In yesterday’s Bybit Stolen Asset Tracking Analysis report disclosed by SlowMist and Cosine Security Team, it was mentioned that a sum of 15,000 cmETH was fortunately prevented from being withdrawn by the mETH Protocol, which resulted in the recovery of a loss of $42m. Many of you must be wondering what this is all about.
mETH Protocol is a liquidity pledge protocol launched by Mantle layer2 chain on EtherNet in order to allow users to generate native income when depositing ETH in layer2, and it is a liquidity pledge asset with a cumulative deposit volume that is second only to stETH, wBETH and rETH.
Mantle takes mETH as the core to absorb the liquidity of different layer2 chains, and once became the interactive liquidity dispatching center of layer2, so it can be imagined how important mETH is to the strategic value of Mantle chain. cmETH, on the other hand, is a key component of mETH, which is the most important asset of Mantle chain.
cmETH is the repledged asset of mETH, which is equivalent to the fact that users can repledge the circulating mETH assets to be exchanged for cmETH assets. Compared with mETH, although cmETH bears the risk of leverage of repledging one more time, it can be mined in all kinds of campaigns of layer2 in order to obtain its brand new protocol-governed token $COOK.
In short, cmETH is an equity asset that circulates in the layer2 network and interacts with various layer2 protocols.
Because of this complex business interaction logic, the cmETH protocol is designed with three key security mechanisms:
The address blacklisting mechanism, as the name suggests, quickly blacklists addresses labeled as hackers to restrict them from transferring or interacting with cmETH assets;
Temporary suspension of contracts, in case of emergency, the team has the authority to suspend withdrawals in order to stop the circulation of suspicious assets;
Delayed withdrawal mechanism, using FIFO (first-in-first-out) queuing mechanism, the contract has a built-in delay of up to 7 days for withdrawing coins (8 hours for this event), which is equivalent to a period of calm processing-response time, giving the team enough time to screen the chain for abnormal withdrawal behavior.Although it seems that a certain degree of decentralization has been sacrificed for the sake of security, don’t forget that cmETH is a kind of repledged (leveraged) asset superimposed on mETH, and its main business scenario is to be used as a certificate of interest to mine in various DeFi protocols, and its security is related to the overall liquidity security of various cross-chain and cross-protocol systems.
At this stage, as an important component of the Mantle ecosystem, it is reasonable to consider and design some additional security mechanisms in order to cope with hacker attacks and emergencies.
It is just unexpected that this design of cmETH has not been utilized in the complex combination of the DEX ecosystem on the chain, but has taken the lead in giving Bybit a great credit for blocking assets.
