kiln
435 views
4 Discussing
Hot
Latest
๐ผ ๐ข๐ฆ๐ ๐ฃ๐ฎ๐ฟ๐๐ป๐ฒ๐ฟ๐ ๐ช๐ถ๐๐ต ๐๐ถ๐น๐ป ๐๐ผ ๐๐ฎ๐๐ป๐ฐ๐ต ๐๐ป๐๐ฒ๐ฟ๐ฝ๐ฟ๐ถ๐๐ฒ-๐๐ฟ๐ฎ๐ฑ๐ฒ ๐๐๐ต๐ฒ๐ฟ๐ฒ๐๐บ ๐ฆ๐๐ฎ๐ธ๐ถ๐ป๐ด ๐ฆ๐ฒ๐ฟ๐๐ถ๐ฐ๐ฒ
OSL Group (863.HK) has announced a strategic partnership with Kiln, a leading enterprise-level staking infrastructure provider, to offer Ethereum (ETH) staking services.
๐ What This Means:
โก๏ธ OSL will now provide institutional-grade staking solutions for Ethereum users.
โก๏ธ Kilnโs infrastructure will power the ETH staking service, ensuring security and scalability.
๐ Why Itโs Important:
โก๏ธ This partnership enables enterprise-level participants to access professional-grade Ethereum staking solutions, helping expand Ethereum's staking ecosystem further.
#OSL #Kiln #Ethereum
$ETH
$SOL
OSL Group (863.HK) has announced a strategic partnership with Kiln, a leading enterprise-level staking infrastructure provider, to offer Ethereum (ETH) staking services.
๐ What This Means:
โก๏ธ OSL will now provide institutional-grade staking solutions for Ethereum users.
โก๏ธ Kilnโs infrastructure will power the ETH staking service, ensuring security and scalability.
๐ Why Itโs Important:
โก๏ธ This partnership enables enterprise-level participants to access professional-grade Ethereum staking solutions, helping expand Ethereum's staking ecosystem further.
#OSL #Kiln #Ethereum
$ETH
$SOL
See original
๐จ Is your staked asset still safe? The Kiln incident reveals the fatal risks of staking services
In September, the staking service provider Kiln was attacked by advanced persistent threats, with engineers' GitHub tokens leaked, leading to malicious code being implanted in the API. When clients withdrew their stakes, the control of their assets was secretly transferred.
๐ Root cause of the incident: Blind signing transactions
Users signed serialized transaction data that could not be parsed, which contained hidden malicious instructions. On chains like Solana, even experts find it difficult to understand the raw transactions, making it hard to notice anomalies at the time of signing.
๐ก Insights
Project parties: Must adopt an "intention-aware" architecture to provide human-readable transaction verification.
Users: Be wary of blind signing behavior and prioritize service providers that can clearly display transaction intentions.
The security paradigm must shift from "post-audit" to "eliminating risks through architectural design."
#ไพๅบ้พๅฎๅ จ #Kiln #็ฒ็ญพ้ฃ้ฉ #ๆถๆๅฎๅ จ
In September, the staking service provider Kiln was attacked by advanced persistent threats, with engineers' GitHub tokens leaked, leading to malicious code being implanted in the API. When clients withdrew their stakes, the control of their assets was secretly transferred.
๐ Root cause of the incident: Blind signing transactions
Users signed serialized transaction data that could not be parsed, which contained hidden malicious instructions. On chains like Solana, even experts find it difficult to understand the raw transactions, making it hard to notice anomalies at the time of signing.
๐ก Insights
Project parties: Must adopt an "intention-aware" architecture to provide human-readable transaction verification.
Users: Be wary of blind signing behavior and prioritize service providers that can clearly display transaction intentions.
The security paradigm must shift from "post-audit" to "eliminating risks through architectural design."
#ไพๅบ้พๅฎๅ จ #Kiln #็ฒ็ญพ้ฃ้ฉ #ๆถๆๅฎๅ จ
Login to explore more contents