I. Introduction: A Security Crisis Shocking the On-chain Trading Circle
In November 2024, a major security incident on the on-chain trading platform DEXX shook the entire industry. A hacker attack led to large-scale theft of user assets, with losses quickly escalating to tens of millions of dollars. This incident exposed DEXX's fatal flaws in security architecture, transforming it from a platform that touted 'non-custodial' features and was praised by users for its convenient and efficient trading experience into a negative example discussed in the industry.
With the vigorous development of the DeFi ecosystem, on-chain trading tools have experienced explosive growth. These tools attract many users with their selling points of 'decentralization' and 'non-custodial'. However, the DEXX incident proves that behind convenience often lies enormous security risks.
Why should every on-chain trader pay attention to the DEXX incident?
Reveal systemic security risks: The incident exposed the common vulnerabilities in the design and operation of on-chain trading tools.
Reflecting on the truth of 'non-custodial': Unveiling how some platforms abuse the concept of 'non-custodial' to cover up security issues.
Enhancing user risk awareness: Providing valuable warnings for users and developers, emphasizing the importance of security education and prevention.
The DEXX incident is not only a security crisis but also a profound questioning of the current state of the industry: How to balance innovation and security within a decentralized framework?
II. In-depth Analysis of the DEXX Incident
Platform Positioning and Business Model
DEXX is a decentralized trading platform focused on on-chain meme coin trading, supporting multi-chain asset trading such as SOL, ETH, BSC, and providing automated trading tools and liquidity management services. Through smart contracts, it achieves a convenient trading experience, and DEXX was once regarded as a benchmark for on-chain trading tools. However, this incident exposed a fatal flaw in the platform's technical architecture.
Misunderstandings of the 'non-custodial' concept
Although DEXX claims to adopt a 'non-custodial' model that allows users to control their private keys, there are many risks in actual operations:
Plaintext Storage of Private Keys: Users export private keys without encryption, making them easy to intercept by hackers during transmission.
Centralized Permissions: The platform's permission management system is overly broad, granting actual control of user assets to the platform.
Smart Contract Risks: Un audited smart contracts may have backdoors, allowing unauthorized operations.
Security Vulnerability Analysis
From a technical perspective, DEXX has the following major security risks:
Improper Private Key Storage: The platform secretly records users' private keys, allowing hackers to fully control assets once they invade.
Weak Permission Management: Authorization logic fails to be tiered or restricted, leading to potential abuse of user assets by the platform.
Insufficient Code Auditing: Audit reports show that the platform has multiple high-risk vulnerabilities, with the 'centralization' issue being particularly serious.
Statistics of Affected Assets
According to on-chain data analysis, the asset losses caused by this incident include:
Mainstream Tokens: Such as ETH, SOL, etc.
Stablecoins: Such as USDT, USDC.
Meme Coins: Such as BAN, LUCE, etc., which see significant price drops due to sell-off pressure.
The DEXX incident not only caused economic losses to users but also dealt a devastating blow to the trustworthiness of the entire on-chain trading tools industry.
III. The Wake-Up Call: Common Problems in On-chain Trading Tools
1. The Truth of 'Non-Custodial'
'Non-custodial' tools are considered the security benchmark for decentralized trading, but many platforms do not truly achieve asset autonomy in practice:
Permission Abuse: Requiring users to grant excessive permissions, leading to over-centralization of assets.
Implicit Custody: Private keys may be stored and managed by the platform, making security dependent on the platform's technical capabilities.
Contract Backdoors: Some smart contracts embed admin privileges, allowing the platform to bypass user authorizations.
II. The Security Dilemma of Trading Bots
Automated trading tools provide convenient trading while introducing the following risks:
High Permission Requirements: Trading bots need to access users' private keys or API keys, greatly increasing risks.
Logical Vulnerabilities: Complex trading logic may be exploited by attackers, leading to abnormal trading or market manipulation.
Centralized Control: Many bots store user assets under platform control to enhance trading speed, making them easy targets for attacks.
3. Technical Challenges of Private Key Management
Private key management, as the core of on-chain security, faces the following challenges:
The Conflict Between Convenience and Security: Offline storage is highly secure but complex to operate; online storage is convenient but poses high risks.
Weak Backup Mechanism: Users often face risks due to improper backups (such as saving in plaintext).
Improper Authorization Allocation: Authorization logic lacks detailed management, and once permissions are leaked, the consequences are severe.
IV. Common Issues of Similar Platforms
Analysis shows that on-chain trading tools generally have the following problems:
Insufficient Auditing: Many platforms have not conducted comprehensive third-party security audits.
Weak Risk Control: No comprehensive trading monitoring and emergency response mechanism established.
Lack of User Education: Users lack a basic understanding of authorization logic and security operations, and the platform has failed to provide effective guidance.
The DEXX incident highlights the shortcomings of on-chain trading tools in terms of security. To promote healthy industry development, platforms, users, and regulatory bodies must work together to strengthen technical and operational norms.
IV. User Emergency Self-Rescue Guide (Practical Edition)
The DEXX incident exposed security shortcomings in on-chain trading and served as a wake-up call for users. In the event of a similar crisis, users need to act quickly to reduce losses while establishing long-term security prevention mechanisms. Here are detailed operational guidelines and security advice.
Immediate Action
Check Asset Damage Status
Use blockchain explorers (such as Etherscan, Solscan) to view transaction records of wallets and confirm whether there are abnormal transfers.
Verify asset balances to assess whether any assets have been stolen.
Check the authorization status of smart contracts to identify potentially risky authorization records.
Prioritize protecting high-value assets and develop transfer plans.
Emergency Asset Transfer Steps
Prepare a brand new and secure wallet address, ensuring its private key has not been leaked.
Transfer in order of asset importance (e.g., stablecoins, mainstream tokens).
Operate in a secure network environment, avoiding public Wi-Fi and infected devices.
Set appropriate gas fees to ensure transfer transactions are completed quickly.
Revocation of Authorization Operations
Use tools (such as Revoke.cash) to check and revoke suspicious authorizations to prevent hackers from taking advantage.
Prioritize revoking authorizations for high-risk contracts and keep operation records for future investigation.
Increase gas fees to speed up the revocation of authorizations and prevent attackers from acting first.
Evidence Preservation
Take screenshots to save relevant transaction records, including timestamps, transaction hashes, contract addresses, and other details.
Export the complete transaction history of the wallet as case materials.
Preserve all communication records with the platform (emails, announcements, social media screenshots).
Collect media reports and official statements for future rights protection and compensation requests.
Reporting and Rights Protection Guide
Report to local cyber police or cybersecurity departments, providing complete transaction records and event descriptions.
Contact professional blockchain security companies to assist in tracking stolen assets.
Preserve the police report receipt and seek help from a professional legal team to plan cross-border or complex rights protection strategies.
Join victim rights protection groups to share information and action plans with other victims.
Continuous Prevention
Best Practices for Secure Private Key Storage
Use hardware wallets (such as Ledger, Trezor) to store high-value assets, ensuring physical security.
Regularly back up mnemonic phrases or private keys, using multi-layer encryption protection and distributed storage.
Avoid storing private keys in cloud services or online devices to reduce the risk of theft.
Asset Diversification Management Strategy
Distinguish between hot wallets (for trading purposes) and cold wallets (for long-term storage).
Allocate assets by purpose, such as independently setting up investment and daily trading wallets.
Regularly check asset distribution to ensure risk is properly diversified.
Security Trading Tool Screening Standards
Investigate the team background, technical strength, and security of the tools or platforms.
Confirm whether the platform has undergone security audits by authoritative institutions and read detailed audit reports.
Pay attention to community feedback to understand user evaluations of the tools and how historical security incidents were handled.
Daily Operation Safety Checklist
Operate in a trusted network environment, avoiding public Wi-Fi.
Regularly update the security software of devices and enable anti-virus and firewall protection.
Treat authorization requests with caution, especially unknown or un audited smart contracts.
Use account monitoring tools, set transaction alerts, and promptly detect abnormal behaviors.
Users are the first line of defense for on-chain assets. Through rapid emergency operations and long-term security practices, users can effectively reduce the security risks of on-chain assets. Although technology and platform protections are continuously upgraded, enhancing security awareness and meticulous operational habits are still the best weapons to avoid becoming the next victim.
V. Advanced Protection: Building a Security Moat for Personal Assets
The security issues of on-chain assets are long-term and complex, especially in the context of frequent security incidents involving trading tools and platforms. To enhance security capabilities, users need to establish a comprehensive 'security moat' from basic hardware to technical configurations. Here is an advanced protection guide tailored for users.
1. Hardware Wallet Usage Guide
Hardware wallets, due to their offline storage nature, have become the best choice for protecting digital assets, but correct usage is the premise for ensuring security.
Purchase genuine hardware wallets
Buy mainstream brands (such as Ledger, Trezor, Onekey) through official channels to avoid counterfeit products.
Avoid using second-hand devices to prevent tampering.
Secure Startup and Initialization
Complete hardware wallet initialization in an offline environment, generate mnemonic phrases, and ensure they are not recorded or leaked by others.
Mnemonic Phrase and Private Key Backup
Record mnemonic phrases on fireproof and waterproof media (such as metal plates or paper) and store them in multiple secure locations, avoiding digital storage.
Daily Use Precautions
Only connect devices in trusted network environments, avoiding public Wi-Fi or insecure devices.
Regularly update device firmware to fix known vulnerabilities.
II. Multisignature Wallet Configuration
Multisignature Wallet (Multi-Sig) is an advanced security tool suitable for high-net-worth asset management, enhancing operational security through multi-party authorization.
Set Multisignature Threshold Value
Determine the authorization threshold for multisignature (e.g., 3/5 or 2/3) to ensure a balance between security and convenience.
Configure Signer Permissions
Clearly define the permissions and responsibilities of each signer to avoid centralized permissions or single points of failure.
Establish Signing Rules
Set differentiated authorization thresholds for different types of transactions (such as asset transfers, smart contract interactions).
Emergency Recovery Plan
Configure backup signers or emergency recovery permissions to ensure that assets are not permanently locked when the main signer is unable to operate.
III. Security Assessment Framework for Trading Tools
When choosing on-chain trading tools or platforms, users should systematically assess their security and credibility.
Code Open Source Degree
Prioritize open-source tools that allow the community to review the code and promptly identify and fix vulnerabilities.
Smart Contract Audit Status
Check whether the tools have undergone security audits by authoritative institutions (such as SlowMist) and read relevant audit reports carefully.
Team Background Investigation
Understand the technical background and past project history of the development team to assess their credibility and professionalism.
Community Activity and User Feedback
Analyze community feedback on the tools and the level of activity, especially focusing on how historical security incidents were handled.
Risk Control Mechanisms
Investigate whether the platform offers risk control measures such as multisignature, transaction anomaly alerts, and whether it has asset insurance mechanisms.
IV. Recommendations for On-chain Security Monitoring Tools
Professional on-chain monitoring tools can help users keep track of asset dynamics in real-time and promptly detect potential threats.
Asset Monitoring Tools
Recommended Tools: DeBank, Zapper
Function: Multi-chain asset balance and transaction record tracking, helping users fully understand their asset status.
Contract Monitoring Tools
Recommended Tools: Tenderly, Defender, Goplus
Function: Real-time detection of the operational status of smart contracts, identifying potential vulnerabilities or abnormal behaviors.
Transaction Monitoring Tools
Recommended Tools: Nansen, Dune Analytics
Function: Analyze on-chain transaction data, track fund flows, and promptly detect abnormal operations.
Risk Warning Tools
Recommended Tools: Forta Network
Function: Provide real-time on-chain risk warnings and attack detection, helping users take protective measures at the first moment.
Users bear ultimate responsibility for the security of their assets. Through hardware wallets, multisignature wallets, and professional security tools, combined with reasonable security assessments and daily protective measures, users can significantly enhance their individual asset risk resistance. In this challenging on-chain world, 'preparation' is the only effective strategy for protecting assets.
VI. Reflection and Outlook
The impact of the DEXX incident is not limited to affected users, but has also sounded the alarm for the entire blockchain industry. It reveals the potential risks in the technical architecture and operational models of on-chain trading tools, while providing profound reflections and directions for improvement for project parties, users, and industry development.
1. Responsibility Boundaries of the Project Party
Project parties play dual roles as technical developers and operators in the on-chain ecosystem, with responsibilities covering security, transparency, and risk management.
Basic Security Responsibilities
Code Security Auditing: Regularly undergo authoritative third-party security audits to ensure the safety of smart contracts and systems.
Vulnerability Reward Program: Attract community and security experts to actively discover vulnerabilities and provide solutions.
Risk Reserve System: Establish a special fund to compensate user losses in security incidents.
Emergency Response Mechanism: Form a professional team to quickly respond to and handle security incidents, reducing the impact.
Information Disclosure Responsibility
Risk Warning Obligation: Clearly inform potential risks and security advice before users authorize or use the platform.
Timeliness of Incident Reporting: After a security incident occurs, promptly disclose the situation to users and provide solutions.
Loss Compensation Plan: Establish clear compensation rules to prevent trust collapse in the later stages of an incident.
Technical Architecture Transparency: Publicly disclose the platform's technical architecture and permission management mechanism, accepting user supervision.
II. KOL Promotion Responsibility Boundaries and Credibility Identification
As an industry opinion leader (KOL), its promotional behavior has a profound impact on user decision-making and trust. Clearly defining its responsibility boundaries and assessing credibility is particularly important.
KOL Responsibility Definition
Due Diligence Obligation: Thoroughly understand the technical background and security of any project before promoting it.
Information Verification Responsibility: Verify whether the promises of the project party align with the actual situation to avoid misleading users.
Disclosure of Conflicts of Interest: Publicly disclose cooperative relationships and commission models with the project party to ensure transparency.
Risk Warning Requirements: Include risk warnings in promotions to guide users to make independent judgments.
Credibility Assessment Indicators
Professional Background: Does the KOL have expertise and industry experience in the blockchain field?
Historical Promotion Record: Are their past promoted projects safe and reliable, and how are user evaluations?
Interest Relevance: Is there an excessive reliance on promotional income that affects objectivity?
Sufficiency of Risk Warning: Are potential risks of the project fully explained with suggestions provided?
III. Awakening User Security Awareness
Users are the final line of defense in the on-chain ecosystem. Enhancing user security awareness is key to preventing asset losses.
Basic Security Awareness
Private Key Security Management: Properly store private keys and mnemonic phrases, avoiding online storage or transmission through insecure channels.
Cautious Authorization Principle: Carefully evaluate smart contract authorization requests and avoid excessive authorization as much as possible.
Asset Diversification Storage: Distribute assets across multiple wallets to reduce the risk of single-point failure.
Risk Control Awareness: Regularly check authorization status, revoke unnecessary permissions, and maintain account security.
Advanced Security Practices
Multisignature Use: Increase the operational threshold for high-value assets through multisignature.
Security Tool Configuration: Use hardware wallets and on-chain monitoring tools to build a comprehensive protection system.
Regular Security Checks: Check wallet status, authorization records, and asset distribution to identify potential risks.
Emergency Plan Preparation: Develop clear emergency plans to act quickly when assets are stolen.
IV. Development Direction of On-chain Trading Tools
Future on-chain trading tools need to achieve comprehensive optimization in technology and operations to regain user trust and drive industry development.
Technical Architecture Optimization
Fine-grained Permission Management: Limit the scope of permission grants to avoid excessive authorization.
Multifactor Authentication Mechanisms: Introduce two-factor authentication or dynamic authorization to enhance operational security.
Intelligent Risk Control Systems: Combine real-time monitoring and automated alerts to promptly detect and handle abnormal behaviors.
Increase Decentralization: Reduce reliance on centralized components to truly achieve asset autonomy.
Improved Security Mechanisms
Introduce Insurance Mechanisms: Provide security guarantees for user assets through insurance products.
Upgrade Risk Control Systems: Utilize AI and big data to build dynamic risk prevention and control mechanisms.
Regular Auditing: Incorporate third-party security audits into the daily operational processes of the project to ensure continuous improvement.
Full-Scene Monitoring: Cover security scenarios both on-chain and off-chain to comprehensively reduce asset risks.
V. The Balance Between Security and Convenience
On-chain trading tools must find a balance between security and user experience to better meet user needs.
Technical Aspects
Simplify Security Operation Processes: Reduce user operation difficulty by optimizing interface design and guidance.
Optimize User Experience: Enhance operational fluency and efficiency without sacrificing security.
Automated Security Checks: Integrate intelligent tools to automatically remind users of potential security risks.
Personalized Risk Control Settings: Allow users to customize risk control rules based on needs.
User Level
Differentiated Security Solutions: Provide tiered security solutions for different users.
Flexible Authorization Mechanism: Support users to quickly adjust authorization scope in different scenarios to meet diverse needs.
Convenient Emergency Handling: Provide one-click authorization revocation and emergency lock features to ensure rapid response to security incidents.
Conclusion
The DEXX incident is not only a security accident but also a profound reflection on the entire industry. It reminds us that technological innovation cannot come at the expense of security. Only by placing the protection of user assets at the core can the industry truly achieve long-term healthy development.
For users, this is a mandatory course to raise security awareness; for project parties, this is an urgent task to improve security mechanisms; for all parties in the industry, this is an opportunity to promote standardization and healthy competition. Only by finding the best balance between innovation and security can on-chain trading tools fulfill their promise of decentralization and create real value for users.
The DEXX incident will become a thing of the past, but the warnings it brings will guide the future. Let us learn from it and jointly promote a safer, more mature, and trustworthy blockchain ecosystem.
About Us
Hotcoin Research, as the core investment research department of Hotcoin, is dedicated to providing detailed and professional analysis for the cryptocurrency market. Our goal is to provide clear market insights and practical operation guides for investors at different levels. Our professional content includes the 'Play to Earn Web3' tutorial series, in-depth analysis of cryptocurrency industry trends, detailed analysis of potential projects, and real-time market observations. Whether you are a novice exploring the crypto field for the first time or a seasoned investor seeking in-depth insights, Hotcoin will be your reliable partner in understanding and seizing market opportunities.
Risk Warning
The cryptocurrency market is highly volatile, and investment itself carries risks. We strongly recommend that investors invest based on a full understanding of these risks and within a strict risk management framework to ensure the safety of funds.
Website: https://www.hotcoin.com/
X: x.com/Hotcoin_Academy
Mail: labs@hotcoin.com
Medium: medium.com/@hotcoinglobalofficial
