Radiant Capital
An exploiter drained over $50 million in user funds after compromising Radiant Capital's multisig wallet. Radiant Capital Website/Screenshot

KEY POINTS

  • Two security analytics firms have said the total amount stolen has reached $58 million
  • Industry experts raised concerns over the protocol's low signature requirement for its multisig
  • Radiant has since paused its markets, but has yet to provide a detailed breakdown on the breach

Major cross-chain lending protocol Radiant Capital paused its lending markets after suffering millions in losses due to a breach that affected some of its smart contracts on the BNB Chain and Arbitrum network, rocking the cryptocurrency community to the core, given the size of the protocol.

Multiple security analytics firms delved into the massive breach, and some prominent figures in the industry raised concerns about how a leading protocol could have been hit by a cybersecurity attack.

How Did It Happen?

Blockchain security auditor QuillAudits was one of multiple security-related firms that looked into how the attacker was able to gain access to Radiant Capital contracts.

According to QuillAudits, "the attacker gained control of 3 out of 11 signers; just enough to carry out the hack." The exploiter then transferred ownership of the contract before draining user funds. The auditing firm also published a list of contracts that were "in danger" early Thursday.

Radiant has a multisignature wallet, or "multisig" in crypto terms, that controls the protocol. Basically, the attacker is said to have gained access to the private keys of some signers to control some of the protocol's smart contracts across the affected chains.

Blockchain analytics firm Lookonchain said the hacker specifically took some $33.6 million in various digital assets from Arbitrum and around $19.4 million from the BNB Chain. Assets stolen from Arbitrum were swapped to Ethereum (ETH), while those drained from the BNB Chain were swapped to BNB tokens.

Web3 cybersecurity firm De.Fi Antivirus said $58 million has been swiped so far.

Radiant Capital has since confirmed the exploit, saying it was "working with SEAL911, Hypernative, ZeroShadow & Chainalysis and will provide an update as soon as possible." It paused markets on Base and Mainnet until further notice.

Crypto Community Shocked by Latest Hack

Many crypto users have expressed frustration over the incident, including some key figures in the industry, who are raising concerns about the seemingly weak measures Radiant purportedly took to protect its multisig.

Pop Punk, the co-founder of token launch security platform G8keep, pointed out how Radiant "just had their protocol stolen from them like a school bully steals lunch money." He pointed out that requiring only three signatures of 11 to execute transactions was "uncomfortably low for a protocol of this size."

Prominent analyst Adam Cochran found it "insane" that Radiant didn't implement a set of permissions and opted for a low signature requirement. "How the f**k did a hacker get 3 multisig keys for one protocol?" he said.

One user raised an issue that many crypto and blockchain skeptics have been pointing to in the past – that the industry can't be taken seriously if security incidents keep coming. Another user said he can't imagine himself building or using a protocol "that's built on just a multisig."

Crypto investment platform Exponential, which has a "Risk Ratings" feature, revealed that it previously rated Radiant with a "Watch Out," citing the protocol's weak multisig protections that "makes the protocol more susceptible to centralization risks."

Read more