PicWe: Preventing hacker attacks requires full-chain infrastructure

1. Hackers ' harm to the cryptocurrency market has never stopped

The largest amount of hacker theft in the history of the currency circle is the "Mentougou" MT.Gox incident, which lost 850,000 BTC in 2014 (calculated at the current price, about US$85 billion). Since 2017, the overall volume of cryptocurrency assets stolen by hackers has exceeded US$10 billion. Bybit suffered a loss of $1.4 billion, which has become the largest hacker theft in recent years.

The amount of hackers’ theft from 2017 to the present (monthly)

Data source: https://defilama.com/hacks

Projects with large amounts of hackers ' theft since 2017

Data source: https://defilama.com/hacks

****2. Full-chain infrastructure can effectively reduce the risk of

hackers****

Web3 urgently needs safer and more convenient liquidity infrastructure. The hacking incident originated from the asset rebalancing between the exchange's cold wallet and the hot wallet. For exchanges and some liquidity agreements, asset rebalancing is a common operation on a daily basis. The purpose of this operation is to ensure the safety of assets and improve the efficiency of asset use. Similar to traditional banks, they will increase or lower the total amount of savings funds and lending funds based on the deposit reserve ratio. Taking the exchange scenario as an example, the number of ETH that users recharge on the exchange and the number of ETH withdrawn from the exchange will always be kept at the same level. However, in the short term, the ETH withdrawn by users is much larger than the recharged ETH, and the number of ETH in the exchange's hot wallet will decrease. The exchange needs to recharge ETH from the cold wallet to the hot wallet to ensure that there is sufficient ETH for users to withdraw. For example, if a bank branch is withdrawn too much cash, the head office needs to withdraw cash from the vault and ship it to the bank branch to avoid users from withdrawing money. On the other hand, if the bank branch stores too much cash, it will always be safe for funds and transport the excess cash back to the bank vault. It is not difficult to understand that this is a very conventional business. In addition to exchanges, there are also cross-chain bridges and multi-chain applications that often require operational asset rebalancing. A safe and convenient liquidity infrastructure is extremely important.

Smart contracts control asset rebalancing (Rebalancing). Whether it is an exchange or a cross-chain bridge, it can fully use smart contracts to achieve asset rebalancing. The total amount of liquidity pool is fixed. When the assets of a certain pool (hot wallet, on-chain liquidity) drop to a certain threshold, the liquidity rebalancing operation can be automatically completed through smart contracts. Of course, there may still be risks of cross-chain bridges and centralization here. A reward mechanism can be introduced to make the rebalancing operation more decentralized and safe. For example, when a certain asset pool drops to 20% of the original amount, the smart contract can initiate an on-chain task, and any user who increases liquidity for this pool can receive a certain reward. In this way, many users or bots will automatically balance liquidity in order to reward. This model can "outsource" the liquidity rebalancing business to third parties, and "break it into pieces", greatly reducing the risk of assets.

Full-chain asset settlement will make hackers stolen. Of course, relying solely on third parties to adjust liquidity is essentially just transferring the risk of being attacked. For example, in the past, the bank sent people to move funds themselves, but now it hired a third-party escort company to use a cash truck to transport funds. Although it is more professional, it may still be robbed. So is it possible that hackers can’t get the money? There is a answer. It can be achieved through a full-chain settlement monetary system. Now the interbank credit settlement system adopts this model. Interbank transmission is no longer cash, and what the hacker has grabbed is just an encrypted voucher, not an asset. Without the user's signature authorization, cash withdrawals are still not possible. For users, when a bank lacks short-term cash, it is enough to withdraw cash in another bank.

3. AI Agent+full-chain infrastructure can avoid "being deceived"

From the live broadcast after Bybit's incident, I learned that when Ben Zhou finally made a multi-signment, he had strictly reviewed the multi-signment content and checked it twice. But helpless, people can only check the content displayed on the front end, and the front end interface does not display any exceptions during the entire transaction process. Therefore, no matter how cautious a person is, he will be deceived by the "facts in front of him."

But what if it is handed over to the robot? AI Agent can directly parse smart contract code or on-chain transaction data. It can perform detailed comparisons between backend and on-chain data to quickly discover exceptions.

This is not recommended to develop an AI Agent with inspection functions, specifically used to prompt risks. After all, as long as people rely on people to complete the final execution, they may be deceived. Today, we can completely leave the AI ​​Agent to be responsible for inspection and execution.

****4. The full-chain asset infrastructure built by PicWe can reduce the

risk of hackers****

PicWe, currently deployed on Movement, can already achieve the following functions through the built full-chain asset infrastructure:

1. Smart contract control asset rebalancing (Rebalance)

2. Full-chain asset settlement (WEUSD)

3. Empower the on-chain execution layer for AI Agent

Since its birth, PicWe aims to better serve the Web3 world through a completely decentralized approach using full-chain assets. Not only can the efficiency of the entire chain liquidity, so that users of all chains and ecosystems can obtain simple, efficient and low-cost liquidity services, but they can also perform on-chain operations through AI Agent to avoid human learning and interacting with blockchains. Difficulties. At the same time, when AI Agent uses full-chain assets to provide liquidity services to users, it can greatly avoid the occurrence of similar hacking incidents.