Josh Dmuchowski (jchow)

Josh Dmuchowski

New to Warpcast | Hacken.io | Focused on US Security Policy for Web3 and Institutional Adoption | Emerging Tech | Capital Markets

5 Followers

Recent casts

$2B lost in Q1 with multi-sig and access controls continuing to dominate the narrative, for now. Multi-sig best practices from Hacken.io: * Human Readable Signatures - adopt EIP-712 typed data signatures * Hardware Wallets - use wallets that can display and verify EIP-712 messages * Minimize Contract Logic - use purpose-built multi-sig contracts with minimal code supporting only essential operations (e.g., native and ERC-20 transfers) and avoid unnecessary features like generic delegate calls. * Off-chain Security Perimeter - web interfaces, SDKs, and other tools used to interact with multi-sigs should be part of the security perimeter. Implement safeguards such as JavaScript pinning and integrity checks. * Establish Policy and Monitoring - on-chain logic with off-chain internal controls, anomaly detection, monitor signer activity, along with reoccurring signer education and review. Q1 Security Report - https://hacken.io/insights/q1-2025-security-report/

  • 0 replies
  • 0 recasts
  • 0 reactions

https://x.com/bradmillscan/status/1890761055258726548?s=46&t=UR5t5yvHialGDKevCvUfdA

  • 0 replies
  • 0 recasts
  • 1 reaction

Top casts

$2.9 Billion in Web3 Hacks in 2024 - Hacken Security 2024 was a pivotal year for Web3 security, with losses exceeding $2.9 billion across DeFi, CeFi, gaming, and metaverse platforms. Access control vulnerabilities surged, accounting for 75% of all crypto hacks, while phishing scams led to $600M in damages. Yet, there’s hope—DeFi losses dropped by 40%, and bridge exploits hit an all-time low. Download the full report here - https://hacken.io/insights/2024-security-report/ To learn more about Hacken products, services, and partnership opportunities, grab some time on my calendar or TG at @chow2015 - https://calendly.com/j-dmuchowski-hacken/30min

  • 0 replies
  • 0 recasts
  • 1 reaction

https://x.com/bradmillscan/status/1890761055258726548?s=46&t=UR5t5yvHialGDKevCvUfdA

  • 0 replies
  • 0 recasts
  • 1 reaction

Mix of both. 1) Major custodial platforms should be highly regulated and surveilled to ensure assets are safe, insured, and account holders have legal recourse if operators do bad things (i.e, large % of your portfolio, normie adoption, etc). Native Security Model for public chains, degeners, and frontier innovation and investing.

  • 0 replies
  • 0 recasts
  • 1 reaction

Onchain profile

Ethereum addresses