sustained credibility will be dependent less on the speed at which innovations are implemented, and more on the discipline with which security assumptions are developed, verified, and communicated transparently.
Read more »
Technology
Bitcoin Cryptography Blockchain Security Crypto Risk cyber threat Decentralised Consensus Post Quantum Crypto Public Key Exposure Quantum computing Shor Algorithm Technology

Bitcoin’s Security Assumptions Challenged by Quantum Advancements


While the debate surrounding Bitcoin’s security architecture has entered a familiar yet new phase, theoretical risks associated with quantum computing have emerged in digital forums and investor circles as a result of the ongoing debate. 

Although quantum machines may not be able to decipher blockchain encryption anytime soon, the recurring debate underscores an unresolved issue that is more of an interpretation than an immediacy issue. However, developers and market participants continue to approach the issue from fundamentally different perspectives, often without a shared technical or linguistic framework, despite the fact that they are both deeply concerned with the long-term integrity of the network. 

In response to comments made by well-known Bitcoin developers seeking to dispel growing narratives of a cryptographic threat that was threatening the bitcoin ecosystem, a resurgence of discussion has recently taken place. There is no doubt that they hold an firmly held position rooted in technical pragmatism: computational systems are not currently capable of breaking down Bitcoin's underlying cryptography, and scientific estimates indicate they would not be able to do so at a scale that would threaten the network for decades to come.

Although the reassurances are grounded in the practicality of the situation now, they have not been able to dampen the renewed momentum of speculation. This reveals that the debate is fueled as much as by perception and readiness as it is by technological capability itself. In addition, industry security leaders have provided input to the debate, including Jameson Lopp, Chief Security Officer at Casa, who pointed out that Bitcoin cannot be prepared structurally for a postquantum future because of its structural difficulties. 

Nonetheless, Lopp has warned that while quantum computing is not likely to pose an actual threat for Bitcoin's elliptic curve cryptography today, there is a timetable for defensive upgrades which is defined less by science feasibility and more by how complicated the governance system is. While centralized digital infrastructures may be patched at will as they are deployed at will, Bitcoin’s protocol modifications require broad consensus across a stakeholder landscape which is unusually fragmented. 

There is a requirement that node operators, miners, wallet providers, exchanges, and independent users all be part of a deliberative process that is difficult to interrupt quickly due to its deliberate nature. Based on Lopp's estimation, it may take five to ten years to transition the network to post-quantum standards. This is due to the friction inherent to decentralized decision-making, rather than the technical impossibility of the process. 

In this regard, Lopp emphasizes an important recurring theme: the threat is not urgent, but choreography—ensuring future safeguards are formulated with precision, patience, and overwhelming agreement, while not undermining Bitcoin's unique decentralization, which defines its resilience. In what had largely been a theoretical debate, the debate regarding Bitcoin's future-proofing has now gained a new dimension with the inclusion of empirical testing in what was largely a theoretical one. 

Project Eleven, a quantum computing research organization, has released a competitive challenge that aims to assess the stability of the network against actual quantum capabilities rather than projected advances in quantum technology. This initiative, which has been branded as the Q-Day Prize, offers 1 Bitcoin - an amount estimated to be approximately $84,000 at the time of release - to anyone able to decode the largest segment of a Bitcoin private key using Shor's algorithm on an operating quantum computer within a 12-month period. 

It is explicitly prohibited from participating in the contest if hybrid or classical computational assistance are employed, further emphasizing the contest's requirement that quantum performance be demonstrated unambiguously. 

It is not just the technical rigor that explains why the project was initiated, but it is also a strategic signaling exercise: Project Eleven claims that more than 10 million Bitcoin addresses have disclosed public keys to date, securing an estimated 6 million Bitcoins in total, the current market value of which is approximately $500 billion. 

Despite the fact that even a minimal level of progress – like successfully extracting even a fraction of the key bits – would constitute a significant milestone for this company, the firm maintains that even a breach of just three bits would be a monumental event, since no real-world elliptic curve cryptographic key has ever been breached at such a large scale.

In the spirit of Project Eleven, the project is not intended as an attack vector, but rather as a benchmark for preparedness, which is aimed at replacing conjecture with measurable results and increasing momentum towards post quantum cryptographic research before the technology reaches adversarial maturity. 

There is some stark divergence in perspectives on the quantum question among prominent Bitcoin community figures, though there is a common thread in how they assess the urgency of the situation. Founder of infrastructure firm Blockstream Adam Back asserted that the risk of quantum computing was in fact “effectively nonexistent in the near term,” arguing that it is still “ridiculously early” and is faced with numerous unresolved scientific challenges, and that even under extreme scenarios, Bitcoin's architecture would not suddenly expose all of its coins to seizure even if extreme scenarios occurred. 

The view expressed by Thicke echoes an underlying sentiment amongst designers who emphasize that even though Bitcoin's use of elliptic curve cryptography theoretically exposes some addresses to future risks, this has not translated into any current vulnerabilities as a result and that is why it is still regarded as something for the future. 

In theory, sufficiently powerful quantum machines running Shor's algorithm could, in theory, derive private keys from exposed public keys, which is something experts are concerned could threaten funds held in legacy address formats, such as Satoshi Nakamoto's untouched supply, which have been languishing for years. However, this remains speculative; quantum advances are not expected to result in the network failing immediately as a consequence. 

There are already a number of major companies and governments that are preparing for the future preemptively, with the United States signaling plans to phase out classical cryptography by the mid-2030s and firms like Cloudflare and Apple integrating quantum-resilient systems into their products. The absence of a clear transition strategy, however, in Bitcoin is drawing increased investor attention as a result of the absence of a formalized transition strategy. 

There appears to be a disconnect between cryptographic theory and practical readiness, as Nic Carter, a partner at Castle Island Ventures, has observed. The capital markets are less interested in the precise timing of quantum breakthroughs than in whether Bitcoin can demonstrate a viable path forward if cryptographic standards are altered, as opposed to whether they can predict a quantum breakthrough when it happens. 

A debate about Bitcoin's quantum security goes well beyond technical discourse; it is about extending the trust that has historically defined Bitcoin’s credibility—the underlying basis of Bitcoin’s credibility. As Bitcoin's ecosystem evolves into a financial infrastructure of global consequence, it is now intersecting institutional capital, sovereign research priorities, and retail investment on a scale that once seemed unimaginable, revealing how it has become so influential. 

According to industry observers and analysts, network confidence is no longer based on the network’s capacity for resisting hypothetical attacks, but rather on its ability to anticipate them. For long-term security planning, it is becoming increasingly important for Bitcoin’s decentralised design to be based on its philosophical foundations — self-custody, open collaboration, and distributed responsibility — to serve as strategic imperatives in order to achieve them. 

Some commentators caution against dismissing a time-bound vulnerability that is well recognized as such, and risk being interpreted as a failure of stewardship, especially since governments and major technology companies are rapidly adopting quantum-resistant cryptographic systems in an effort to avoid cyber security vulnerabilities. 

In spite of the fact that market sentiment is far from panicky, it does reflect an increasing intolerance of strategic ambiguity among investors and developers. Both are being urged to align once again around the principle which made Bitcoin so popular in the first place. The ability to survive and thrive in finance and emerging technologies requires proactive foresight, as well as the ability to adapt and develop in an innovative manner. 

BIP360 advocates argue that the proposal is not about forecasting quantum capability, but rather about determining the appropriate strategic time to implement the proposal. It is argued that the transition to post-quantum cryptographic standards - should it be pursued - will require a rare degree of synchronization across Bitcoin's distributed ecosystem, which means phased software upgrades, infrastructure revisions, as well as coordinated action on the part of wallet providers, node operators, custodians, and end users in order to achieve these goals.

It is stressed by supporters that initiating the conversation early can act as a means of risk mitigation, decreasing the probability that decision-making will be compressed should technological progress outpace consensus mechanisms. 

The governance model that has historically insulated Bitcoin from impulsive changes is now being reframed as a constraint in debates where horizons are shaped by decade-scale rather than immediate attack vectors. Quantum computing is viewed by cryptography experts as a non-existent threat to the network, and no credible scientific roadmaps suggest that an imminent threat will emerge from it. 

In spite of this, market participants noted that bitcoin has attracted more institutional capital and has longer investment cycles, which have led to a narrowing of tolerance towards unresolved systemic questions, no matter how distant. 

A lack of a common evaluative framework between protocol developers and investors continues to keep the quantum debate peripherie of sentiment, not as an urgent alarm, but rather as an unresolved variable quietly influencing the market psychology in a subtle way.
Read more »
private key breach
Blockchain Security Crypto Theft crypto wallet hack Data Breach Ethereum transfer Hyperliquid hack PeckShield report private key breach

$21 Million Stolen in Hyperliquid Private Key Breach: Experts Warn of Rising Crypto Wallet Hacks

 

Hyperliquid user, identified by the wallet address 0x0cdC…E955, has reportedly lost $21 million in cryptocurrency after hackers gained access to their private key.

According to blockchain security firm PeckShield, the attackers swiftly transferred the compromised funds to the Ethereum network, as confirmed through on-chain tracking. The stolen crypto included approximately 17.75 million DAI tokens and 3.11 million MSYRUPUSDP tokens. PeckShield also shared visual data mapping out the wallet addresses connected to the heist.

“A victim 0x0cdC…E955 lost ~$21M worth of cryptos due to a private key leak. The hacker has bridged the stolen funds… including 17.75M & 3.11M,” — PeckShieldAlert (@PeckShieldAlert)

Blockchain records indicate that the stolen tokens were strategically transferred and redistributed across multiple wallets, mirroring tactics seen in earlier high-profile crypto thefts.

An unusual detail in the case is the timing of certain trading activities. Just as PeckShield’s alert went public, data showed that a Hyperliquid account closed a $16 million HYPE long position, followed by the liquidation of 100,000 HYPE tokens worth about $4.4 million.

Researchers analyzing transactions on Hypurrscan suggested that this trading account might have belonged to the same compromised user. Their findings indicate that the liquidated assets were later converted into USDC and DAI, with transfers spanning both the Ethereum and Arbitrum networks—aligning closely with the hacker’s movements identified by PeckShield.

The breach wasn’t limited to Hyperliquid balances. Investigations revealed an additional $3.1 million was siphoned from the Plasma Syrup Vault liquidity pool, with the tokens quickly routed to a newly created wallet.

Prominent X (formerly Twitter) user Luke Cannon suggested that the total damage could be higher, estimating another $300,000 stolen from linked wallet addresses.

Recurring Attacks Raise Security Concerns

Another Hyperliquid user, @TradeThreads (BRVX), reported losing $700,000 in HYPE tokens last month under similar circumstances.

“Lost 700k in hype in a similar incident last month. Not sure how they hacked. No malware, no discord chats, no TG calls, no email download,” — BRVX (@TradeThreads)

He speculated that Windows malware might have been the cause, as he had not accessed his wallets for a week and had recently switched to a new MacBook where the wallet wasn’t even set up.

Unlike exchange or smart contract vulnerabilities, this breach resulted from a private key leak, which grants attackers full access to wallet credentials. Such leaks often stem from phishing attacks, malware, or insecure key storage practices.

Cybersecurity experts continue to emphasize the importance of cold wallets or multi-signature setups for protecting high-value crypto assets.

Recently, Blockstream issued a security alert warning Jade hardware wallet owners of a phishing campaign spreading through fake firmware update emails.

Growing Pattern of Private Key Exploits

Private key-related hacks are becoming alarmingly common. Just weeks ago, North Korean hackers reportedly stole $1.2 million from Seedify’s DAO launchpad, causing its token SFUND to drop by 99%. Similarly, a Venus Protocol user on BNB Chain lost $27 million to a key breach in September.

According to CertiK’s annual security report, over $2.36 billion was lost across 760 on-chain security incidents last year, with $1.05 billion directly linked to private key compromises—making up 39% of all attacks.

The report explains that phishing remains a preferred method among hackers because it exploits human error rather than technological weaknesses. Since blockchain transactions are irreversible, even a single mistake can result in irreversible losses.

The Ethereum network continues to witness the most attacks, followed by Binance Smart Chain (BSC)—but experts warn that Hyperliquid is now becoming a new target for cybercriminals due to its decentralized infrastructure.
Read more »
Security Protocols
Advanced Technology Blockchain Security Cryptographic Cryptography Cybersecurity Cybertech CyberThreat Security Protocols

Core Cryptographic Technique Compromised Putting Blockchain Security at Risk

 


The concept of randomness is often regarded as a cornerstone of fairness, security, and predictability in both physical and digital environments. Randomness must be used to ensure impartiality, protect sensitive information, and ensure integrity, whether it is determining which team kicks off a match by coin toss or securely securing billions of online transactions with cryptographic keys. 

However, in the digital age, it is often very challenging and resource-consuming to generate true randomness. Because of this limitation, computer scientists and engineers have turned to hash functions as a tool to solve this problem. 

Hash functions are mathematical algorithms that mix input data in an unpredictable fashion, yielding fixed-length outputs. Although these outputs are not truly random, they are designed to mimic randomness as closely as possible. 

Historically, this practical substitution has been based on the widely accepted theoretical assumption of a random oracle model, which holds that the outputs of well-designed hash functions are indistinguishable from genuine randomness. As a result of this model, numerous cryptographic protocols have been designed and analysed, enabling secure communication, digital signatures, and consensus mechanisms, which have established it as a foundational pillar in cryptographic research. 

Despite this, as this assumption has been increasingly relied upon, so too has the scrutiny of its limits become more critical, raising serious questions about the long-term resilience of systems built on a system that may only be an illusion of randomness based on it. By enabling transparent, tamper-evident, and trustless transactions, blockchain technology is transforming a wide range of industries, ranging from finance and logistics to health care and legal systems. 

In light of the increasing popularity of the technology, it has become increasingly crucial for companies to secure digital assets, safeguard sensitive information, and ensure the integrity of their transactions in order to scale their adoption effectively. Organisations must have a deep understanding of how to implement and maintain strong security protocols across the blockchain ecosystem to ensure the effectiveness of enterprise adoption. 

In order to secure blockchain networks, there must be a variety of critical issues addressed, such as verifying transactions, verifying identities, controlling access to the blockchain, and preventing unauthorised data manipulation. Blockchain's trust model is based on robust cryptographic techniques that form the foundation of these security measures. 

An example of symmetric encryption utilises the same secret key for both encryption and decryption; an example of asymmetric encryption is establishing secure communication channels and verifying digital signatures through the use of a public-private key pair; and another example is cryptographic hash functions that generate fixed-length, irreversible representations of data and thus ensure integrity and non-repudiation of data. Several of these cryptographic methods are crucial to maintaining the security and resilience of blockchain systems, each playing a distinct and vital role. As a general rule, symmetric encryption is usually used in secure data exchange between trusted nodes, whereas asymmetric encryption is commonly used in identifying and signing transactions. Hash functions, on the other hand, are essential to the core blockchain functions of block creation, consensus mechanisms, and proof-of-work algorithms. 

By using these techniques, blockchain networks are able to provide a secure, transparent and tamper-resistant platform that can meet the ever-growing demands of modern digital infrastructure, while simultaneously offering a secure, transparent, and tamper-resistant platform. In the broader world of cybersecurity, cryptography serves as a foundational technology for protecting digital systems, communication channels, and data.

In addition to maintaining confidentiality, making sure sensitive data is protected from unauthorised access, and ensuring data integrity by detecting tampering or unauthorised modifications, it is an essential part of maintaining data integrity. As well as protecting data, cryptography also enables authentication, using mechanisms such as digital certificates and cryptographic signatures, which enable organisations to verify the identity of their users, devices, and systems in a high-assurance manner. 

The adoption of cryptographic controls is explicitly required by many data protection and privacy regulations, including the GDPR, HIPAA, and PCI-DSS, placing cryptography as an essential tool in ensuring regulatory compliance across many industries. With the development of more sophisticated cybersecurity strategies, cryptography will become increasingly important as it is integrated into emerging frameworks like the Zero Trust architecture and defence-in-depth models in order to respond to increasingly sophisticated threats. 

As the ultimate safeguard in multi-layered security strategies, cryptography plays a crucial role—a resilient barrier that is able to protect data even when a system compromise takes place. Despite the fact that attackers may penetrate outer security layers, strong encryption ensures that critical information will remain unable to be accessed and understood without the right cryptographic key if they manage to penetrate outer security layers. 

Using the Zero Trust paradigm, which assumes that there should be no inherently trustworthy user or device, cryptography enables secure access by enforcing granular authentication, encryption of data, and policy-driven access controls as well. The software secures data both in transit and at rest, reducing the risk of lateral movement, insider threats, and compromised credentials. 

A cyberattack is becoming increasingly targeted at core infrastructures as well as high-value data, and cryptographic technologies can provide enduring protection, ensuring confidentiality, integrity, and availability, no matter what environment a computer or network is in. The development of secure, resilient, and trustworthy digital ecosystems relies on cryptography more than any other technical component. 

A groundbreaking new study has challenged a central assumption in modern cryptography - that the random oracle model can be trusted - as well as challenged a fundamental part of cryptography's reliability. An effective technique has been developed to deceive a widely used, commercially available cryptographic proof system into validating false statements, revealing a method that is new to the world of cryptographic proof. 

In light of the fact that the system in question has long been considered secure, the random oracle model has long assumed that its outputs mimic genuine randomness. This revelation is particularly alarming. According to the researchers, the vulnerability they discovered raises significant concerns for blockchain ecosystems, especially those in which proof protocols play a key role in validating off-chain computations and protecting transaction records, especially those within blockchain ecosystems. 

The vulnerability carries significant repercussions for the blockchain and cryptocurrency industries, where the stakes are extremely high. According to the researcher Eylon Yogev from Bar-Ilan University in Israel, "there is quite a bit of money being made with these kinds of things." Given the substantial incentives for adversaries to exploit cryptographic vulnerabilities, malicious actors have a strong chance of undermining the integrity of blockchains. 

In the paper, Dmitry Khovratovich, a member of the Ethereum Foundation, Ron Rothblum, a member of the Technion–Israel Institute of Technology and zero-knowledge proof firm Succinct and Lev Soukhanov of the blockchain-focused startup [[alloc] init] all point out that the attacks are not restricted to any particular hash function. 

As a matter of fact, it exposes a more fundamental problem: it enables the fabrication of convincing, yet false, proofs regardless of the specific hash function used to simulate randomness within the system. This discovery fundamentally challenges the notion that hash-based randomness in cryptographic applications can always replace the real-world unpredictable nature of cryptography. 

A growing number of blockchain technologies are being developed and scaled, so the findings make it clear that we need more robust, formally verifiable security models—ones that are not based on idealised assumptions alone—as the technology continues to grow and grow. Encryption backdoors are deliberately designed, concealed vulnerabilities within cryptographic systems that allow unauthorised access to encrypted data despite standard authentication or decryption procedures being bypassed. 

This type of hidden mechanism can be embedded within a wide variety of digital technologies — from secure messaging platforms to cloud storage to virtual private networks and communication protocols, to name but a few. As encryption is intended to keep data secure, so only those with the intent to access it can do so, a backdoor undermines this principle effectively by providing a secret entry point that is usually known to the creators or designated third parties only. 

As an example, imagine encrypted data being stored in a highly secure digital vault, where access is restricted only to those with special cryptographic keys that they have, along with the recipient of the data, which can only be accessed by them. It is often said that backdoors are like concealed second keyholes — one undocumented and deliberately concealed — which can be used by selected entities without the user's knowledge or consent to unlock the vault. 

It is clear that proponents of such mechanisms contend that they are essential to national security and critical law enforcement operations, but this viewpoint remains very contentious among cybersecurity professionals and privacy advocates. Regardless of the purpose of the intentional vulnerability, it erodes the overall security posture of any system when included. 

There is a single point of failure with backdoors; if they are discovered or exploited by malicious actors such as hackers, foreign intelligence services, or insider threats, they have the ability to compromise a large amount of sensitive data. Having a backdoor negates the very nature of encryption, and turns robust digital fortresses into potentially leaky structures by the very nature of their existence. 

This implies that the debate over backdoors lies at an intersection of information privacy, trust, and security, and, in doing so, raises profound questions regarding whether the pursuit of surveillance should be made at the expense of an adequate level of digital security for every person.
Read more »
quantum cryptography
Blockchain Blockchain Security Chinese Tech Cyber Security Post-Quantum post-quantum cryptography Quantum Quantum Computers Quantum computing quantum cryptography

Chinese Scientists Develop Quantum-Resistant Blockchain Storage Technology

 

A team of Chinese researchers has unveiled a new blockchain storage solution designed to withstand the growing threat posed by quantum computers. Blockchain, widely regarded as a breakthrough for secure, decentralized record-keeping in areas like finance and logistics, could face major vulnerabilities as quantum computing advances. 

Typically, blockchains use complex encryption based on mathematical problems such as large-number factorization. However, quantum computers can solve these problems at unprecedented speeds, potentially allowing attackers to forge signatures, insert fraudulent data, or disrupt the integrity of entire ledgers. 

“Even the most advanced methods struggle against quantum attacks,” said Wu Tong, associate professor at the University of Science and Technology Beijing. Wu collaborated with researchers from the Beijing Institute of Technology and Guilin University of Electronic Technology to address this challenge. 

Their solution is called EQAS, or Efficient Quantum-Resistant Authentication Storage. It was detailed in early June in the Journal of Software. Unlike traditional encryption that relies on vulnerable math-based signatures, EQAS uses SPHINCS – a post-quantum cryptographic signature tool introduced in 2015. SPHINCS uses hash functions instead of complex equations, enhancing both security and ease of key management across blockchain networks. 

EQAS also separates the processes of data storage and verification. The system uses a “dynamic tree” to generate proofs and a “supertree” structure to validate them. This design improves network scalability and performance while reducing the computational burden on servers. 

The research team tested EQAS’s performance and found that it significantly reduced the time needed for authentication and storage. In simulations, EQAS completed these tasks in approximately 40 seconds—far faster than Ethereum’s average confirmation time of 180 seconds. 

Although quantum attacks on blockchains are still uncommon, experts say it’s only a matter of time. “It’s like a wooden gate being vulnerable to fire. But if you replace the gate with stone, the fire becomes useless,” said Wang Chao, a quantum cryptography professor at Shanghai University, who was not involved in the research. “We need to prepare, but there is no need to panic.” 

As quantum computing continues to evolve, developments like EQAS represent an important step toward future-proofing blockchain systems against next-generation cyber threats.
Read more »
Trading Bots
AI Trading Blockchain Security Crypto Scam Cyber Fraud Trading Bots

Crypto Scammers Are Targeting AI Trade Bots

 

The blockchain security company CertiK disclosed how a new generation of scammers is changing their tactics to target automated trading bots in the wake of the LIBRA meme currency fiasco, in which insiders were given advanced information of the launch procedures.

Kang Li, the chief security officer at CertiK, told Decrypt last week at Consensus in Hong Kong that some smart contracts are intentionally made to target the snipers.

The observations follow Hayden Davis's description of such ventures as a "zero-sum game" in which only a few have power. Davis is the self-described "launch strategist" for LIBRA and other celebrity meme coins.

Even at the top, all of it is extractive to some degree—none of it has value, Davis stated in an interview with Coffeezilla's Stephen Findeisen last Sunday. He explained how "professional snipers" are involved in meme coin launches, front-running a token and loading up to buy in before a launch is made public.

Smart contract sniping is a technique in which bots watch on-chain activity for newly issued tokens and execute deals before human traders can react. These bots use on-chain technology and are trained to execute trades as soon as liquidity becomes available. According to Li, a new breed of shrewd fraudsters is creating fake tokens with hidden "backdoors" that appear secure to AI-powered trading bots trained to identify security issues. 

Although these artificial intelligence trading bots "are not dumb" and examine tokens "to see if you have any clear rug-proofing function there," Li noted that scammers have exploited this as a bait-and-switch tactic. 

Following the launch of a token, the scammers "immediately promote [this] in all the AI trading community," and "once they have a few buys, they rug pull it," Li added. 

Li refutes the notion that blockchain security is unnecessary for meme coins and pump-and-dump operations, claiming that the actual risks are in who controls the token, price manipulation, and the history of those behind it. These scams are taking place on a "massive scale," potentially resulting in losses of "tens of millions of dollars," according to Li. With no fear of legal repercussions, scammers 'simply keep destroying' trading bots, taking advantage of a victim.
Read more »
Middle East
Blockchain Blockchain Security Blockchain Technology Customs and Excise Act Cyber Security Data Management Dubai Middle East

Dubai Customs Introduces Blockchain Platform to Streamline Commerce

 

Dubai Customs has recently unveiled a new blockchain platform aimed at streamlining commercial activities in the region, reinforcing its status as a technology-forward market. This initiative seeks to address and overcome obstacles hindering entrepreneurship in Dubai by leveraging blockchain technology to enhance transparency and facilitate secure data sharing. 

The newly introduced platform promises to offer secure and cost-effective solutions along with technology-driven logistics initiatives. Sultan Ahmed bin Sulayem, Chairman of Dubai’s Ports, Customs, and Free Zone Corporation, described the platform as a significant advancement in improving business and commercial operations in Dubai. “We are confident that the adoption of modern technologies such as blockchain will greatly contribute to enhancing the business environment and solidifying Dubai’s position as a key global trade hub,” Sulayem stated. 

Blockchain technology, or distributed ledger technology, distributes data across multiple nodes, thus avoiding centralization on a single server as seen in traditional systems. This feature significantly enhances security by making it difficult for malicious actors to infiltrate the network. Additionally, any information stored on blockchain networks is immutable, promoting transparency in business operations. 

Dubai officials are also keen on utilizing other blockchain features such as live tracking of goods and preventing fraud and counterfeiting. This is not the first time Dubai has explored blockchain technology. In May, a plan was revealed to position the region as one of the top ten economies proficient in metaverse technology. In a previous effort, Dubai collaborated with the Solana Foundation to establish a blockchain framework for its free economic zone, the Dubai Multi Commodities Centre (DMCC), in October 2023. This collaboration aimed to assist businesses in expanding their operations by leveraging blockchain technology. 

The new platform by Dubai Customs is expected to revolutionize the way businesses operate in the region, providing a more secure, transparent, and efficient environment for commercial activities. As Dubai continues to integrate cutting-edge technologies, it strengthens its position as a leading global trade hub and a beacon of innovation in the Middle East.
Read more »
ZKP
Blockchain Security cryptocurrency Data Privacy Stock Exchange Technology Transactions ZKP

Zero-Knowledge Proofs: How They Improve Blockchain Privacy?



Zero-knowledge proofs (ZKPs) are emerging as a vital component in blockchain technology, offering a way to maintain transactional privacy and integrity. These cryptographic methods enable verification without revealing the actual data, paving the way for more secure and private blockchain environments.

At its core, a zero-knowledge proof allows one party (the prover) to prove to another party (the verifier) that they know certain information without disclosing the information itself. This is particularly valuable in the blockchain realm, where transparency is key but privacy is also crucial. For example, smart contracts often contain sensitive financial or personal data that must be protected from unauthorised access.

How ZKPs Operate

A ZKP involves the prover performing actions that confirm they know the hidden data. If an unauthorised party attempts to guess these actions, the verifier's procedures will expose the falsity of their claim. ZKPs can be interactive, requiring repeated verifications, or non-interactive, where a single proof suffices for multiple verifiers.

The concept of ZKPs was introduced in a 1985 MIT paper by Shafi Goldwasser and Silvio Micali, which demonstrated the feasibility of proving statements about data without revealing the data itself. Key characteristics of ZKPs include:

  • Completeness: If the prover's statement is true, the verifier will be convinced.
  • Soundness: If the prover's statement is false, the verifier will detect the deception. 
  • Zero-Knowledge: The proof does not reveal any additional information beyond the validity of the statement.

Types of Zero-Knowledge Proofs

Zero-knowledge proofs come in various forms, each offering unique benefits in terms of proof times, verification times, and proof sizes:

  • PLONK: An acronym for "Permutations over Lagrange-bases for Oecumenical Non-interactive arguments of Knowledge," PLONK is known for its versatility. It supports various applications and allows a large number of participants, making it one of the most widely used and trusted ZKP setups.cyber 
  • ZK-SNARKs: Short for "Succinct Non-interactive Argument of Knowledge," ZK-SNARKs are popular due to their efficiency. These proofs are quick to generate and verify, requiring fewer computational resources. They use elliptic curves for cryptographic proofs, making them suitable for systems with limited processing power.

  • ZK-STARKs: "Scalable Transparent ARgument of Knowledge" proofs are designed for scalability and speed. They require minimal interaction between the prover and verifier, which speeds up the verification process. ZK-STARKs are also transparent, meaning they do not require a trusted setup, enhancing their security.
  • Bulletproofs: These are short, non-interactive zero-knowledge proofs that do not require a trusted setup, making them ideal for applications needing high privacy, such as confidential cryptocurrency transactions. Bulletproofs are efficient and compact, providing strong privacy guarantees without significant overhead.

Advantages for Blockchain Privacy

ZKPs are instrumental in preserving privacy on public blockchains, which are typically transparent by design. They enable the execution of smart contracts—self-executing programs that perform agreed-upon actions—without revealing sensitive data. This is particularly important for institutions like banks, which need to protect personal data while complying with regulatory requirements.

For instance, financial institutions can use ZKPs to interact with public blockchain networks, keeping their data private while benefiting from the broader user base. The London Stock Exchange is exploring ZKPs to enhance security and handle large volumes of financial data efficiently.

Practical Applications

Zero-knowledge proofs have a wide array of applications across various sectors, enhancing privacy and security:

1. Private Transactions: Cryptocurrencies like Zcash utilise ZKPs to keep transaction details confidential. By employing ZKPs, Zcash ensures that the sender, receiver, and transaction amount remain private, providing users with enhanced security and anonymity.

2. Decentralised Identity and Authentication: ZKPs can secure identity management systems, allowing users to verify their identity without revealing personal details. This is crucial for protecting sensitive information in digital interactions and can be applied in various fields, from online banking to voting systems.

3. Verifiable Computations: Decentralised oracle networks can leverage ZKPs to access and verify off-chain data without exposing it. For example, a smart contract can obtain weather data from an external source and prove its authenticity using ZKPs, ensuring the data's integrity without compromising privacy.

4. Supply Chain Management: ZKPs can enhance transparency and security in supply chains by verifying the authenticity and origin of products without disclosing sensitive business information. This can prevent fraud and ensure the integrity of goods as they move through the supply chain.

5. Healthcare: In the healthcare sector, ZKPs can protect patient data while allowing healthcare providers to verify medical records and credentials. This ensures that sensitive medical information is kept confidential while enabling secure data sharing between authorised parties.

Challenges and Future Prospects

Despite their promise, ZKPs face challenges, particularly regarding the hardware needed for efficient proof generation. Advanced GPUs are required for parallel processing to speed up the process. Technologies like PLONK are addressing these issues with improved algorithms, but further developments are needed to simplify and broaden ZKP adoption.

Businesses are increasingly integrating blockchain technologies, including ZKPs, to enhance security and efficiency. With ongoing investment in cryptocurrency infrastructure, ZKPs are expected to play a crucial role in creating a decentralized, privacy-focused internet.

Zero-knowledge proofs are revolutionising blockchain privacy, enabling secure and confidential transactions. While challenges remain, the rapid development and significant investment in this technology suggest a bright future for ZKPs, making them a cornerstone of modern blockchain applications.


Read more »
Subscribe to: Posts (Atom)