Executive Summary
Radiant Capital suffered a sophisticated attack resulting in approximately $58 million in losses. The attack exploited compromised multi-sig keys to drain funds across multiple chains.
This attack highlights the critical importance of key management and the risks of centralized control in cross-chain protocols.
Attack Methodology
- Attackers compromised 3 of 11 multi-sig signers
- Malicious transactions were crafted to appear legitimate
- Funds were drained simultaneously across Arbitrum and BNB Chain
- Stolen assets were quickly bridged and laundered
Lessons Learned
Key Security
Hardware wallets and air-gapped signing essential
Multi-sig Threshold
Higher thresholds provide better security
Monitoring
Real-time alerting on unusual transactions