ME News reports that on April 3 (UTC+8), Keone Hon, co-founder of Monad, published a protocol security self-audit checklist on X, focusing on core issues such as administrative permissions, fund security, and multi-signature design. The checklist includes ten key points: 1. Identify which admin functions could lead to fund loss; 2. Ensure all relevant operations are protected by time locks; 3. Implement real-time monitoring mechanisms; 4. Trigger immediate alerts when admin functions are invoked; 5. Review all privileged accounts and adopt multi-signature (k-of-n) structures wherever possible; 6. Clearly define signature threshold parameters; 7. Multi-signature signers should use dedicated cold devices solely for signing operations and follow best practices (e.g., independently verifying transaction hashes); 8. Apply rate limits on withdrawals and avoid having the same multi-signature control both withdrawals and other critical functions; 9. Ensure employee devices are equipped with malware detection and management capabilities; 10. Predefine extreme scenarios where multi-signature signers are compromised; analyze potential attack vectors from an attacker’s perspective and optimize system design to increase the cost and complexity of attacks. Previously, Drift Protocol adjusted its multi-signature setup to “2/5” (one old signer + four new signers) one week before suffering a $285 million hack, without implementing a time lock. The attacker subsequently gained admin privileges, forged CVT tokens, manipulated oracles, disabled security mechanisms, and transferred high-value assets from the vault. (Source: PANews)
Monad Co-Founder Releases 10-Point Security Checklist for Protocols
KuCoinFlashShare
Summary
Monad co-founder Keone Hon has released a 10-point security checklist for protocols, urging developers to review admin functions, time locks, and multi-sig setups. The checklist follows the $285 million Drift Protocol hack, where weak multi-sig and the absence of time locks resulted in losses. Among altcoins to watch, security remains a key factor influencing the Fear & Greed Index. Hon’s guide includes simulating extreme scenarios and using cold devices for signers to prevent fund loss.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.