The cryptocurrency landscape is currently facing a security crisis that disproportionately impacts users managing substantial digital assets. In the last three years, ~$2.3 billion in assets have been stolen from exchanges and other institutions directly attributable to blind signing. This trend is projected to increase with adoption, underscoring the need for users of all sizes to protect themselves from emerging\u00a0threats.<\/p>\n
The ByBit hack transpired approximately four months ago, with a staggering $1.5 billion stolen from the company\u2019s multisignature wallet. The attackers successfully deceived executives into signing a malicious transaction that drained the company\u2019s digital assets. To contextualize this incident, it\u2019s important to consider the current security paradigms within the crypto ecosystem. Security remains a cost center for most crypto-native enterprises, with associated expenses often passed on to end users. This primarily has to do with incentives. Infrastructure providers lack economic incentives to prevent fraud, as there are no real-time market-based mechanisms to reward accurate risk detection.<\/p>\n
Currently, transactions are reviewed by no more than two external parties before being signed. These parties consist of the user\u2019s browser wallet and the wallet\u2019s security provider. Kleidi will introduce a fundamentally different model: a decentralized network of reviewers incentivized to detect anomalies in transactions. More reviewers lead to better detection, and competition for accuracy enhances outcomes for users. Reviewers are compensated for reviewing transactions by underwriters who are exposed to the results of these transactions. This competitive market dynamic results in underwriters competing on price to insure user transactions.<\/p>\n
Protocol security involves securing the assets and code within execution environments and smart contracts. User-centric security focuses on protecting users from events such as scams, fraud, financial risks, and private key loss. An example of a protocol-centric approach to security would be a smart contract audit and monitoring system that reviews transactions for invariant violations. An example of user-centric security is transaction simulations in wallets that tell users the transaction outcome. This distinction between who is running the software and what their objectives are is important to understanding who is being protected.<\/p>\n
Users make bad decisions under pressure, as critical thinking is reduced during periods of stress. Policy engines prevent bad decisions when users are rushed or distracted. Policy engines like Kleidi and Gnosis Safe\u2019s Zodiac Roles let users define and enforce granular controls on their transactions. Zodiac allows the same policies to be set and enforced on chain for Gnosis Safes. Kleidi creates these policies through an RPC endpoint that checks the transaction against a user\u2019s predefined policies. Non-conforming transactions are dropped, while conforming transactions can be\u00a0insured.<\/p>\n
Users can pay for transaction insurance, but today\u2019s options are fragmented. Kerberus charges fees on DEX swaps. Nexus Mutual covers protocol hacks but not transaction-level fraud. Each provider operates independently with different interfaces, coverage gaps, and importantly, without a credible commitment to pay when fraud\u00a0occurs.<\/p>\n
Kleidi will solve this fragmentation by creating a competitive marketplace where underwriters stake capital and face economic penalties for incorrect decisions. Users get unified coverage with credible commitments, high policy limits, and a seamless user experience. This means users don\u2019t need to juggle multiple providers or wonder if their coverage will pay\u00a0out.<\/p>\n
This fragmentation isn\u2019t unique to crypto insurance. The audit industry faced the same centralization problem and solved it through competitive marketplaces. Traditional audit firms operated as monoliths, relying on small internal teams to catch complex bugs. Today\u2019s audit platforms like Code4rena, Cantina, and Codehawks aggregate findings from hundreds of independent security researchers, all competing for bounties. This evolution from centralized provider to competitive markets consistently produces better security outcomes at lower\u00a0prices.<\/p>\n
Audit Market Progression<\/p>\n
Upon initiating a transaction with Kleidi, users will see a wallet interface that transparently shows available insurance providers, along with real-time pricing dynamically determined by near-instant security assessments. Competitive pricing signals the relative safety of a transaction, while coverage denials or unusually high premiums warn users of potential risk. This transfer of risk removes cognitive overhead from the user as they no longer have to worry about the details of the transaction. Users can rapidly assess the relative safety of their transactions based purely on economic\u00a0signals.<\/p>\n
Blind Signing\u200a\u2014\u200aSafely<\/p>\n
Powering this seamless user experience is a competitive marketplace. Security providers and validators monetize their fraud detection capabilities by identifying high-risk transactions. Insurers bid competitively, balancing premium prices with coverage. Effective fraud prevention becomes profitable, creating a natural feedback loop that rewards the best security solutions. This structure aligns incentives between security providers, insurers, and users while developing a novel market structure. Analogous to the evolution of audit models evolving from centralized single-firm dominance to decentralized competitive marketplaces, Kleidi repositions transaction security to leverage the efficiencies of competitive market\u00a0forces.<\/p>\n
View of Signing with a Kleidi Network\u00a0Policy<\/p>\n
The ByBit executives\u2019 $1.5 billion loss was not due to incompetence, nor is it reasonable to require all signers to have advanced technical expertise. They just lacked economic signals that could have prevented such losses. Kleidi transforms fraud detection from a cost borne by wallets to competitive markets where users interact directly with it. Protecting users will become more lucrative than processing their losses, changing the entire crypto security model. Infrastructure providers will compete to offer the best protection instead of earning fees regardless of the outcomes. Kleidi makes user protection economically attractive, ensuring outcomes through aligned incentives. Transaction review, liability, and risk shifts to specialized entities. All the user cares about is their transaction coverage; the rest is someone\u00a0else\u2019s.<\/p>\n
We\u2019re building this market in phases. The foundation starts with transaction policies. Before underwriters can price risk and validators can review transactions, users need granular control over their transactions. Think of it as building the risk engine before the risk market. Today, Kleidi gives you that control through customizable transaction rules. You define what\u2019s acceptable: which contracts, which amounts, which conditions. These policies become the data layer that future underwriters will use to price risk and understand user intents. We\u2019re live with this critical first piece because without clear, enforceable policies, insurance is just gambling. The ByBit executives didn\u2019t just need insurance after the fact. They needed rules that would have blocked that transaction entirely.<\/p>\n
Sign up today https:\/\/app.kleidi.io\/signup<\/a><\/p>\n Join our mailing list https:\/\/www.kleidi.io\/<\/a> to receive product updates as we ship more features.<\/p>\n Protocol vs. User Centric Security<\/a> was originally published in Coinmonks<\/a> on Medium, where people are continuing the conversation by highlighting and responding to this story.<\/p>","protected":false},"excerpt":{"rendered":" The cryptocurrency landscape is currently facing a security crisis that disproportionately impacts users managing substantial digital assets. In the last three years, ~$2.3 billion in assets have been stolen from exchanges and other institutions directly attributable to blind signing. This trend is projected to increase with adoption, underscoring the need for users of all sizes […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-79649","post","type-post","status-publish","format-standard","hentry","category-interesting"],"_links":{"self":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts\/79649"}],"collection":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=79649"}],"version-history":[{"count":0,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts\/79649\/revisions"}],"wp:attachment":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=79649"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=79649"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=79649"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}