秋田预测市场 · Discord 审计

Hyperliquid代理密钥被盗后可通过自成交攻击窃取资金

2026-06-15 · Hyperliquid · 7 条相关讨论

stevek 2026-06-15 04:09:03

I just sent you a friend request. I'll show you a easier and safer way to convert to mutlsig. Better than hypersig and i'll show you why. For the skeptical, you can demonstrate this yourself. Connect your multisig wallet to hypersig and it wouldn't let you do anything before you convert to single sig so it can switch you to unified mode. My account was already in unified mode and it is NOT necessary to switch off multisig to convert. That's a security risk. I'd post screenshots, but I don't have privileges to do that yet. But you can replicate this yourself. Use my multisig wallet address: 0xCa5269C628672A8E93105B0D6BD0989F25886bCb You can verify it is in unified mode. Attach it to hypersig. Hypersig will tell you it has to switch off multisig to convert it to unified mode.

I just sent you a friend request. I'll show you a easier and safer way to convert to mutlsig. Better than hypersig and i'll show you why. For the skeptical, you can demonstrate this yourself. Connect your multisig wallet to hypersig and it wouldn't let you do anything before you convert to single sig so it can switch you to unified mode. My account was already in unified mode and it is NOT necessary to switch off multisig to convert. That's a security risk. I'd post screenshots, but I don't have privileges to do that yet. But you can replicate this yourself. Use my multisig wallet address: 0xCa5269C628672A8E93105B0D6BD0989F25886bCb You can verify it is in unified mode. Attach it to hypersig. Hypersig will tell you it has to switch off multisig to convert it to unified mode.

stevek 2026-06-15 05:40:16

1. because i just saw it when i read the recent posts. I was in a similar position myself. I had over $100K in staked Solana and thought it was safe. I can give you my SOL address and you can verify it. I have the police report as well. They laundered it so well the police couldn't track it. solana address 9BBhGEfAMSHg8Mxyb4x67VKMhyomJ3MAPa9mqXtaP8xZ Theft was Feb 4, 2026. That motivated me to solve the problem for myself and others. I can prove I still own that wallet if you need proof. 2. Yes, it started with his phone being hacked. Others suggested converting it to multisig immediately. 3. I don't have a product to sell. I have an prototype design that I think solves the problem. I'm not selling anything so there is no "product promotion". free. 4. Yes it is because he can use this tool right now to convert his account safely. He can look me up on wikipedia to validate I am who I claim to be. 5. The the whole point of converting to multi-sig is to secure an account. I tried connecting my multi-sig account to Hypersig and it said it wouldn't let me do anything until I converted it to a unified account. And it required me to convert my multi-sig account to a single-sig account, which is the opposite of what security is supposed to do. Any time it converts to a singlesig account, it is much more vulnerable. You can go try it yourself on your multi-sig account. I can show you when I do the conversion on Hypersight I can convert the account type from Classic to Unified without disabling Multi-Sig. You cannot do that on Hypersig. Any time you go from multi-sig to single-sig, that is a downgrade in the level of assurance which increases risk. I'm happy to give you a live demo if you would like to see it and become less confused but it is not nonsensical. I'll show you what happens in hypersig. My wallet. My funds. You can watch.

1. because i just saw it when i read the recent posts. I was in a similar position myself. I had over $100K in staked Solana and thought it was safe. I can give you my SOL address and you can verify it. I have the police report as well. They laundered it so well the police couldn't track it. solana address 9BBhGEfAMSHg8Mxyb4x67VKMhyomJ3MAPa9mqXtaP8xZ Theft was Feb 4, 2026. That motivated me to solve the problem for myself and others. I can prove I still own that wallet if you need proof. 2. Yes, it started with his phone being hacked. Others suggested converting it to multisig immediately. 3. I don't have a product to sell. I have an prototype design that I think solves the problem. I'm not selling anything so there is no "product promotion". free. 4. Yes it is because he can use this tool right now to convert his account safely. He can look me up on wikipedia to validate I am who I claim to be. 5. The the whole point of converting to multi-sig is to secure an account. I tried connecting my multi-sig account to Hypersig and it said it wouldn't let me do anything until I converted it to a unified account. And it required me to convert my multi-sig account to a single-sig account, which is the opposite of what security is supposed to do. Any time it converts to a singlesig account, it is much more vulnerable. You can go try it yourself on your multi-sig account. I can show you when I do the conversion on Hypersight I can convert the account type from Classic to Unified without disabling Multi-Sig. You cannot do that on Hypersig. Any time you go from multi-sig to single-sig, that is a downgrade in the level of assurance which increases risk. I'm happy to give you a live demo if you would like to see it and become less confused but it is not nonsensical. I'll show you what happens in hypersig. My wallet. My funds. You can watch.

stevek 2026-06-15 11:02:00

tldr; storing the agent private key in the browser is inherently unsafe. A smart attacker can steal most of your funds. That's state of the art with the official hyerliquid app. If you want better security than that, there is a way to do it that gives you the same convenience you have now, but doesn't permit a drive by attack. I was a victim of a silent install of NetSupport Manager so I speak from $$$ lost.

tldr; storing the agent private key in the browser is inherently unsafe. A smart attacker can steal most of your funds. That's state of the art with the official hyerliquid app. If you want better security than that, there is a way to do it that gives you the same convenience you have now, but doesn't permit a drive by attack. I was a victim of a silent install of NetSupport Manager so I speak from $$$ lost.

𝒜𝒷𝑒𝓁 2026-06-15 11:59:18

but they cant transfer your fund, agent wallet only have permission to play with order stuff

but they cant transfer your fund, agent wallet only have permission to play with order stuff

stevek 2026-06-15 12:30:45

agent key can't withdraw" is false comfort. The withdrawal restriction protects the balance from leaving via transfer, but does nothing about value leaving via adversarial fills. The attack surface is the signing capability itself, not the withdrawal permission. Most AI bots can explain it in detail if you think I'm kidding. I wish I was. This is from Claude: Here are the ways an attacker holding your stolen Hyperliquid agent/API key can bleed your account, given that the key can place orders but cannot withdraw or transfer: Self-dealing / wash trades (the main one). The attacker posts resting orders on both sides of a thin or manufactured-spread market from a wallet they control, then uses your key to cross the spread into those orders. Your account buys high and sells low; the spread differential transfers to their wallet as realized PnL. On-chain it looks like two consenting wallets trading normally, so it's not clawback-able. Sizeable to your full available margin, executes in seconds. Adversarial position-taking into liquidation. Even without a counterparty wallet, they can open maximally leveraged positions in a direction designed to lose, or oversize into illiquid markets so slippage and liquidation fees destroy value. Less efficient for the attacker (they don't capture the loss directly) but pure griefing that still drains you. Maker/taker fee leakage via churn. High-frequency open/close cycling burns your balance through fees and funding. Slow relative to the wash-trade attack, but a supplement — and it muddies the picture if they want the activity to look like "bad trading" rather than theft. Cross-margin spillover. If the account is in cross-margin mode, losses in one position draw down the shared collateral pool, so a single manufactured-loss position can reach your entire margin balance rather than being isolated to one market. There was more but this is now at the character limit for a message.

agent key can't withdraw" is false comfort. The withdrawal restriction protects the balance from leaving via transfer, but does nothing about value leaving via adversarial fills. The attack surface is the signing capability itself, not the withdrawal permission. Most AI bots can explain it in detail if you think I'm kidding. I wish I was. This is from Claude: Here are the ways an attacker holding your stolen Hyperliquid agent/API key can bleed your account, given that the key can place orders but cannot withdraw or transfer: Self-dealing / wash trades (the main one). The attacker posts resting orders on both sides of a thin or manufactured-spread market from a wallet they control, then uses your key to cross the spread into those orders. Your account buys high and sells low; the spread differential transfers to their wallet as realized PnL. On-chain it looks like two consenting wallets trading normally, so it's not clawback-able. Sizeable to your full available margin, executes in seconds. Adversarial position-taking into liquidation. Even without a counterparty wallet, they can open maximally leveraged positions in a direction designed to lose, or oversize into illiquid markets so slippage and liquidation fees destroy value. Less efficient for the attacker (they don't capture the loss directly) but pure griefing that still drains you. Maker/taker fee leakage via churn. High-frequency open/close cycling burns your balance through fees and funding. Slow relative to the wash-trade attack, but a supplement — and it muddies the picture if they want the activity to look like "bad trading" rather than theft. Cross-margin spillover. If the account is in cross-margin mode, losses in one position draw down the shared collateral pool, so a single manufactured-loss position can reach your entire margin balance rather than being isolated to one market. There was more but this is now at the character limit for a message.

shuri 2026-06-15 14:14:17

stopped reading at browser extension not taking you seriously with regards to any takes on security

stopped reading at browser extension not taking you seriously with regards to any takes on security

stevek 2026-06-15 14:23:28

What is method you use to trade securely on HL?

What is method you use to trade securely on HL?