Close Menu
AlexaBlockchain
  • News
  • Press Releases
    • Submit Press Release
  • Adoption
  • Funding
  • Interview
  • Policy
  • Explained
    • Bitcoin Halving 2024: Will it Trigger the Next Bull Run?
    • Everything You Wanted to Know About Bitcoin But Were Too Afraid To Ask
    • Cryptocurrency: what makes it so popular?
    • Top Five Crypto Scams And How To Avoid Them
    • Cloud Mining Explained
    • What are NFTs?
    • What is a Web3 Browser?
    • How To Build High Quality Crypto Backlinks
  • About
  • Advertise
  • Trending
    • #BitcoinHalving
    • #CloudMining
    • #Web3.0
    • #Metaverse
    • #NFTs
    • #PlayToEarn
    • #DeFi
    • #BlockchainTechnology
    • #Bitcoin
    • #Cryptocurrency
    • #DigitalAssets
Facebook X (Twitter) Instagram
Saturday, May 31
  • Advertise
  • Crypto PR
  • Partner
  • Submit Press Release
  • Contact Us
X (Twitter) Facebook LinkedIn Instagram
AlexaBlockchain
Banner
  • News
  • Press Releases
    • Submit Press Release
  • Adoption
  • Funding
  • Interview
  • Policy
  • Explained
    • Bitcoin Halving 2024: Will it Trigger the Next Bull Run?
    • Everything You Wanted to Know About Bitcoin But Were Too Afraid To Ask
    • Cryptocurrency: what makes it so popular?
    • Top Five Crypto Scams And How To Avoid Them
    • Cloud Mining Explained
    • What are NFTs?
    • What is a Web3 Browser?
    • How To Build High Quality Crypto Backlinks
  • About
  • Advertise
  • Trending
    • #BitcoinHalving
    • #CloudMining
    • #Web3.0
    • #Metaverse
    • #NFTs
    • #PlayToEarn
    • #DeFi
    • #BlockchainTechnology
    • #Bitcoin
    • #Cryptocurrency
    • #DigitalAssets
AlexaBlockchain
You are at:Home » Your crypto is doomed, and your cold wallet won’t save it: Martin Schmidt
Interview

Your crypto is doomed, and your cold wallet won’t save it: Martin Schmidt

Crypto exploits surge to record $329.8 million in September 2023. Martin Schmidt shares key insights and strategies to enhance on-chain project security and reduce the risk of exploits.
Arun ShakyawarBy Arun ShakyawarOctober 9, 2023Updated:October 9, 2023No Comments4 Mins Read
Twitter Facebook LinkedIn Reddit Email WhatsApp
Martin Schmidt on crypto exploits surge
Martin Schmidt, Co-initiator of a governance-as-a-service solution Q Protocol
Share
Twitter Facebook LinkedIn Pinterest Reddit Telegram Email WhatsApp

September has become the worst month for crypto exploits in 2023 — with the amount of crypto theft surging to $329.8 million. According to Martin Schmidt, Co-initiator of a governance-as-a-service solution Q Protocol, the main reason behind crypto exploits is the lack of proper governance. Q Protocol provides both transactional and governance security, the first and only one with regulatory clearance in Europe.

We’ve got his insider analysis below, including what actions can on-chain projects take to reduce the risk of exploits.

Q1. What is the main reason behind the massive issue of crypto exploits?

Martin Schmidt: You implement all the best practices to keep your cryptocurrency safe, and then an attacker — often from within the project team — comes along, gains control of the project, and drains the treasury. If there’s anything in your wallet left to protect, it’s now worth a fraction of the price you paid for it — and there’s little you can do to stop it.

That’s the reality of governance attacks, a technique increasingly used by rogue actors that exploit the decentralized nature of crypto projects. With changes to a protocol’s rules and processes typically decided by community votes, these bad actors are obtaining the majority of a project’s voting power to hijack governance, make changes unchallenged, and siphon money out.

Q2. What are the main techniques that hackers employ?

Martin Schmidt: Does it seem difficult? Well, it often isn’t. To launch a governance attack, all cybercriminals really need is the majority of a project’s voting power. Often, a surprisingly low number of tokens is needed to gain a majority, since not many token holders actively engage in governance. An alternative strategy is to hide malicious code within a seemingly innocent proposal.

With majority rule, they can then push through any changes they want and there’s nothing the community can do to stop them. They manipulate price oracles, introduce new rules, or sometimes even just send funds to their own private wallet. Most attackers will steal as much money as they can get away with.

Q3. Latest examples of high-profile crypto thefts

Martin Schmidt: These bad actors aren’t stealing the keys or exploiting technical weaknesses. Rather, they are finding loopholes in a project’s governance rules. Just this year, an attacker used malicious code hidden within a proposal to grant themselves fake votes and seize control of the Tornado Cash project. With this attack on the project’s governance, they were able to mint over $4 million worth of tokens and move their ill-gotten gains to other addresses.

But that’s chump change compared to Beanstalk Farm’s losses last year. Exploiting a loophole in the project’s governance rules, an attacker was able to hand themselves a 67% voting stake and pass a proposal to transfer user assets to their own wallet. Their loot? An estimated $80 million.

Q4. The solution? Projects need a second layer of security

Martin Schmidt: It’s clear that code alone cannot be trusted to uphold a project’s governance, nor can the community, with users too often falling victim to the social engineering techniques that bad actors have mastered. And how many rug pulls need to happen for us to realize that leaving the key decisions in the hands of project creators is a recipe for disaster?

To uphold the security of their projects, what protocol designers need is an incorruptible layer that prevents governance from falling into the wrong hands. Something like a 2FA solution for blockchain — an external security anchor, upheld by transparent and trustworthy individuals, that lays out the law and upholds the rules, preventing crooks and criminals from commandeering projects and sailing off with investors’ hard-earned funds.

Thank you!

Follow Martin Schmidt on Twitter: https://twitter.com/martin__a__s

Follow Martin Schmidt on Medium: https://medium.com/@martin_a_s

To learn more about Q Protocol, visit https://q.org/

Blockchain Security Crypto Crypto Exploits Cryptocurrency Hacks Cybersecurity Martin Schmidt Q Protocol
Share. Twitter Facebook LinkedIn Reddit Pinterest Tumblr Telegram Email WhatsApp
Arun Shakyawar
  • Website
  • X (Twitter)
  • LinkedIn

Arun Shakyawar is a Tech writer based out of Los Angeles. He holds an Engineering degree in Electronics and communications, and an MBA in marketing. He specializes in TMT. Before writing full-time, Arun worked as a management consultant with leading consulting firms. As a consultant he developed interest in blockchain technology, and now actively tracks blockchain and digital asset markets. Arun can be reached at arun@alexablockchain.com.

More AlexaBlockchain

QFSCOIN Launches Affordable Cloud Mining Contracts to Democratize Bitcoin Access

May 30, 2025

India’s Supreme Court Slams Government Inaction on Crypto Regulation

May 19, 2025

Crypto UX Problem Persists Despite Growth, Finds Reown and Nansen’s 2025 Onchain UX Report

April 30, 2025

Taurus Brings Institutional-Grade Crypto Staking for Global Banking Clients

April 29, 2025

Why DeepBook Protocol (DEEP) Price Surged Over 161% Last Week

April 28, 2025

​Cantor, SoftBank, and Tether Unite for $3.6B Bitcoin Venture

April 23, 2025
Add A Comment

Comments are closed.

Don't Miss

QFSCOIN Launches Affordable Cloud Mining Contracts to Democratize Bitcoin Access

Liquidium Launches Cross-Chain Bitcoin Lending Without Wrapped Tokens or Bridges

Katana Launches High-Yield DeFi Blockchain Backed by GSR and Polygon Labs

Sony’s Soneium Brings Viral Telegram Game Sleepagotchi to 200M Users via LINE

Trending Topics
  • Blockchain News
  • Blockchain Technology
  • Blockchain Platforms
  • Blockchain Regulation
  • Bitcoin News
  • Ethereum News
  • Ripple News
  • Tezos News
  • CBDC
  • NFTs
Featured Companies
  • Binance
  • Tech Mahindra
  • Huobi
  • Efforce
  • Future FinTech Group
  • SuburbanColors
  • Launchpool Labs
  • Lucky Crab Club
  • SIMBA Chain
  • Bulldog Law
Stay Updated
  • Events
  • Newsletters
  • Follow
  • Follow on Google News
  • Blockchain Directory
Get In Touch
  • Crypto PR
  • Advertise
  • Partner
  • About
  • Masthead
  • Careers
  • Write for Us
  • Submit Press Release
  • Submit Guest Post
  • Contact US
Copyright © 2025. AlexaBlockchain
  • About
  • Advertise
  • Crypto PR
  • Submit Press Release
  • Write for Us
  • Careers
  • Privacy Policy
  • Affiliate Disclosure
  • Disclaimer
  • Contact

Type above and press Enter to search. Press Esc to cancel.