"In a statement issued on Friday, Garden again said that user funds were safe and that the attack exploited one of its solvers. In the context of decentralized finance, a solver is typically an algorithm or trading agent that's relied on to execute transactions in the most efficient manner possible. Garden is a blockchain bridge protocol company, and its solvers earn a small profit for carrying out transactions between blockchains."
"Some controversy arose shortly after the initial announcement via X. Garden framed the disclosure in a way that suggested its compromised solver was truly autonomous, or perhaps external to its own infrastructure. However, one prominent blockchain infosec researcher, ZachXBT, has claimed it might have been managed by a team member. Those involved in the field tend to believe solvers should ideally be running autonomously - in keeping with the spirit of DeFi - although blockchain investigator ZachXBT alleged this was not the case."
Garden experienced a compromise of one of its solvers that resulted in approximately $11 million in assets being stolen and temporarily shut down its app. The company said user funds were safe and described a solver as an algorithm or trading agent that executes efficient cross-chain transactions and sometimes holds its own funds to fulfill orders. Controversy arose because Garden presented the solver as autonomous while researcher ZachXBT alleged the solver may have been managed by a team member and pointed to messages appearing from a Garden deployer address. Garden offered a conditional 10 percent reward and is working with external security experts to identify the root cause.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]