#TradeLessons Ukrainian cybersecurity, finance, and accounting specialist Dmytro Budorin speaks about critical structural weaknesses in the protection of centralized exchanges as follows:
Currently, most losses in Web3 arise not from errors in smart contracts but from operational mistakes, particularly in the areas of access control and signer security. This emphasizes the need to prioritize these aspects in every serious Web3 project.
The main structural weaknesses in the protection of centralized exchanges can be considered:
Insufficient security in signer interfaces. In the Bybit attack, a vulnerability in the Safe{Wallet} signing interface was exploited, where attackers injected malicious code via JavaScript. This allowed them to manipulate the transaction and rewrite the wallet logic, enabling attackers to access funds.
Vulnerabilities in multisig systems. Although multisig wallets like Safe{Wallet} are an important element for ensuring security, their use is often subjected to attacks due to weaknesses in operational security and working with signers. Cases such as hacks on Bybit, WazirX, and Radiant Capital confirm that insufficient attention to transaction verification and weak operational processes lead to significant losses.
Lack of automated monitoring and quick response. There are no anomaly detection systems in transactions that occurred during manipulation with the signing interface.
To prevent this breach, better access control and signer protection mechanisms should be used, such as:
Automated monitoring at all stages of transactions with AI integration for detecting anomalies, significant changes in balances, and other suspicious operations.
Human verification of alerts about suspicious transactions that might be missed by automated systems, as well as signatures based on EIP-712 for clear verification of transaction data by signers.
Using hardware wallets for signers to protect against malicious manipulations through the signers' computers.
Additionally, we recommend the following security practices:
Minimizing the complexity of smart contracts and reducing the attack surface. Use specialized multisig contracts that only support necessary operations, such as transfers of ERC-20 tokens or native tokens, and avoid unnecessary features such as general delegate calls. This reduces the attack surface and simplifies auditing.
Ensuring offline components. Web interfaces, SDKs, and other tools used to interact with multisig should be part of the security perimeter. It is important to implement security measures such as JavaScript pinning, integrity checks, and supplier security controls.
Conducting professional vulnerability tests (Penetration Testing). Regular vulnerability testing helps to identify potential weaknesses in the infrastructure.
Considering human factors. Security is not only about technical solutions but also education, organizational policy, and operational discipline. Without this, nothing can be achieved.