Bybit Hack Learnings
Before we get started…if you want to learn more about bitcoin – connect with the Onramp MENA team.
And now, for the weekly roundup…
Bitcoin Native Multisig vs. Ethereum Multisig
On February 21, Bybit suffered a record $1.5 billion hack, allegedly orchestrated by the Lazarus Group. The attackers exploited Bybit’s Ethereum-based multisig wallet by injecting malicious code and masking the user interface, prompting signers to unknowingly approve an unauthorized transaction.
This event underscores a stark reality:
Ethereum Multisig often relies on proprietary or complex smart contracts. Hidden functions in these contracts can be used to siphon funds if signers are tricked by a fraudulent UI.
Bitcoin Native Multisig, by contrast, is integrated into the bitcoin protocol itself. It is open-source, transparent, and limited to simple, verifiable operations. With fewer moving parts and no arbitrary code execution, attackers face fewer avenues to conceal malicious actions.
Fundamental differences between BTC and ETH in terms of monetary properties aside, the Bybit hack demonstrates that, for secure, long-term value preservation, bitcoin’s inherent design and straightforward multisig mechanics can offer stronger protection than the more complex, often proprietary systems built around Ethereum.
Single Entity Control Undermines Multisig
While multisig technology adds layers of defense, those advantages evaporate if a single organization still controls all required keys. If one attacker gains sufficient internal access (or successfully deceives signers), they can potentially drain wallets without external oversight. The Bybit fiasco highlights how crucial it is to avoid “multisig in name only,” where just one party truly holds effective control.
Why Multi-Institution Custody is a Game-Changer
Instead of centralizing key ownership, multi-institution custody distributes private keys among independent entities. A transaction requires multiple signatures from separate custodians, eliminating the possibility that any one entity becomes a single point of failure.
In effect, even if a malicious actor compromises one keyholder, they cannot move funds without simultaneously breaching an additional keyholder. This design aligns with bitcoin’s decentralized ethos, fortifying the security model where no single entity is trusted unilaterally.
Chart Of The Week
"Bitcoin flushed down with global liquidity (3 month lag). Next up is global liquidity spike, rate cuts, QE and Bitcoin exploding. Patience."
Quote of the Week
"While I can’t predict the future with certainty, my intuition is that a single dominant Reusable Proof-of-Work (RPoW) network will emerge as the primary standard—much like how TCP/IP became the universal protocol for data transport. While other RPoW networks may exist for niche or localized applications, they are unlikely to offer the same level of utility or security on a global scale.
In RPoW, network size directly translates to security. The greater the computational power and energy expenditure required to maintain the network, the more expensive it becomes to attack or manipulate—making it inherently more secure. This creates a strong incentive for users to converge on the most physically costly and secure network. As adoption increases, a reinforcing cycle ensues: the dominant network grows even larger and more computationally powerful, while smaller alternatives struggle to compete due to their comparatively weaker security and lower utility.
This consolidation of all RPOW applications into one RPOW network isn’t just a matter of efficiency or convenience—it’s a strategic necessity. In a competitive environment, all rational actors will gravitate toward the network that provides the highest level of security for their information, assets, and financial transactions. The most resilient RPoW network will be the one that imposes the greatest physical cost on potential adversaries, ensuring that it remains the preferred choice for global-scale usage.
In SOFTWAR, I describe this dynamic as "Mutually Assured Preservation." The largest nation-state rivals (e.g. NATO vs BRICS) must inevitably adopt the same network, and the computational power and energy they each contribute to it will have the counterintuitive effect of reinforcing their adversary’s security as well. The cost of attacking either side increases to such an extent that they become “frenemies,” each strengthening the security of the other’s interests on the same network."
Podcast Of The Week
Bitcoin For Professionals: Ex-Global Risk Analyst EXPOSES the Energy Investment Crisis
In our latest episode, Justin Chin, an experienced professional in global investment risk coverage for energy and infrastructure dives deep into how Bitcoin is increasingly shaping global energy markets, challenging traditional assumptions about its role in finance and infrastructure.
The question is no longer “if” Bitcoin will play a role in energy and finance—but how quickly institutions will adapt. For those navigating these industries, understanding Bitcoin is no longer optional—it’s essential.
Subscribe to Onramp MENA’s YouTube channel to catch new episodes of the Bitcoin For Professionals podcast!
Onramp MENA is an advisory and educational platform dedicated exclusively to Bitcoin.
If Onramp MENA’s offerings align with your needs, or those of someone you know, feel free to schedule a consultation with us here.