What happened?
The largest crypto hack in history occurred on February 21st, 2025 to leading cryptocurrency exchange, Bybit.
The exchange suffered the hack via vulnerabilities at the intersection of offchain systems (web security, trojan) and on chain systems (multisig upgrade).
Multisig custody is designed to enhance security, but requires verification and monitoring to be fully effective.
To prevent hacks and improve security, use a layered and real-time strategy that continuously learns from hacks and adapts to the evolving security threat landscape.
Consider contextual threat models for your specific use cases to selectively deploy automation for routine monitors and preventions (e.g. multisig monitoring, oracle monitoring for price manipulation, token monitoring for phishing, compliance monitoring).
Be proactive with security by implementing cost-effective, high-value security infrastructure. Since you can't predict where attackers will strike first, build your defenses in layers and maintain continuous protection.
What can you do about it?
The core constraint of multisig is the inability to verify multisig transactions before signing (known as “blind signing”).
While this is a limitation for signers, by assessing the transaction characteristics via security monitoring, you can:
- Alert on critical operations:
Issue real-time alerts for sensitive actions such as multisig governance changes, large transfers, or changes in signer permissions. - Block funds from leaving to attackers:
Run detections before finalizing transactions, circuit breaking unexpected transfers. - Prevent unauthorized users:
Use a combination of ML anomaly detection and user-defined security configuration to fine-tune defenses that limit risks while enhancing efficiency for day-to-day operations. - Automatically quarantine funds to secure wallet destinations:
Upon certain conditions, automatically withdraw funds to designated wallet(s) to guarantee the safety of assets.
How can we help?
Guardrail’s adaptive defense strategy
Good security requires a well-structured, adaptive defense strategy with layers of protection.
No single tool or approach can guarantee absolute security — but proper monitors and protections CAN drastically reduce your risk profile.
Deploy the Guardrail Multisig Proposal Guard to monitor multisig activity and respond automatically when something suspicious occurs.
As value grows, adapt risk management strategies
Guardrail offers different threat models for earlier projects versus established protocols.
You can implement guards that address both internal and external risks in a way that maps to your available resources and budget.
Consolidate monitoring and security operations
Modular security adds protective layers to every vulnerable part of the business.
Everything is managed through a single dashboard and sent to your response destination of choice, simplifying operations while conserving time and money.
About Guardrail
We were founded in 2023 with the mission of making DeFi more secure.
We built the most flexible and cost-effective platform to monitor EVM smart contracts in real-time.
We focus on building network effects to augment risk monitoring and provide actionable insights on attack patterns.
This adds critical security layers to protect protocols against runtime risks and complements other security layers such as code audits and other forms of static and dynamic analysis.
