ADOPT TIMELOCKS

“you can do, DeFi custody in the right way, and it's been actually, some of the oldest protocols have been doing this the right way, which is, governance under time locks. And where there are multisigs that have, like, custody of funds, they need to be under time locks. And then for immediate reaction time, you have these, like, freezing multisigs that can react right away, but you need this, like, the custodian of the assets to always like, any sort of, like, unexpected movement that can be done with the assets, you need this under a time lock. This is a this is a massive, deterrence, to North Korea.”

“this actually had a compounding effect in that, there's a lot of positions on Aave because they rehypothecate the ETH collateral quite heavily. This liquidity issue now turns into a solvency issue on the USD markets potentially. So that the there's a lot of positions there that are ETH collateral borrowing stable coins. And so, normally, when the market is is there's there's enough liquidity, the liquidations on a ETH USD position can function just fine. The problem is is that with an impairment in the ETH market, if the price of ETH drops, there's no more liquidity to sell and then recap like, recapitalize or basically pay off the loans that are reaching margin calls.”

“The other the other kind of weak point here was that the KelpDAO team used, like, a one of one DBN, which means that you're just relying on the layer zero laps, sort of core infrastructure. If they had used, you know, a deviant set that required two of three or something like this with different independent operators, it would have been this much harder for North Korea to, like, compromise each of these independent organizations. So I think that was that was clearly a failure as well as is using a one of one implementation was, you know, not the right choice.”

“I think Bitcoin's totally fine. I do though think that they will burn those coins or freeze them or do something. They're not gonna let a $100,000,000,000 of Bitcoin get burned. But what I think the sorry, using another analogy here, but the other analogy of an ideological movement doing this is like the church, which everyone loves to compare Bitcoin to. I think it'll be fine. I mean, the church kinda went through this when they had to reconcile with the Roman emperor and, like, you and I wouldn't care about this, but in Christianity, you can only worship one god. Roman emperors were version like, worshiped as gods. How do you reconcile?”

“we need sort of, like, independent risk ratings within within DeFi. Right now, there's, like, a a, like, an incentive problem with, with, like, the the managers of these risk curators, I guess, is the term that's used. So, like, basically, the ones who are optimizing for growth, revenue are the same ones that are underwriting the risk of the collateral that are being onboarded. And so this is not what happens in in TradFi. There's, like, the risk side and the growth side are two separate and, like, you know, walled off entities such that the growth side submits a proposition to the risk side and the risk side from purely risk, like, sort of perspective says if it's if it's a go or no go and what the concerns are.”

“I think a lot of people were caught off guard by the fact that, like, you know, Aave, which is kind of like a core pillar of the the industry, through this smaller relatively collateral RSEs, they've had exposure to, you know, what turned out to be a pretty unsafe, like, bridging setup. And it's pretty challenging to, like, map out this whole dependency graph of, you know, you're just a depositor in Aave Eth. It's you you know, on the face of it, it seems like it should be a very safe asset, but you're actually exposed, you know, through a couple layers of intermediation to, you know, a one of one DDN bridge.”

“So what happened is that there is, a bridging mechanism for RS e to go to other chains. This is called a lock and mint bridge. So, basically, the RSE is is natively issued on Ethereum. And so if you want to go to, another chain like Arbitrum, you would then lock the RSE in the this is a layer zero bridge on Ethereum, and then it would send a message which would mint the, RSC. It's like an IOU for the backing that's sitting on Ethereum. So what happened is that, there was a forged message, from the security mechanism within the layer zero ecosystem. Again, this North Korea was able to penetrate deeply into the infrastructure layer here.”

“Arbitrum took what I or off chain labs, I think, took what I thought was a great move, which was they froze about, you know, between around $65,000,000 worth of these stolen assets. But I see some people saying that, well, this is MultisigFi instead of DeFi, and we kinda to me, I interpret this as this is the ideological backbone of crypto colliding with the real world. Well, I think, you know, North Korea not having $65,000,000 in that money going back to users, like, the outcome is unambiguously good.”

“DeFi and just the whole crypto industry, it is kinda playing on hard mode because, we can't rely on just, like, moral hazard and someone bailing us out. If anything, like, maybe the closest, we have in crypto to, like, a lender of last resort would be someone like a Binance or a Tether, where they're extremely profitable. They have a huge balance sheet. They have a lot of sort of excess reserves where, they can backstop, losses. You know, private got hacked. Binance, had a loan out to them to make sure that they could still cover withdrawals.”

“AI in general, you know, North Korea, I don't know, you know, I have no idea what their operation is like. But, like, assume there's some number of humans that are incredibly intelligent that are, like, working through and doing these hacks. But, you know, humans are, you know, I did security and and, you know, university and stuff. It's incredibly, like, taxing on human minds to kind of go through binary and stuff. It's it's it's super hard. Computers, AI are are are very good at this. So, like, for me, like, you know, I I just think it's there's certain number of human beings that are are doing this are now being leveraged, like, probably 10 x.”