Merlin, a decentralized exchange (DEX) on Ethereum (ETH) layer-2 protocol zkSync, confirmed it was exploited despite being audited by smart-contract auditor CertiK.
CertiK said its initial investigations into the hack showed that it was a potential private key management issue rather than an exploit as the root cause. The blockchain security firm noted that it highlighted the “centralization risk” under “Decentralization Efforts” in its audit of the firm. CertiK added that “audits cannot prevent private key issues.”
Despite CertiK’s explanations, some crypto community members have questioned the validity of the audits performed by the firm. CertiK is one of the biggest names in the blockchain security business.
Some KOK claims the percentage of projects audited by CertiK but later exploited is much higher than other audit firms. However, there are no statistics on the number of exploits on projects audited by different firms up to now.
TokenInsight is dedicated to covering the most important and cutting-edge trends in the world of crypto. If you have information to share with us, please feel free to contact our email news@tokeninsight.com. Your trust will be well respected.
Security Incidents
