Blast Mainnet is about to launch: In-depth analysis of the opportunities and risks behind the TVL breaking 2 billion.

robot
Abstract generation in progress

The Blast Mainnet is about to go live, analyzing its security risks and potential opportunities.

Recently, Blast has once again become the market focus. With the conclusion of its "Big Bang" developer competition, its total locked value (TVL) continues to rise, breaking through the 2 billion dollar mark and occupying an important position in the Layer2 track.

Meanwhile, Blast announced that it will launch its Mainnet on February 29, attracting widespread attention. Although the "airdrop expectations" have drawn a large number of participants, the expansion of the ecosystem has also brought various projects and corresponding security risks. This article will delve into the strong start of Blast and explore the security risks and potential opportunities behind its soaring TVL.

Blast Development History

Blast was launched by Pacman on November 21, 2023, quickly attracting widespread attention in the crypto community. Within 48 hours of going live, the network TVL reached $570 million, attracting over 50,000 users.

Last year, Blast secured $20 million in funding from major investors like Paradigm and Standard Crypto. Subsequently, the Japanese cryptocurrency investment company CGV added an investment of $5 million.

As of February 25, data shows that the Blast contract address currently holds a total asset value of over $2 billion, including $1.8 billion in ETH deposited in the Lido protocol and over $160 million in DAI deposited in the MakerDAO protocol, highlighting its market popularity.

Blast Mainnet launch is imminent, analyzing the security risks and potential opportunities from a technical perspective

Reasons for the Blast

The uniqueness of Blast lies in its provision of native yield rates for ETH and stablecoins, a feature not found in other Layer 2 solutions. When users transfer ETH into Blast, it will deposit it into Lido for yield generation and introduce a new yield-generating stablecoin USDB (which gains returns by purchasing U.S. Treasury bonds through MakerDAO) into the network.

In addition, as a Layer 2 launched by the Blur team, Blast has built-in traffic advantages. Blur previously distributed over $200 million in airdrops to platform users, accumulating a broad community foundation. Blast is currently conducting airdrop incentives, attracting users to participate in staking through a traffic fission marketing strategy.

Blast Mainnet launch is imminent, a technical analysis of its security risks and potential opportunities

Blast Security Risks

Since its launch, Blast has faced criticism and skepticism. On November 23, 2023, Jarrod Watts, a developer relations engineer at Polygon Labs, pointed out that Blast's centralization could pose serious security risks to users. He also questioned Blast's claim to be a Layer 2 network, arguing that it does not meet L2 standards and lacks features such as transactions, bridging, Rollup, or sending transaction data to Ethereum.

Through the analysis of the Blast Deposit contract code, we have identified the following main risk points:

1. Centralization Risk

The key enableTransition function of the Blast Deposit contract can only be called by the contract admin address. This function takes the mainnetBridge contract address as a parameter, and the mainnetBridge contract can access all staked ETH and DAI.

In addition, the Blast Deposit contract can be upgraded at any time through the upgradeTo function. Although this is primarily used to fix contract vulnerabilities, there are also potential risks. In contrast, Polygon zkEVM has a more robust approach to contract upgrades, where modifications to the contract in non-emergency situations typically require a 10-day delay and must be decided by a protocol council consisting of 13 members.

Blast Mainnet launch is imminent, a technical analysis of its existing security risks and potential opportunities

2. Multi-signature dispute

The permissions for the Blast Deposit contract are controlled by a Gnosis Safe 3/5 multisig wallet. These 5 signing addresses were all created 3 months ago and their identities are unknown. Since the entire contract is essentially a custodial contract protected by the multisig wallet, rather than a Rollup bridge, Blast has faced scrutiny from the community and developers.

Blast acknowledged these security risks and stated that it will use multiple hardware wallets for management to mitigate centralized risks. However, Blast has not disclosed detailed information on whether wallet management can effectively avoid centralization and phishing attacks, as well as whether there are robust management processes in place.

On February 19th, the Blast team updated the Deposit contract, mainly adding the Predeploys contract and introducing the IERC20Permit interface to prepare for the Mainnet launch.

Blast Mainnet launch is imminent, a technical analysis of its existing security risks and potential opportunities

Blast Ecological Risks

On February 25, the monitoring platform detected that the GambleFi project Risk in the Blast ecosystem allegedly experienced a Rug Pull, resulting in a loss of approximately 500 ETH. The official social media account of the project is no longer available.

Multiple investors shared their personal loss experiences. Some investors indicated that they initially viewed RiskOnBlast as a promising investment opportunity, but the subsequent unlimited public financing raised doubts about the GameFi project.

Monitoring shows that most of the stolen funds from the Risk project have been transferred to different exchanges, and a small portion of the funds has been cross-chain transferred to Arbitrum and Cosmos.

Blast Mainnet上线在即,技术层面解析其存在的安全隐患与潜在机会

Blast Mainnet launch is imminent, a technical analysis of its existing security risks and potential opportunities

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 4
  • Share
Comment
0/400
PretendingSeriousvip
· 9h ago
TVL surpassing 2 billion is indeed absurd.
View OriginalReply0
GateUser-4745f9cevip
· 9h ago
Finally, the Mainnet is online.
View OriginalReply0
LiquidityWizardvip
· 10h ago
statistically speaking, 73% chance of a rugpull here...
Reply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)