DESCRIPTION OF EVENTS
"The Celo Foundation is a non-profit organization based in the US that supports the growth and development of the open-source Celo Platform. Guided by the Celo community tenets, the Foundation contributes to education, technical research, environmental health, community engagement, and ecosystem outreach—activities that support and encourage an inclusive financial system that creates the conditions for prosperity for everyone."
"Optics is a new design for radically cheaper cross-chain communication without header verification. We expect operating Optics to cut 90% of gas costs compared to a traditional header relay. To accomplish this, we took inspiration from optimistic systems (a la Optimistic Roll-ups). Optics features many of the features we prize in an optimistic mechanism, like public verification, low gas fees, broad participation, but has a slightly different security model."
"Optics will form the base layer of a cross-chain communication network that provides fast, cheap communication for all smart contract chains and rollups. It relies only on widely-available cryptographic primitives (unlike header relays), has a latency of a few hours (rather than an ORU’s one week latency), and imposes only about 120,000 gas overhead on message senders."
"Optics has been designed for ease of implementation in any blockchain that supports user-defined computations. We will provide initial Solidity implementations of the on-chain contracts, and Rust implementations of the off-chain system agents. We aim to follow up with Rust implementations of the on-chain contracts targeting Near and Solana later this year."
"Optics is usable in any chain that supports basic smart contract implementations, only has a latency of a few hours, compared to the one-week latency period that optimistic rollups provide, and requires only about 120,000 gas overhead on message senders."
"The Celo team uses a notary service as a comparison to their protocol." "Since Optics is working across multiple chains, the home chain acts as the source of truth. Meaning the sending chain will contain the “home” contract where the messages await to get processed. Once the messages are committed to the merklized “message tree,” the root of that tree is notarized and relayed by the updater to the receiving chain in an “update.” The updates are signed and approved by the updater, committing to the previous root and a new root."
"Optics allows any chain to implement a smart contract with the data of the updater and the current root. Celo calls this smart contract a “Replica” contract. This “Replica” essentially ensures that the receiving chain reaches the same root as the “home” chain. Since the root will ultimately be committed to the message tree, the message will be proven and processed once it gets transmitted."
"A significant difference highlighted by Celo is that Optics permits fraud. Through their security model, participants can prove fraud at any time to the home contract on the sending chain. So to curb updaters from signing off to fraud, the updater has to submit a bonded stake on the home chain, which will get slashed as a penalty for accepting a fraudulent update. Not only does a fraudulent signer’s bond gets slashed, but they are also exposed to all the other participants on the network, meaning users can avoid malicious actors."
"Optics Bridge was attacked and ownership of the multi-signature wallet was transferred." "[I]nvestigation disclosed that the incident actually occurred on October 29, by a community developer in order to fix a contract bug." "[T]he multi-signature permission of Optics was replaced because someone unilaterally activated the Optics repair mode (recovery mode) on the GovernmentRouter contract. Although the bridge service is all normal, this operation caused the Optics protocol to be fully controlled by the recovery manager account, and the original multi-signature permissions were also overwritten."
On the evening of November 23, Beijing time, the founder of Yuchi F2Pool, Shenyu, forwarded a risk warning from the security organization Rugdoc on Weibo, saying: “If you have mining on the Celo chain, please note that the multi-signature of Optics has been replaced. It is suspected that there is a problem. The way to reduce the risk is to sell other assets on the Celo chain to Celo. There are not many people selling at present, and they lose a few points. Everyone judges the risk by themselves, whether it is a gamble or a stop loss. The strength and the courage can also make arbitrage.”
"Most notably, in addition to explaining the technical principles of the replacement of multi-signature permissions, Tim also mentioned a former senior developer James Prestwich who has been expelled from cLabs. Tim claimed that the activation of the repair mode occurred 15 minutes after James was fired due to misconduct, and that during the deployment of Optics, James created a pull request for the configuration including the repair address, and requested confirmation of this Address and request reimbursement of expenses. Tim also said that since the discovery of the problem, cLabs has tried every means to contact James to solve the problem, but it has not been successful so far."
However, James himself responded to Tim’s “accusation”: "I have never been a keyholder on Optics recovery mode. I am disappointed that cLabs and Celo hace chosen to bring their bullying into public spaces, and that they chose to lie about me to attack my reputation. On the advice of my lawyer, I have nothing else to say right now."
"Obviously, there is a contradiction between the statements of Tim and James. If neither of them lied, then who activated the repair mode?"
"Under the joint investigation of many people, the truth finally came to light. From the address remarks of the decentralized content platform Mirror, it can be seen that the funds of the address [performing the action] belong to a person named Anna."
"Community users found from Github records that it was 26 days ago that a community developer with the same profile picture and name (Anna) reported on Github about Optics repair mode time lock Vulnerabilities, in order to fill the loopholes, the repair mode needs to be activated and replaced with a more secure multi-signature address. In addition, from the historical submission code, Anna has indeed participated in the development of PartyDAO." "[I]t can be basically judged that it is Anna that activated the Optics repair mode, and there is a high probability of repairing the management account. Under Anna’s control."
"[A]lthough the context of the matter has been clarified, some community members are very dissatisfied with the way CELO and cLabs handled the matter." "The cross-chain track has always been a field with a high incidence of security accidents. Although it has not caused any financial losses for the time being, the warnings sounded by this incident cannot be ignored."
Optics Protocol is a cross-chain bridge as part of the Celo platform. Multi-signature permissions were replaced on the protocol by one of the developers. The wrong developer was accused. No funds appear to have been lost due to the development error.
https://blog.insurace.io/security-incidents-in-november-e4bcb39dd7f9 (Feb 1)
What happened to Celo when the cross-chain bridge multi-signature permission was replaced? - CoinYuppie: Bitcoin, Ethereum, Metaverse, NFT, DAO, DeFi, Dogecoin, Crypto News (Feb 9)
https://docs.celo.org/celo-codebase/protocol/optics (Feb 10)
SlowMist Hacked - SlowMist Zone (Feb 10)
Bridges In Crypto Space (Feb 10)
Celo: Mobile-First DeFi Platform for Fast, Secure, and Stable Digital Payments (Feb 10)
About Celo: Learn more about Celo’s team (Feb 10)
https://docs.celo.org/celo-codebase/protocol/bridging/migrating-to-optics-v2 (Mar 7)