signature

According to GoPlus analysis, the stablecoin protocol StablR had security issues with its multi-signature contract settings on Ethereum (multi-signature threshold of 1), and the holder's private key was stolen, resulting in StablR $EURR and $USDR stablecoins being depegged by 20%. The attacker has profited approximately $2.8 million.

According to Slow Fog's Yu Xian monitoring, multiple user wallets of Bankr have been stolen. @bankrbot replied that the incident was a social engineering attack targeting the trust layer between automated agents, specifically involving the interaction between Grok and Bankrbot, which led to unauthorized transaction signatures.

On May 14, BNB Chain released the "BSC Post-Quantum Cryptography Migration Report," stating that it has completed the migration testing for quantum-resistant cryptography for transaction signatures and the consensus layer, using the NIST standardized post-quantum signature algorithm ML-DSA-44 (Dilithium) and the pqSTARK aggregation scheme.The report shows that BSC has replaced transaction signatures from ECDSA to ML-DSA-44 and switched consensus voting aggregation from BLS12-381 to pqSTARK to address the potential threats posed by future quantum computing to the existing elliptic curve cryptography system. However, post-quantum signatures also significantly increase the on-chain data volume: the size of a single transaction has increased from about 110 bytes to approximately 2.5KB; the block size in a 2000 TPS scenario has increased from about 130KB to around 2MB; and the TPS in the testing environment has decreased by about 40%-50%.BSC stated that the current network bottleneck mainly comes from the larger transaction data propagation, rather than the consensus protocol itself. Meanwhile, the consensus layer aggregation still maintains high efficiency, with pqSTARK achieving a signature compression ratio of about 43:1, and the additional burden on validators remains within a controllable range. The report concludes that existing technology can achieve "quantum-resistant" deployment for blockchain, but future issues related to network bandwidth and data scalability still need to be addressed.

The Ethereum Foundation officially launched the Clear Signing open standard on Tuesday, aimed at replacing the unreadable hexadecimal strings displayed when wallet users sign transactions with human-readable transaction content.This standard is centered around ERC-7730. When a wallet supports this standard, it will read the descriptor file of the contract and reconstruct the raw transaction data into understandable content, such as displaying a Uniswap V3 swap as sending 1,000 USDC and receiving at least 0.42 WETH. ERC-8176 adds an integrity certification layer on top of this, allowing auditors to publish signature certification confirming the accuracy of the descriptors. Participants include hardware wallets (Ledger, Trezor), software wallets (MetaMask, WalletConnect), security companies (Cyfrin), and infrastructure (Fireblocks), among others.Blind signing has been a significant cause of losses in crypto assets. The $1.5 billion vulnerability at Bybit in February 2025 and the approximately $235 million WazirX incident both involved signers approving transactions that did not reflect the true intent. Ledger initiated this project in 2021, formalized it as ERC-7730 in 2024, and transferred governance to the foundation earlier this year to ensure the neutrality of the standard. The ERC-7730 V2, released in April 2026, has expanded its coverage to cross-chain use cases, software wallets, and confidential token primitives.

The working group led by the Ethereum Foundation has released a new open standard called "Clear Signing," aimed at addressing the long-standing issue of "blind signing." This new standard is built on the ERC-7730 specification and aims to promote the "WYSIWYS (What You See Is What You Sign)" concept, allowing users to understand the actual execution content of transactions in a unified, readable, and structured manner before signing. This replaces the current common practice of displaying machine-readable but difficult-to-understand low-level transaction information. By using a unified description format, a registry system, and independent verification and auditing mechanisms, the intent of transactions can be clearly expressed and standardized for presentation on wallets.Clear Signing will not change the on-chain transaction structure but will enhance interpretability through off-chain standardized descriptions, thereby improving security without affecting the compatibility of existing protocols.

LayerZero Labs posted on the X platform that the internal RPC used by LayerZero Labs was attacked by the Lazarus Group in the past three weeks, resulting in the compromise of the true source of its DVN (Decentralized Verification Network), while external RPC providers faced DDOS attacks. This incident affected 0.14% of applications and approximately 0.36% of asset value.LayerZero Labs stated that asset security is currently intact, and since April 19, over $9 billion in funds have been completed across chains through the protocol. In response to security risks, LayerZero Labs has stopped providing services for its DVN in a 1/1 configuration, and all default configurations for channels will be migrated to at least a 3/3 or 5/5 multi-DVN mode.Additionally, in response to an incident three years ago where multi-signature holders mistakenly used hardware wallets for personal transactions, LayerZero Labs has removed that signer and changed wallets, while also developing a OneSig custom multi-signature system. LayerZero Labs recommends that developers lock configurations to avoid relying on default settings and plans to launch an asset management platform Console to enhance security monitoring.

According to Reuters, the Bitcoin Initiative, which aimed to push the Swiss National Bank to include Bitcoin in its reserves, is expected to be terminated due to its failure to obtain the 100,000 signatures required to trigger a referendum.As the 18-month collection period nears its end, the initiative has only gathered about half of the signatures. The Swiss National Bank reiterated that the price volatility of cryptocurrencies and insufficient market liquidity do not meet its foreign exchange reserve requirements. Yves Bennaim, founder of the Bitcoin Initiative, stated that although the initiative will become invalid, related discussions have made some progress.

According to market news, LayerZero Labs co-founder and CEO Bryan Pellegrino had a heated debate with security researchers today in the ETHSecurity Community Telegram group. The core controversy includes: since LayerZero Labs can immediately upgrade a default library contract without a time limit to forge messages (similar to the case where rsETH was hacked), the LZ OFT, valued at over $3 billion, is recently at risk of being stolen; researcher Banteg pointed out that mainstream projects like Ethena and EtherFi were still using this default library contract weeks ago, and currently, there is still $178 million worth exposed to risk, with these funds coming from projects that are still using the default library.On-chain data shows that LayerZero Labs multi-signature signers participated in non-multi-signature activities such as meme coin trading, DEX exchanges, and cross-chain bridging, which means that the multi-signature keys in the formal environment were connected to websites, increasing phishing risks. Regarding the multi-signature signers of LayerZero using production environment keys for trading activities, Bryan confirmed that the related transactions were completed by members of the multi-signature team, but denied that it was "meme coin trading," explaining it as "testing PEPE on the LZ OFT token standard," and stated that the involved member has been removed. Bryan also suggested that project parties "directly fix configurations" instead of using default configurations to reduce risks. Banteg subsequently tagged a long list of LayerZero users still using the default library contract, pointing out that these projects should migrate to fixed configurations as soon as possible.

A certain crypto KOL posted on platform X that the address ranked first on the Bitcoin billionaire list is a Binance-related address, which is a wallet address starting with "3" and holds over 200,000 BTC. He questioned the security of Binance storing such a large amount of Bitcoin in a single address and expressed concerns about the risk of private key collision cracking. In response, CZ stated, "The one starting with 3 should be a multi-signature, right? You would need to collide more than 3 private keys? Trust the math."Analysis suggests that this address is highly likely using a multi-signature mechanism. Even if there is a theoretical possibility of private key collision, the actual difficulty of cracking it is extremely high.

Purrlend announced that it encountered a security incident during the deployment of HyperEVM and MegaETH, resulting in a loss of approximately $1.52 million.The attacker breached the team's 2/3 multi-signature wallet, granting permissions such as BRIDGE_ROLE to a malicious EOA, and minted unbacked pUSDm and pUSDC through mintUnbacked, using them as collateral to borrow assets from the pool. Purrlend stated that it has suspended the protocol, revoked related permissions, and is working with security teams, law enforcement, and cross-chain bridge partners to track and attempt to recover the funds.

According to The Block, the Solana ecosystem multi-signature protocol Squads announced the completion of a $18 million strategic financing round, led by Solana Ventures, with participation from Coinbase Ventures, Haun Ventures, L1D, and others. This round of financing is an equity round, bringing its total financing amount to $42.9 million. Squads will use the funds from this round to expand its stablecoin enterprise financial platform, Altitude.It is reported that Altitude, the stablecoin payment platform under Squads, allows businesses to conduct 24/7 global payment settlements in stablecoins through self-custody wallets, and connects to the global payment network through compliance and risk control systems.

The Solana Foundation stated that its core development team Anza has reached an agreement with Firedancer, a subsidiary of Jump Crypto, on a potential post-quantum solution, planning to introduce a new digital signature scheme called Falcon.Although the threat of quantum computing is not expected to materialize for several years, Solana has developed a phased upgrade roadmap. This plan includes ongoing research into Falcon and other alternatives, introducing post-quantum solutions for new wallets when necessary, and ultimately completing the migration of existing wallets. Currently, the quantum-resistant primitive Winternitz Vault, developed by Blueshift, has been running on Solana for over two years. The Solana Foundation stated that the network's high-speed, low-latency design can accommodate such solutions, and the migration is not expected to have a significant impact on performance.

According to Arkham monitoring, the zkPass team's multi-signature address (0xEF1) transferred a total of 10,000,000 ZKP to Binance in the past 30 minutes, worth approximately $796,100.Currently, the circulating supply of ZKP is 268 million, and this distribution amount accounts for about 3.73% of its total circulating supply. ZKP is currently priced at $0.07964, with a 24-hour decline of 7.35%, and its circulating market capitalization is currently $21.37 million.

According to on-chain analyst Ai Yi's monitoring, an early Ethereum whale has once again transferred 10,000 ETH (approximately $23.21 million) to a multi-signature address, which may sell the received tokens soon. The address 0x26c...B9392 has accumulated a total of 12,001 ETH deposited to OKX over the past two months, with a total value of $24.62 million. Based on past experience, the ETH transferred to this address will typically flow to exchanges in batches later.

According to Arkham monitoring, the multi-signature address (0x946) has distributed a total of 2,499,000 EVAA to 10 addresses in the past 10 minutes.The specific operations include transferring 250,000 EVAA to each of 5 addresses 1 minute ago, and transferring a total of 1,249,000 EVAA to another 5 addresses 9 minutes ago. According to CMC data, the current circulating supply of EVAA is 6,610,000, and this distribution accounts for approximately 37.8% of its total circulating supply. Some of the receiving addresses have previously transferred the tokens to exchanges or sold them on DEX.

According to Arkham data, the suspected team multi-signature address (0x33E) distributed 50 million AIOT in the past 32 minutes. These tokens were transferred in 10 transactions to different addresses, each amounting to 5 million tokens, totaling approximately 1.858 million USD in value.CMC data shows that the current circulating supply of AIOT is 283 million tokens, the current price is 0.03678 USD, and the 24-hour decline is 11.28%.

Sonic elaborates on its technological path towards the "post-quantum era," pointing out that most current PoS public chains rely on elliptic curve signatures (such as ECDSA, Ed25519), which are at risk of being cracked once quantum computing (like Shor's algorithm) matures.Sonic states that the industry is exploring post-quantum cryptographic solutions (such as hash-based XMSS, SPHINCS+, and lattice-based Dilithium, Falcon), but mainstream consensus mechanisms generally rely on BLS aggregate signatures and threshold signatures, making the transition to post-quantum systems face challenges in performance, bandwidth, and architectural reconstruction. In contrast, Sonic's SonicCS consensus protocol does not rely on aggregate signatures or global randomness, but instead uses single-node signatures and hash functions to construct a DAG structure. Therefore, when switching to post-quantum cryptography, only the signature algorithm needs to be replaced to complete the upgrade, without the need to adjust the consensus logic or network structure. Sonic emphasizes that this design will significantly reduce the complexity of future migrations to post-quantum security, enabling the network to have stronger adaptability when quantum computing threats arise.

According to Arkham monitoring, a suspected team multi-signature address (0x5b54...9C0f) transferred 687 million SENT to a new address (0xF9D7...262A) 20 minutes ago, worth 11.52 million USD.According to CMC data, this transfer accounts for 9.49% of the total circulating supply of SENT.

According to crypto analyst Ai Yi @ai_9684xtpa, "ETH 1CO 1 million ETH whale" transferred 2,000 ETH to a multi-signature address 8 hours ago, worth approximately 4.63 million USD.On-chain data shows that this receiving address has historically transferred ETH to OKX multiple times, which is considered its common withdrawal path. The source address of this transfer has frequent interactions with block builders BuilderNet and Titan Build.

According to Ember Monitoring, the Lido Growth Committee withdrew 4.82 million LDO (approximately 1.81 million USD) from Binance early this morning and transferred it to a multi-signature wallet managed for the purpose of executing buybacks.When the buyback proposal was released on March 27, the price of LDO was 0.27 USD, and the current price of LDO has risen by 40% to 0.38 USD.