Exclusive Interview with Shen Yu: Revealing for the First Time the Process of Being Phished for 12,000 ETH, and Security Advice for Startup Teams

Author: Wu Says Blockchain

This discussion started with the incident of Bybit being hacked for $1.5 billion, focusing on the security vulnerabilities of multi-signature wallets (such as Safe) and their solutions. Shen Yu pointed out that the infrastructure relied upon by multi-signature wallets, including front-end, hardware, and browsers, has weak points, especially issues related to front-end tampering and blind signing, which lead to discrepancies between transaction intentions and actual operations, making it easy for hackers to exploit. To address this, he proposed temporary solutions such as domain whitelists and transaction parsing plugins, and advocated for an end-to-end closed-loop risk control system that combines AI and third-party verification to enhance security. Additionally, Shen Yu shared for the first time his personal experience of being phished for 12,000 ETH last year, emphasizing the risks of blind signing with hardware wallets and calling for the industry to adopt a layered, decentralized, zero-trust architecture while strengthening security culture. He also mentioned that in the face of nation-state hacker attacks, the industry needs to respond to challenges through technological iteration and increased security awareness. Finally, Shen Yu looked forward to the prospects of the combination of AI and Crypto, believing that AI agents may play an important role in blockchain networks in the future, driving industry innovation.

Reflecting on the Vulnerabilities of Multi-Signature Infrastructure, Proposing Temporary Solutions like Domain Whitelists and Transaction Parsing Plugins, Advocating for End-to-End Closed-Loop Risk Control

Colin: Could you share your thoughts on the Bybit incident and what points you think are worth paying attention to?

Shen Yu: This is actually a very typical situation. The current industry solution for multi-signature relies on many infrastructures and intermediary services developed by multiple parties. Traditionally, this decentralized and distributed approach is less prone to issues, but the problem now is that the applications developed by these various parties and the interactions between hardware technologies have some bugs and potentially weak points. This has led to a series of significant security incidents recently, facing nation-state hacker forces. The essence of this issue is something I have been reflecting on since I was attacked in September last year. Around November, we also reached out to various hardware manufacturers and realized that blind signing is a serious problem, and that the connection from the front-end to desktop plugins to hardware can easily be tampered with. We recognized this as the weakest point. At that time, we immediately contacted OneKey, Ledger, and others to discuss some solutions. During this process, we found that while each party had some solutions, it was ultimately very difficult to implement a solution that could withstand attacks. As someone mentioned earlier, it might take more than half a year to iterate properly, and Ledger has actually developed a systematic solution, but due to contract reasons, they need to be passively updated, which also takes a very long time. The question is how to effectively patch the vulnerabilities or bugs that arise across the entire chain.

Currently, the market lacks an end-to-end solution; we are using combinations from various parties, but during this combination process, unexpected issues arise, giving hackers opportunities. In this process, I personally said that we first created some internal small tools and made some demos. First, we created a domain access whitelist to ensure that the websites opened are safe and not tampered with, which can prevent some typical phishing attacks, especially issues like entering the wrong URL or random webpage redirects. Secondly, we developed a transaction parsing plugin that can run on mobile devices, and even some hardware wallets communicate with the plugin or Safe via QR codes. We check whether the data transmitted by this QR code has been tampered with and then verify the parsed content on the hardware wallet. We created some small plugins, but it felt too scattered; the entire end-to-end process was not fully connected, and there were too many steps to use. Therefore, after this incident, we continued to reflect.

A core point is that our industry has become very large, with trillions of dollars at stake, which will inevitably attract high-caliber hacker teams. In this process, our team members also mentioned that you need to dig very deep both horizontally and vertically. However, because the industry is indeed developing very quickly and iterating rapidly, it often leads to overlooking a series of potential risks while doing business. So, in this process, our current thinking or what we are doing is that we hope, since we have been managing various private keys (hardware and software private keys on the chain), to accumulate a series of risk management capabilities and have some risk control engines. Therefore, we hope that in typical scenarios like Safe, we can act as a custodian, holding one private key, and under this condition, we have a completely independent software and hardware environment, combined with our series of risk control engines for parsing. At the same time, we introduce a series of customized review schemes, along with automated AI parsing, manual reviews, and add some black and white lists, even advanced contract parameter control.

This is actually something we have been using in the DeFi process, but we have not fully integrated it into a product. By adopting this decentralized approach, we ensure that some private keys are not entirely controlled by one team, but rather by independent external third parties, allowing the entire process to be controlled in an end-to-end closed loop. This is our current idea, and we are indeed operating this way in the process of on-chain DeFi, because EOA is particularly easy to be phished, and migrating to multi-signature faces similar issues as Bybit, with a particularly long chain and various risks. Our current thinking and solution is to introduce an independent third party, which brings its completely independent technology stack and integrated hardware and software solutions, including risk control engines, and even adds some AI capabilities to complete a closed loop from transaction initiation and parsing, risk control review, to signature coordination, attempting to avoid the very patient and long-term infiltration attacks from nation-state hackers.

Shen Yu's Phishing Experience, Emphasizing the Risks of Blind Signing with Hardware Wallets, Need for AI and Third-Party Verification

Colin: You also mentioned the phishing issue with EOA. We know that last year you might have accidentally had a portion of your assets phished. Can you recall what happened at that time, and whether the money was eventually transferred by so-called North Korean hackers?

Shen Yu: My background at that time was that a project was distributing airdrops, and I wasn't in great shape, so I got distracted and clicked on a wrong link, which was problematic. The issue was that the funds reached the hardware wallet side, and we actually had a risk control mechanism for domain and DNS resolution, but that mechanism was bypassed, and our risk control did not trigger. After bypassing, I was a bit distracted, so I didn't check carefully, and when it reached the hardware wallet side, it was blind signing. After I pressed that button, I felt something was wrong, so I immediately checked and found out that it was not right, and the rest is what everyone knows. After this incident, we went to solve the blind signing issue with hardware wallets. During this process, around last National Day, we had meetings with OneKey and others and found that the problem was not easy to solve. Because EOA is easy to be phished, especially targeted and "attacked." So we turned to using Safe for multi-signature, and during the multi-signature process, I found that this problem somehow became more serious, because basically every transaction was blind signing, and we had to create many small tools to try to solve these issues. Ultimately, a closed-loop solution is needed, requiring our hardware wallets to achieve the goal of integrating software and hardware, because the hardware UI is indeed the last point of verification, and we also need to introduce some independent third parties that can prevent interception and alert when human states are not right. This is also why we started iterating and trying to productize this area.

Reasons for the Absence of "Shanzhai Season": Lack of Driving Force and Expectation of National Reserve Decisions to Promote Market Development

Colin: Additionally, last year you were the first to raise the issue of the absence of "shanzhai coins," which sparked a lot of debate. Some people, including many well-known figures, criticized that there must be "shanzhai coins," while others agreed. Then in December last year, the "shanzhai coin" market was indeed very short-lived. At that time, you might have thought that the "shanzhai coin" market was coming, saying that "shanzhai coins" had already started. But not long after, it seemed that "shanzhai coins" again, as you initially said, were almost nonexistent in this cycle. Of course, we are not making predictions; for short-term predictions, as someone once said, only God knows. But do you have any new thoughts now, feeling that in this cycle, "shanzhai coins" are almost impossible to appear, mainly because it is within the cycle of Bitcoin's market? Also, do you not think that the so-called bull market has ended, or that we are about to start transitioning into a bear market phase?

Shen Yu: My current feeling is that over the past two or three years, aside from some minor emotional hotspots, the entire industry still lacks a very clear landing application and real demand scenarios like in 2020 and 2021. I think the fundamental problem lies here. Without intrinsic driving forces, there won't be new truly valuable application assets settling down. On the other hand, in this cycle, a large number of players have actually remained in the traditional US stock market, trading through ETF allocations and platforms like Robinhood, and they do not truly own cryptocurrency assets. Therefore, a lot of money has not stayed in the market, nor has there been the expected spillover effect from Bitcoin and Ethereum to other coins. With these two factors combined, it seems that the "shanzhai coin" market is also driven by short-term emotions, lasting only a few weeks, without a widespread explosion, and I am still maintaining my previous judgment.

My viewpoint this year, or my expectations for the market, is that I think the market may develop well in the second half of this year, possibly from June to October, as the national reserve-related matters in the US gradually become clearer and proceed, the entire industry or market may see a significant influx of new funds. However, at this stage or in the short to medium term, we may not be able to solve problems at the application level. It seems that there is not such a frenzied inflow of funds in the market or off-market. So I am placing more expectations on the second half of the year.

I am not judging this matter today; it may ultimately depend on whether the national reserve-related matters in the US can yield some results this year. If there are no results, the market may end. At this moment, we feel that the probability of passing is still relatively high, but it is hard to say, so I am placing more expectations on the second half of the year. (This Space was published on February 25, and in March, Trump signed an executive order on Bitcoin national reserves.)

Summary of Historical Hacking Cases: Responding to Nation-State Hackers Requires Layered Decentralization, Zero-Trust Architecture, and Security Culture Penetration

Colin: Actually, Shen Yu, you are also an old player in the crypto circle. It's been many years since I joined in 2017, and there have been countless hacking incidents in the history of the crypto world, all kinds of thrilling experiences. Of course, this time the amount stolen from Bybit set a historical record, but it itself is also profitable enough to cover the losses. In your historical memory, including from a long time ago, what are some of the most memorable hacking experiences that are worth sharing?

Shen Yu: I think the offense and defense have always been upgrading. The earliest attack methods were very primitive. We practitioners must realize that we are facing nation-state forces; these are not ordinary hackers. They are organized and have been intensively trained since their teens, using various methods to attack core facilities and infiltrate our companies, even challenging us on a human level. Everyone must clearly recognize that we are facing such opponents. In this process, people can become complacent, and human nature can present some issues. Ultimately, we must adopt methods and approaches that can withstand these attacks.

In the history of the internet, Cobo may be one of the earliest companies with a Chinese background to adopt the zero-trust model as a security methodology. We adopted this methodology because it has been proven to withstand the infiltration of nation-state forces. Therefore, we began implementing zero-trust transformations internally around 2018 and 2019, requiring all our internal services and all employees' computers and mobile phones to install various security measures. Once we recognized this, we had to adopt this solution and ensure that all our systems were in a state of minimal trust.

At the same time, the core asset for us is private keys, and we must introduce layered, decentralized, and distributed thinking. What does layering mean? We must break down wallets into very scattered parts. I previously shared my four-wallet theory, which is at the personal level. But at the institutional level, there should at least be a three-tier wallet architecture of hot, warm, and cold wallets, and each layer may have its own characteristics, along with black and white lists and a series of processes, including time delays. Many times, in pursuit of efficiency, especially in this rapidly developing industry, we compromise security and sacrifice safety. However, mandatory time delays can significantly reduce your security risk exposure, especially at the cold and warm wallet levels. We must implement layering and set different security risks for each layer, establishing a set of auditing systems and processes to mitigate these systemic risks. The cold wallet should ideally be at the physical level to ensure absolute security.

The second point is decentralization. As the industry has developed over the years, the number of participants has increased. Initially, we might not have had solutions and could only trust our internal team to do some things. Now, with the popularity of remote work, internal employees have also been infiltrated by North Korean forces, even obtaining high-level permissions within the organization. Therefore, we cannot fully trust this internal process. At this level, we must decentralize and introduce independent third parties to control some private keys and conduct verification, which is also very critical. There are now many custodial companies, security firms, and insurance companies that can hold different levels of private keys, whether they are hot wallet keys, warm wallet keys, or cold wallet keys. They act as independent third parties with their own security solutions to manage and control risks. Through a series of measures, we can exponentially increase the cost and threshold of attacks.

Finally, there is the aspect of distribution. We may have done well in distributing our hardware and software globally because everyone is generally in a more dispersed state. From this dimension, we must use a minimal trust system and design our entire internal system and architecture based on the zero-trust risk design concept, combined with layered, decentralized, and distributed management of core assets, equipped with a series of hardware and software security modules, as well as strict internal access control processes, and establish a closed-loop management system for the security lifecycle. Additionally, we may have some emergency response and resolution plans during and after incidents, which can help us survive longer in high-risk and uncertain attack events.

Compliance Exchanges Invest More in Security, Offshore Exchanges Lack Sufficient Security Measures Due to Growth Pressure

Colin: I personally want to understand why compliant exchanges like Coinbase or others seem to have fewer hacking experiences, while offshore exchanges almost never escape being hacked, and many exchanges have been hacked multiple times. What is the reason for this? I don't quite understand. Theoretically, can't offshore exchanges use the same architecture? Because offshore exchanges have larger amounts of funds or operate differently. I wonder if any security experts can answer this question. Additionally, Shen Yu, do you think that facing attacks from North Korean hackers will make it very difficult for entrepreneurs in this industry, causing the costs or investments needed for security to become very high, significantly hindering the development of this industry? Can the industry withstand attacks from North Korean hackers? It seems that there is some doubt about this now.

Shen Yu: Let me add that my intuitive feeling is that compliant exchanges may place more emphasis on security over efficiency. For example, they may have stricter controls in some areas, so their investment in security is also very large.

Offshore exchanges theoretically have a lot of funds and can invest more in security. Whether it is early Binance or others, including this incident, it seems that hacking is still quite frequent.

Perhaps it is because offshore exchanges face significant growth pressure, needing to iterate frequently, and there are many user complaints. However, in compliant exchanges, ordinary users do not have such high expectations, and withdrawal requests are not as urgent. Some large withdrawals even have T+1 or T+2, and I have even seen T+7, which users can accept because the customer base is different; the customer base of compliant exchanges is mainly institutional. These two types of exchanges may have a long history, and I don't know if they have experienced hacking incidents; they should have a lot of internal experience in dealing with security issues, essentially viewing security issues as a rite of passage for enterprises.

I believe that as long as there is enough profit margin in this industry, investing in some SaaS products can certainly attempt to meet the pain points and needs of this industry. However, currently, everyone’s security awareness or willingness to pay is not that strong. We also see many excellent security products, but everyone is earning hard-earned money, and even balancing costs is difficult, needing to rely on other aspects for subsidies.

This aspect is indeed a problem, but I feel that as the offense and defense upgrade, everyone is gradually realizing that security is very important, and investment in security will increase. This also provides a certain development space and funding for companies focused on security SaaS. From the perspective of security and architecture, there are effective and verifiable solutions, but in the case of Safe, there are about four to five participants in the upstream and downstream. To complete a transaction, coordinating and collaborating among each participant is very slow, and hardware iterations are particularly slow, leaving hackers with a time window.

Once issues in the blockchain industry are fully exposed and discussed, they should be solvable through one or two cycles of iteration. Additionally, Web2 faces similar problems, although the resources invested in security issues in Web2 are not as large as in the blockchain industry. We see that measures like Passkey, which aim to protect password security, have been promoted for many years and have only started to see widespread use in the past year or two, especially in sensitive financial areas. Therefore, these underlying technologies can be reused and developed, including the Apple devices we use, which are also rapidly iterating on security. Ultimately, there are solutions; it may just require some time and financial investment. In this process, some developers with weak risk awareness and aggressive actions may bear some costs, but the problems can be solved.

Security Advice for Entrepreneurs: Practice Zero-Trust Model, Multi-Audit Cross-Verification, Regular Security Drills

Colin: For entrepreneurs, a recent startup project was hacked for $50 million, although many in the community are supporting them. As someone with many years of experience, having gone through so much, what advice can you give to help entrepreneurs improve their security awareness?

Shen Yu: I think it is crucial to practice the zero-trust model during the entrepreneurial process. Only in the current environment can this methodology and concept protect everyone. At the same time, do not rely on single points of failure and unilateral contract audits; the basic requirement is to have at least two to three firms conduct audits, requiring some cross-verification to expose issues in the process. Additionally, do not increase the amount of funds too quickly; in the early stages, you can gradually increase the amount of funds through internal testing and public testing, while isolating the funds to manage risks relatively well.

In fact, there are many security solutions in the industry that are not very expensive, such as secure monitoring and risk control systems, which everyone should utilize to significantly improve survival probabilities.

In the entrepreneurial process, on one hand, the business model should consider the user side, especially for entrepreneurs without a technical background. They must pay considerable attention to security and internal zero-trust architecture, at least dedicating 20-30% of their attention to this. If the company does not emphasize internal security culture and systems, and does not conduct regular internal phishing tests and offense-defense drills, people will become complacent from the employee and human nature perspective. It is important to know that hackers may be watching you at any time. Therefore, resources and attention must still be focused on security.

Colin: Yes, I feel that in the process of growing this industry, almost no company, whether the owner or the company itself, will escape the experience of being hacked. Fortunately, as long as this time does not crush them, both individuals and the entire industry will make some progress.

Why Not Participate in This Round of Memecoins: Health Issues, Focus on AI

Web3 Dumpling: Shen Yu, you have been in the crypto industry and are a well-known figure in this field. In the early days, Cobo Wallet might have led everyone to mine together, and I participated in that. In this year's market, I noticed that you have said very little about industry-related matters. Including the link you posted today, the mention of PVP was just a brief mention. I am more concerned that for the industry, it seems that after the last wave of the market, the industry has reached a bottleneck. I want to ask Shen Yu, where do you think the next windfall will be?

Colin: Yes, Shen Yu, you have always liked to play with various new things, but it seems that in this round of Memes, you haven't participated particularly. What is the reason?

Shen Yu: The main reason I don't engage with Memes is that my health really can't handle it; I can't compare with the post-00s. Another factor is that I have been focusing my attention on AI recently. AI seems to have some disruptive combination with cryptocurrency in the future, which may bring new increments. Over a year ago, we proposed at an offline event that the ultimate users of cryptocurrency may be AI agents or AI robots, rather than humans. Therefore, I have been spending a lot of energy learning to use AI. I really can't keep up with PVP; when I usually participate, I just end up giving money to everyone, and there isn't much positive feedback, so I am mainly focusing my energy on AI.

Looking Forward to the Prospects of AI and Crypto Combination, Believing AI Agents May Play an Important Role in Blockchain Networks in the Future

Colin: What do you think about AI now? Because there was previously a wave of so-called AI agents, which fell sharply, and I have many friends around me who went bankrupt from speculating on AI. Do you think that during this period, AI agents have produced anything attractive? What do you think are the better application directions for AI and cryptocurrency in the future?

Shen Yu: I think the core at the bottom is that AI's capabilities have not yet reached that stage; we are still in a conceptual verification phase. We can see that the development speed of AI is particularly fast, with underlying computational models iterating continuously. We expect AI to reach a future state of having general AGI (Artificial General Intelligence).

Regarding cryptocurrency, there are two points. On one hand, it is very friendly to completely digital things because the data is open and transparent. Therefore, AI may change the way we interact; for these complex smart contracts and anti-human security operations, we should be able to rely on some reliable, intelligent AI agents to assist us in decision-making. I often joke that when I operate decentralized finance, I must remotely arrange a few AI agents to keep an eye on things. In the future, it may really take that form, with AI engineers and perhaps one or two AI agents watching the screen. Looking ahead, AI may indeed connect to blockchain networks.

We can envision a scenario where AI agents need to interact with each other, including value exchanges and data exchanges, which may also involve contract-level matters, even forming loosely structured companies or DAOs. They may use smart contract platforms for value exchanges. I think that in three to five years, a social network or value social network similar to Web will emerge on the blockchain, which will ultimately be used by these AI agents. Once this thing appears, the value and impact it brings may be very large. We have always talked about the network effects of Web3; the asset scale or value brought by this may far exceed what we see in traditional internet companies today, so this could be something larger than the current trillion-scale. I have been thinking about what this is and what we can do within it. I am quite optimistic; although the industry has not seen good application directions in the past two or three years, I believe that good applications should emerge in the future, and there are some obstacles we may be able to solve, so I look forward to that day.

Solutions for Blind Signing Issues with Safe Wallets: Enterprise Signing Tools + AI Risk Control + Black and White List Management

TheCheerSong: I am a trader engaged in on-chain automated trading. After this incident, while our business cannot stop, we are also upgrading our security measures. I feel that the most troublesome part is still the blind signing part of the Safe wallet. What we can do now is that we have some open-source permission control modules, and we have applied them to the Safe wallet. In this usage process, we have automated most of the transaction requests, so the Safe wallet is basically only used for some manual token transfer operations. I would like to ask the experts if there are currently any tools available to verify our signature content for relatively simple requests?

Shen Yu: Actually, someone just mentioned that we are about to release a set of internal tools next week, and we have productized this set of enterprise signing tools for Safe. Essentially, it involves obtaining a Safe private key and using machines along with some black and white lists, including some risk control templates. You can customize some common risk control measures, such as limiting token amounts, transaction speeds, and setting black and white lists. Coupled with the capabilities of AI agents and considering situations of significant losses, we can clarify this process while managing risks.

This solution, combined with Cobo's previous contract and parameter-level control based on access control lists on the Argus chain, is what I feel is currently necessary. Only by doing this can I feel secure when my large funds are traded on-chain. This is the security practice we are currently using.

Expert Opinions on Wallet Security Issues in the Bybit Hacking Incident

During this Space, BlockSec CEO Professor Zhou Yajin, OneKey Chief Growth Officer Nig, and Cobo Chief Security Officer Moon also expressed their views.

Regarding the exchange security issues in the Bybit incident, Professor Zhou Yajin stated that the incident occurred due to inconsistencies between operations and actual transactions when using Safe contract wallets to manage funds, leading to malicious upgrades of the wallet and theft of funds, with the reasons not yet disclosed. Many project parties believe that using Safe multi-signature to manage wallets is secure, but they overlook that security encompasses operational, non-technical, and technical system construction. There are vulnerabilities in private key management and transaction interpretation, such as insufficient custody, signing, and transaction parsing, leading to poor handling of security aspects due to user-friendliness when ensuring the physical security of private keys. The trust chain for large fund multi-signature transfers is long but lacks dual verification of transaction interpretation and operational interface information by third parties. Therefore, managing large funds with contract wallets requires introducing third-party verification and certification, as well as implementing whitelists or decentralization, and applying flexible strategy controls to contract wallets.

Regarding the frequent front-end tampering of Safe wallets and the security of mainstream multi-signature solutions, Moon believes that the Safe solution and contract itself are relatively secure; however, the long trust chain during application can lead to unexpected situations. The attack on Bybit is likely a problem at the outsourcing level rather than a contract issue, highlighting the importance of daily security awareness enhancement. To use Safe wallets securely, one must consider both vertical and horizontal aspects. Vertically, each link should have controllable technical solutions, such as independent devices; horizontally, multi-signatures must be independently verified by signers. A long trust chain can lead to cross-linking, allowing hackers to bypass verification. Therefore, horizontal expansion should not only increase the number of signers but also ensure that the signer solutions and environments are independent and verified to fully leverage the role of Safe. Additionally, exchanges and high-net-worth individuals should establish strict mechanisms for manual reconciliation and monitoring anomalies, utilize automated programs for auditing, and enhance security awareness to avoid Web2 attacks. Furthermore, Cobo will also launch an MPC plus Safe management solution, leveraging Safe's multi-signature capabilities to ensure that different signers have independent and complete end-to-end signing links.

Regarding hardware wallet-related issues in the Bybit incident, Nig stated that Bybit uses NPC to control EOA wallets (due to their signatures being easy to parse), while Safe smart contract wallet signatures are complex and difficult to parse, and the security team may not have detected this in time. Existing hardware wallets (such as Ledger) have limited performance and struggle to handle complex smart contract parsing and blind signing. If measures had been taken earlier, this attack might have been avoided. Shen Yu's team and OneKey have developed related parsing tools. Ledger's Clear Signing progress is slow, and signature data transmitted from connected devices can be contaminated; relying solely on hardware wallet parsing to ensure intention consistency is insufficient. Bybit lacked early warnings, and after the first signer was compromised, others blindly signed due to device issues. It is recommended that high-net-worth individuals and institutions isolate devices related to fund transactions from office equipment to reduce intrusion risks; the previous Radium hack may have occurred due to a lack of environmental isolation.

Regarding the security of Safe, third-party monitoring functions, and the application of AI in blockchain security, Professor Zhou Yajin believes that Safe contracts have historically been highly secure and have undergone multiple reviews, but the lengthy usage process introduces risks. The falcon Safe security system developed by his team can examine user transactions from a third-party perspective, parse transaction content, and alert key information regarding transfers and contract interactions, lowering the user cognitive threshold and avoiding security issues. In terms of AI applications, on one hand, AI lowers the cost of malicious acts, making it easier to batch generate phishing tools; on the other hand, the industry is exploring the combination of AI and auditing, as well as automated auditing code. Although it is far from the ideal state, AI can lower the barriers for cryptocurrency users to use products and help solve complex user operation issues.

Regarding hardware wallet-related issues, Nig responded that the company will not, like some peers, promote increased sales after being hacked on exchanges. While increased sales are good, they also reflect that many people have just begun to pay attention to private key security. In this security incident, hardware wallets bear some responsibility, and the performance of Ledger and Safe did not meet expectations; Safe has stopped front-end and native support. The previous generation of hardware wallets had limited parsing capabilities due to security considerations, while new generation products like Ultra and Pro will enhance local complex contract parsing and support the parsing of core transaction elements. Classic will also select key parts for display; the app will achieve mainstream EVM transaction parsing, while the hardware side is slightly delayed due to security testing. Regarding Safe, methods to resist related attacks will be demonstrated soon, along with user security education. In the future, despite the diversity of technologies, such as OKX's lack of active integration with hardware wallets and institutions pushing NPC wallets, the risk of exposing mnemonic phrases in connected environments during the signing process means that hardware wallets will always revolve around the core of physical isolation. Even with changes like mnemonic standard upgrades, the core security defenses will not change.