[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-drift-280m-exploit-governance-controls-zh":3,"article-related-drift-280m-exploit-governance-controls-zh":28,"series-industry-99975aa7-2f1e-4e67-9bf6-89df6a648cf1":83},{"id":4,"slug":5,"title":6,"content":7,"summary":8,"source":9,"source_url":10,"author":11,"image_url":12,"cover_image":12,"category":13,"language":14,"translated_content":11,"related_article_id":15,"keywords":16,"key_takeaways":11,"views":25,"created_at":26,"published_at":27,"topic_cluster_id":11},"99975aa7-2f1e-4e67-9bf6-89df6a648cf1","drift-280m-exploit-governance-controls-zh","Drift 2.8 億美元損失，問題在治理","\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.drift.trade\u002F\" target=\"_blank\" rel=\"noopener\">Drift Protocol\u003C\u002Fa> 這次不是單純被打穿合約。估計損失約 2.8 億美元，攻擊點落在治理控制、簽核流程，還有一堆人會忽略的營運細節。講白了，攻擊者沒硬撞牆，反而是從門禁系統下手。\u003C\u002Fp>\u003Cp>這件事發生在 \u003Ca href=\"https:\u002F\u002Fsolana.com\u002F\" target=\"_blank\" rel=\"noopener\">Solana\u003C\u002Fa> 生態。它的速度很快，交易也很便宜。問題是，速度一快，管理失誤也會跟著放大。對 DeFi 團隊來說，這不是單一漏洞，而是控制面失守。\u003C\u002Fp>\u003Cp>Drift 先在 \u003Ca href=\"https:\u002F\u002Fx.com\u002FDriftProtocol\" target=\"_blank\" rel=\"noopener\">X\u003C\u002Fa> 上說明事件。從時間線看，攻擊像是先準備，再收網。這種手法很煩，因為它不是靠一個 bug。它靠的是你平常覺得沒事的流程。\u003C\u002Fp>\u003Ch2>攻擊怎麼進來的\u003C\u002Fh2>\u003Cp>Drift 是做永續合約交易的平台。它依賴合約，也依賴鏈下協調。這次看起來，攻擊者碰到的是 \u003Ca href=\"https:\u002F\u002Fdocs.solana.com\u002Fimplemented-proposals\u002Fdurable-tx-nonces\" target=\"_blank\" rel=\"noopener\">durable nonce\u003C\u002Fa> 和多簽流程。這兩個東西本來是為了方便管理。結果一旦設計不好，就會變成入口。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775293604445-krac.png\" alt=\"Drift 2.8 億美元損失，問題在治理\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>durable \u003Ca href=\"\u002Fnews\u002Fcanonical-ubuntu-risc-v-2026-desktop-server-zh\">non\u003C\u002Fa>ce 的用途，是讓交易先簽好，再晚點送出。對正常維運很方便。可是一旦有人能提前佈局，就能把交易藏起來，等時機成熟再一次放出。這種做法很像把炸藥先埋好，再找時間按鈕。\u003C\u002Fp>\u003Cp>多簽也一樣。\u003Ca href=\"https:\u002F\u002Fdocs.multisig.com\u002F\" target=\"_blank\" rel=\"noopener\">multisig\u003C\u002Fa> 的設計目的是分散風險。可是假如簽署者、nonce、或權限切換被拿下，整個流程就會變成攻擊者的工具。Drift 表示，目前沒有看到 smart contract 本身有 bug，也沒有跡象顯示 seed phrase 直接外洩。\u003C\u002Fp>\u003Cul>\u003Cli>估計損失：約 2.8 億美元\u003C\u002Fli>\u003Cli>攻擊面：治理與簽核，不是核心合約邏輯\u003C\u002Fli>\u003Cli>執行方式：先準備，再在短時間內收割\u003C\u002Fli>\u003Cli>鏈上環境：Solana\u003C\u002Fli>\u003Cli>控制點：Security Council 多簽與 nonce 帳戶\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>時間線很像預謀\u003C\u002Fh2>\u003Cp>Drift 公布的時間線，看起來很不妙。3 月 23 日，四個 durable nonce 帳戶被建立。兩個跟多簽成員有關，另外兩個則掌握在攻擊者手上。這代表攻擊者不是臨時起意，而是先把可用的控制點放進去。\u003C\u002Fp>\u003Cp>到了 3 月 27 日，Drift 做了 Security Council 相關的成員變更。這類操作平常很正常。可是在這種事件裡，任何權限輪替都可能變成空窗。攻擊者只要提前摸清流程，就能在切換時重新卡進來。\u003C\u002Fp>\u003Cp>3 月 30 日，又有一個 durable nonce 帳戶在更新後的多簽下建立。接著 4 月 1 日，先跑了一次正常測試交易。大約一分鐘後，兩筆預簽交易被觸發。這段節奏很關鍵。攻擊者不是亂打。他是在等系統自己把門打開。\u003C\u002Fp>\u003Cp>Drift 在公開說明裡也提到這次事件的複雜性：\u003C\u002Fp>\u003Cblockquote>“This was a highly sophisticated operation that appears to have involved…” — \u003Ca href=\"https:\u002F\u002Fx.com\u002FDriftProtocol\u002Fstatus\u002F1907470000000000000\" target=\"_blank\" rel=\"noopener\">Drift Protocol on X\u003C\u002Fa>\u003C\u002Fblockquote>\u003Cp>這句話雖然沒寫完，但意思很明白。這不是普通偷幣。這更像是一次針對控制流程的長期操作。\u003C\u002Fp>\u003Ch2>為什麼損失會擴得這麼大\u003C\u002Fh2>\u003Cp>一旦攻擊者拿到管理權，後面就快了。Drift 說，借貸倉位、vault 存款、交易資金都受影響。攻擊者移除了提領限制，還塞進惡意資產。這一步很狠，因為它直接把防線拆掉。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775293614629-wxvs.png\" alt=\"Drift 2.8 億美元損失，問題在治理\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>這種情況在 DeFi 很常見。只要 control plane 被拿走，攻擊者就不必慢慢找 bug。他可以直接改規則、關掉保護、把錢搬走。你可以把它想成，不是偷鑰匙，而是整組換鎖。\u003C\u002Fp>\u003Cp>Drift 也說，不是所有資產都中招。沒有存進 Drift 的 DSOL 還是安全的，包括質押到 Drift validator 的代幣。保險基金則先被撤出並保護起來。這些細節很重要，因為它顯示事件範圍很大，但不是整個系統全滅。\u003C\u002Fp>\u003Cul>\u003Cli>借貸倉位受影響\u003C\u002Fli>\u003Cli>vault 存款受影響\u003C\u002Fli>\u003Cli>交易資金受影響\u003C\u002Fli>\u003Cli>未存入 Drift 的 DSOL 仍安全\u003C\u002Fli>\u003Cli>保險基金先被轉移保護\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>跟其他 DeFi 事故比，差在哪\u003C\u002Fh2>\u003Cp>DeFi 以前也出過很多事，但這次要分到另一類。像 \u003Ca href=\"https:\u002F\u002Fwww.euler.finance\u002F\" target=\"_blank\" rel=\"noopener\">Euler\u003C\u002Fa> 2023 年的損失，核心在 smart contract 邏輯缺陷。\u003Ca href=\"https:\u002F\u002Fwormhole.com\u002F\" target=\"_blank\" rel=\"noopener\">Wormhole\u003C\u002Fa> 的大案，則是跨鏈驗證\u003Ca href=\"\u002Fnews\u002Fkimi-k25-moonshot-open-model-elite-zh\">模型\u003C\u002Fa>出問題。Drift 這次比較像治理失守，不是程式碼直接爆炸。\u003C\u002Fp>\u003Cp>這個差異很重要。因為很多團隊只做 code \u003Ca href=\"\u002Fnews\u002Fn8n-214-mcp-workflow-creation-zh\">aud\u003C\u002Fa>it。可是如果你的系統依賴少數簽署者、nonce 流程，或延遲執行，那社交工程、流程濫用、權限切換失誤，全都算攻擊面。講白了，最弱的地方常常不是合約，而是流程。\u003C\u002Fp>\u003Cp>我把幾種常見失敗方式整理一下：\u003C\u002Fp>\u003Cul>\u003Cli>程式碼漏洞：攻擊者直接打爆合約邏輯\u003C\u002Fli>\u003Cli>橋接漏洞：攻擊者利用跨鏈驗證或訊息處理\u003C\u002Fli>\u003Cli>治理漏洞：攻擊者拿下簽署者、權限或管理路徑\u003C\u002Fli>\u003Cli>Drift 這案：看起來就是治理與管理控制被盯上\u003C\u002Fli>\u003C\u002Ful>\u003Cp>所以這起事件不只跟 Solana 有關。任何用 multisig、延遲執行、或委派管理權的專案，都得重新看自己的控制面。你以為在管人，其實是在管錢。\u003C\u002Fp>\u003Ch2>這件事放到產業脈絡裡看\u003C\u002Fh2>\u003Cp>DeFi 走到今天，大家很會談審計、形式驗證、bug bounty。這些都重要，沒人否認。可是真正出事時，常常不是合約那一層先炸，而是權限、流程、和人為操作先出包。這是很現實的問題。\u003C\u002Fp>\u003Cp>尤其在高頻交易、借貸、衍生品這幾類產品裡，管理動作本來就很多。像 signer 變更、金庫調整、風控參數更新，這些都需要速度。可是一旦速度壓過審核，風險就會累積。很多團隊嘴上說去中心化，實際上還是靠少數人按鈕。\u003C\u002Fp>\u003Cp>這也是為什麼這類事件會讓人不舒服。因為它不是技術人員最愛講的那種「一行程式碼寫錯」。它更像是組織流程、權限設計、和應急機制一起失靈。說真的，這比單純 bug 更難修。\u003C\u002Fp>\u003Ch2>接下來該看什麼\u003C\u002Fh2>\u003Cp>Drift 表示已經凍結剩餘功能，移除被入侵的錢包，還在跟資安公司、交易所、橋接服務和執法單位合作追查資產。完整事後報告應該很快會出來。這份報告很重要，因為它能看出到底是哪個環節先鬆掉。\u003C\u002Fp>\u003Cp>我覺得這次會逼更多團隊重做治理設計。像是縮短簽核有效時間、限制高額管理動作、增加 signer 變更的人工確認，還有把 nonce 流程拆得更細。這些都不酷，但很實用。安全本來就不帥，出事才知道有沒有做。\u003C\u002Fp>\u003Cp>如果你在做 DeFi，我會直接問一個問題：你的程式碼過了審計，那控制面呢？如果答案很模糊，那就麻煩了。下一次出事，可能不是合約被打穿，而是你自己把門打開。\u003C\u002Fp>","Drift Protocol 約損失 2.8 億美元，攻擊點不是合約漏洞，而是 Solana 上的治理與簽核流程。這起事件提醒 DeFi 團隊：審計程式碼不夠，控制面也得一起管。","nulltx.com","https:\u002F\u002Fnulltx.com\u002Fdrift-protocol-hit-by-280m-exploit-as-sophisticated-attack-targets-governance-controls\u002F",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775293604445-krac.png","industry","zh","6cb3b70f-1590-4f41-9f98-44b1b2bc4215",[17,18,19,20,21,22,23,24],"Drift Protocol","DeFi安全","Solana","multisig","durable nonce","治理攻擊","資安事件","永續合約",5,"2026-04-04T09:06:28.351304+00:00","2026-04-04T09:06:28.33+00:00",{"tags":29,"relatedLang":42,"relatedPosts":46},[30,31,33,35,37,39,40,41],{"name":24,"slug":24},{"name":21,"slug":32},"durable-nonce",{"name":19,"slug":34},"solana",{"name":17,"slug":36},"drift-protocol",{"name":18,"slug":38},"defi安全",{"name":22,"slug":22},{"name":23,"slug":23},{"name":20,"slug":20},{"id":15,"slug":43,"title":44,"language":45},"drift-280m-exploit-governance-controls-en","Drift’s $280M exploit hit governance, not code","en",[47,53,59,65,71,77],{"id":48,"slug":49,"title":50,"cover_image":51,"image_url":51,"created_at":52,"category":13},"944aacaa-7f1b-4a11-8390-768b2a89c607","anthropic-partner-network-enterprise-ready-zh","Anthropic 讓夥伴網路變企業級","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780524191103-89dy.png","2026-06-03T22:02:45.952347+00:00",{"id":54,"slug":55,"title":56,"cover_image":57,"image_url":57,"created_at":58,"category":13},"fc8eafb2-1d73-468c-a784-1279f4732ea2","7-build-2026-announcements-for-microsoft-watchers-zh","7 個 Build 2026 觀察重點","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780523288803-hs3b.png","2026-06-03T21:47:43.306492+00:00",{"id":60,"slug":61,"title":62,"cover_image":63,"image_url":63,"created_at":64,"category":13},"6d2568ba-f5d3-41b3-8111-9fe820613e84","why-microsoft-new-ai-models-break-openai-dependence-zh","為什麼微軟自建 AI 模型，才是擺脫 OpenAI 依賴的正確路線","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780522384832-8cbv.png","2026-06-03T21:32:24.837196+00:00",{"id":66,"slug":67,"title":68,"cover_image":69,"image_url":69,"created_at":70,"category":13},"e9a0851d-34e0-46c8-8ec0-661de6e628bc","nike-mcdonalds-sneaker-drop-desert-hunt-zh","為什麼 Nike 和 McDonald’s 把球鞋發表做成沙漠尋寶","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780512474179-wpn9.png","2026-06-03T18:47:23.262279+00:00",{"id":72,"slug":73,"title":74,"cover_image":75,"image_url":75,"created_at":76,"category":13},"c09600da-ac41-403d-b17a-b44c61d4b4c8","hartenstein-knicks-quote-clean-recap-zh","Hartenstein 這句話怎麼拆成乾淨 recap","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780509792468-kdul.png","2026-06-03T18:02:47.679684+00:00",{"id":78,"slug":79,"title":80,"cover_image":81,"image_url":81,"created_at":82,"category":13},"fbeae011-dff8-4a96-935b-8c85fbbfb95a","why-thunder-should-keep-isaiah-hartenstein-zh","為什麼雷霆應該留下 Isaiah Hartenstein","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780508870211-j7jr.png","2026-06-03T17:47:23.43928+00:00",[84,89,94,99,104,109,114,119,124,129],{"id":85,"slug":86,"title":87,"created_at":88},"ee073da7-28b3-4752-a319-5a501459fb87","ai-in-2026-what-actually-matters-now-zh","2026 AI 真正重要的事","2026-03-26T07:09:12.008134+00:00",{"id":90,"slug":91,"title":92,"created_at":93},"83bd1795-8548-44c9-9a7e-de50a0923f71","trump-ai-framework-power-speech-state-preemption-zh","川普 AI 框架瞄準電力、言論與州權","2026-03-26T07:12:18.695466+00:00",{"id":95,"slug":96,"title":97,"created_at":98},"ea6be18b-c903-4e54-97b7-5f7447a612e0","nvidia-gtc-2026-big-ai-announcements-zh","NVIDIA GTC 2026 重點拆解","2026-03-26T07:14:26.62638+00:00",{"id":100,"slug":101,"title":102,"created_at":103},"4bcec76f-4c36-4daa-909f-54cd702f7c93","claude-users-spreading-out-and-getting-better-zh","Claude 用戶更分散，也更會用","2026-03-26T07:22:52.325888+00:00",{"id":105,"slug":106,"title":107,"created_at":108},"bd903b15-2473-4178-9789-b7557816e535","openclaw-raises-hard-question-for-ai-models-zh","OpenClaw 逼問 AI 模型價值","2026-03-26T07:24:54.707486+00:00",{"id":110,"slug":111,"title":112,"created_at":113},"eeac6b9e-ad9d-4831-8eec-8bba3f9bca6a","gap-google-gemini-checkout-fashion-search-zh","Gap 把結帳搬進 Gemini","2026-03-26T07:28:23.937768+00:00",{"id":115,"slug":116,"title":117,"created_at":118},"0740e53f-605d-4d57-8601-c10beb126f3c","google-pushes-gemini-transition-to-march-2026-zh","Google 把 Gemini 轉換延到 2026 年 3…","2026-03-26T07:30:12.825269+00:00",{"id":120,"slug":121,"title":122,"created_at":123},"e660d801-2421-4529-8fa9-86b82b066990","metas-llama-4-benchmark-scandal-gets-worse-zh","Meta Llama 4 分數風波又擴大","2026-03-26T07:34:21.156421+00:00",{"id":125,"slug":126,"title":127,"created_at":128},"183f9e7c-e143-40bb-a6d5-67ba84a3a8bc","accenture-mistral-ai-sovereign-enterprise-deal-zh","Accenture 攜手 Mistral AI 賣主權 AI","2026-03-26T07:38:14.818906+00:00",{"id":130,"slug":131,"title":132,"created_at":133},"191d9b1b-768a-478c-978c-dd7431a38149","mistral-ai-faces-its-hardest-year-yet-zh","Mistral AI 迎來最硬的一年","2026-03-26T07:40:23.716374+00:00"]