GuShiio.com Author: Haotian
& nbsp
In the Bybit stolen asset tracking analysis report released by the @ SlowMist_Team @ evilcos security team yesterday, it was mentioned that 15000 cmETH were luckily prevented from withdrawing by @ mETHProtocol, recovering a loss of $42m. Many friends must wonder what’s going on here?
& nbsp
METH Protocol is the Mantle layer2 chain in order to enable users to generate primary income when layer2 deposits into ETH, and the liquidity pledge agreement launched in the Ethernet main network is a liquidity pledge asset with accumulated deposits second only to stETH, wBETH and rETH.
& nbsp
Mantle takes mETH as the core to absorb the liquidity of different layer2 chains, and once became the interoperable liquidity scheduling center of layer2. We can imagine how important mETH is to the strategic value of Mantle chain.
& nbsp
CmETH is the re-pledge asset of mETH, which means that users can re-pledge the circulating mETH assets and convert them into cmETH assets. Although mETH,cmETH bears one more re-pledge leverage risk, it can be excavated in all kinds of campaign activities of layer2 to obtain its new agreement governance token $COOK.
& nbsp
In short, cmETH is an equity voucher asset circulating in the layer2 network, which interacts with various layer2 protocols.
& nbsp
Because of this complex business interaction logic, three key security mechanisms are added to the design of cmETH protocol:
& nbsp
1. Address blacklist mechanism, which, as the name implies, can quickly blacklist addresses marked as hackers to restrict their transfer or interaction with cmETH assets.
& nbsp
2. The contract can be temporarily suspended. In case of emergency, the team has the authority to urgently suspend the withdrawal operation in order to prevent the flow of suspicious assets.
& nbsp
3. Delayed withdrawal mechanism, using FIFO (first-in, first-out) queue mechanism. The contract has a maximum delay of up to 7 days (the event is 8 hours), which is equivalent to a calm processing-response time, giving the team enough time to identify abnormal coin withdrawal behavior on the chain.
& nbsp
Although a certain degree of decentralization seems to have been sacrificed for security, don’t forget that cmETH is a re-pledged (leveraged) asset superimposed on mETH. Its main business scenario is to mine in various DeFi protocols as proof of rights and interests, and its security is related to the overall system liquidity security of each cross-chain and cross-protocol.
& nbsp
At this stage, as an important component of Mantle ecology, it is reasonable to consider and design some additional security mechanisms in order to deal with hacker attacks and emergencies.
& nbsp
Unexpectedly, this design of cmETH did not play in the complex combination ecological environment of DEX on the chain, but took the lead in intercepting assets for Bybit.
Reading the original text
