MPC, HSM, and multisig - after the Bybit postmortem
Institutional custody from first principles: the $1.5B Bybit attack chain, MPC-CMP vs HSM vs multisig tradeoffs, hot/warm/cold tiering, AWS Nitro Enclaves for signing, and DPRK threat modelling.
Bybit lost $1.5B not because their keys were weak - but because the interface operators used to review transactions was compromised. Custody architecture is not about key strength; it is about removing trust from every layer of the stack. These ten posts are the curriculum I wish existed before that incident.
The Bybit hack was a Safe{Wallet} supply chain compromise, not a crypto key leak. UI-layer spoofing defeated hardware wallets. The architectural controls that would have stopped it.
A practitioner's decision matrix for custody key management: multisig, HSM, and MPC-CMP compared across security, operational overhead, and cost - with worked examples from ICO platform custody.
Framework and worked examples for hot-warm-cold wallet tiering at $1B+ scale: tier ratios, sweep schedules, signing latency tradeoffs, insurance requirements, and threshold math.
End-to-end guide to AWS Nitro Enclave wallet signing: vsock proxy, KMS PCR attestation flow, cold vs warm latency breakdown, and production failure modes to avoid.
GG18, GG20, FROST, and MuSig2 compared for engineers building MPC custody systems: protocol mechanics, round counts, the 2022 GG18 vulnerability, and when to use each.
After the Bybit hack I rewrote ZeroCopy's threat model. This documents DPRK's TraderTraitor TTPs and the specific controls that stop them - and the ones that don't.
BIP-32/39/44 HD wallet derivation explained for engineers: hardened vs normal derivation, entropy mistakes, multi-chain paths, and common implementation bugs from production custody work.
ERC-4337 account abstraction for institutional custody: UserOperation flow, session keys, social recovery, gas abstraction, and how ZeroCopy uses it for on-chain settlement.
Timing side channels, cache attacks, and Spectre in crypto signing services: why conditional branches on secret data are never safe, and how to implement constant-time operations correctly.
The complete key ceremony procedure for $500M+ scale custody operations: pre-ceremony checklist, air-gap procedures, quorum approval architecture, and catastrophic failure modes.