Preventable Cyber Attack Impacts Io.net

As a researcher who has closely followed the developments in Decentralized Public Infrastructure Networks (DePINs), I cannot help but be disheartened by the recent cyber attack on io.net and the ensuing postponement of their $IO token launch. The vulnerability of traditional DePIN systems to such attacks is a sobering reminder of the need for more robust security measures.


As a crypto investor, I’ve been following the developments at io.net with great interest. Last Thursday, the company suffered a cyber attack, and they assured us that this unfortunate incident wouldn’t delay their plans for launching their $IO token. However, I’ve just learned that they’ve decided to postpone the token launch. According to their CEO Ahmad Shadid’s tweet, it could take around two weeks before they can get back on track.

In the cyber attack on the decentralized computing project io.net, which runs on the Solana platform, over one and a half million deceptive graphics processing units (GPUs) were employed to mimic authentic GPUs’ signals, deceiving the network into accepting them as legitimate. Consequently, incentives intended for genuine servers were spent on counterfeit ones, disseminating false information about the actual quantity of machines in the network. This distressing incident serves as a stark reminder of the weaknesses inherent in traditional Decentralized Public Infrastructure Networks (DePINs). Although io.net’s particular structure amplified its susceptibility to such an attack, this occurrence highlights the broader security concerns that plague DePIN systems overall.

As a security analyst, I’ve come across the issue of protecting against fake servers in networks, which can be a significant threat to data security. One company that anticipated this challenge is Super Protocol, a Web3 cloud computing solution and an active NVIDIA partner. We, at Super Protocol, employ Trusted Execution Environments (TEEs) as part of our strategy. TEEs are secure computational environments built into CPUs or GPUs that separate code execution and data processing from the rest of the device. These environments are not replicable due to their embedded unextractable private keys.

Self-sovereign computing is the future of DePIN. 

How Private Keys work 

As a cryptanalysis expert, I’d explain it this way: Private keys are produced through random or pseudorandom processes using cryptography tools, ensuring a complex and entropic value that thwarts hacking attempts. The Trusted Execution Environment (TEE) is manufactured with the private key integrated inside it via hardware root of trust technology. This key gets programmed into the TEE’s one-time programmable memory (like eFuses in mobile devices). Once embedded, the key remains immutable and cannot be altered, extracted, or duplicated, even after a device reset.

As an analyst, I’d emphasize that the essential aspect lies in keeping the private key confined within the Trusted Execution Environment (TEE). The public key, authenticated by the Certificate Authority (CA) via their private key, gets distributed and exchanged. However, it is crucial to note that the sensitive private key always stays hidden within the TEE. This setup ensures that code execution in the shielded environment remains insulated from external influences.

As a crypto investor, I can tell you that The Ethereum Name Service (TEES) serve as a secure haven in the turbulent and dangerous waters of Web3. With their robust fortifications, they provide protection from potential predators and ensure peace of mind for those navigating this digital landscape.

How Private Keys are manufactured

Factories manufacture processors with inherent dark currents and various unpredictable parameters. In the designated region for Trusted Execution Environment (TEE) programming, a function retrieves these parameters to produce a random number. Following this operation, the connection is secured to prevent extracting the private key, which would be ineffective without dismantling the chip into constituent parts, an action that not only jeopardizes the key but also damages the parameters, rendering it impossible.

What’s next

The future of DePIN lies in self-governing computing. Super Protocol is progressively building Web3 Cloud solutions featuring verified computations controlled by smart contracts and a marketplace for AI services and data suppliers, in addition to multi-party collaborative data processing. A potential spin-off under discussion with multiple DePINs involves the creation of Super Domain technology. This innovation aims to merge computational networks by partitioning them into nodes managed by Super Domains.

Read More

Sorry. No data so far.

2024-05-06 17:30