From Cold Wallets to Hot Crises: How Major Failures Trigger Turbulence and How Investors Can Be Anti-Fragile?

Less than two days after the theft of over $1.4 billion from Bybit, the financial payment platform Infini in Hong Kong was again hacked for nearly $50 million.

The series of theft incidents have implicated a deeper issue: the lack of unified security standards and consensus in the blockchain industry. Both exchanges and project parties often build their protective systems based on their own understanding rather than following common best practices. For example, Bybit did not set up a secondary review mechanism for cold wallet operations, and Safe did not strictly isolate development permissions, providing hackers with opportunities due to these human oversights.

Moreover, asset custody, insurance mechanisms, and security audits have yet to form systematic norms within the industry. Historically, from Mt. Gox to multiple theft incidents at Binance, it has shown that despite technological advancements, the ability to systematically counter hackers has improved only marginally. The root cause lies in the fragmented regulatory environment, which makes it difficult to unify investor protection and security standards, leading to varying security levels across platforms. In this situation, the concentration of massive assets in a few protocols or platforms has instead become a primary target for hackers.

As a responsible asset management institution, in light of the consecutive large-scale hacking incidents at Bybit and Infini, we firmly believe that security and compliance are not only the primary guarantees for institutional operations but also the highest priority for protecting client assets. These incidents sound an alarm for the entire industry and also provide investors with an opportunity to readjust their strategies.

In a turbulent market environment, we advise investors to shift from “passive panic” to “active anti-fragility,” responding to uncertainty with a more resilient mindset. Here are specific recommendations based on our years of experience and professional insights.

When selecting an investment platform, compliance and transparency are basic thresholds, but they are far from sufficient to cope with the increasingly complex risk environment. We recommend that investors deeply assess the professionalism of the platform’s team and its industry reputation, as these are often key indicators of long-term reliability. A team with rich financial backgrounds, technical expertise, and crisis response capabilities can demonstrate stronger adaptability and responsibility in critical moments. For example, as an asset management institution, we comprehensively evaluate potential strategy partners, including but not limited to reserve proofs, audit reports, and past crisis response situations, to ensure that every asset entrusted by clients can withstand the test of time. Investors can also adopt this standard, choosing platforms that demonstrate accountability in crises and maintain transparency in compliance.

Technical vulnerabilities and human negligence are core lessons from this hacking incident, reminding investors to proactively enhance their self-security awareness rather than relying entirely on platform promises. While cold wallets are not a panacea, they remain an effective tool for personal asset protection. Regularly checking permission settings and avoiding links from unknown sources can significantly reduce the risk of being attacked. At the same time, diversifying investments is an effective strategy to guard against single points of failure. We recommend that investors allocate assets across various platforms (such as centralized exchanges, DeFi protocols, and hardware wallets) and diversify across regions and asset classes.

Finally, let's return to the topic of the industry. Although market sentiment is low in the short term due to hacking incidents and external macro factors, we believe that crises often serve as catalysts for industry self-repair and upgrading. Strengthened regulation, innovations in security technology, and the proliferation of decentralized solutions will bring long-term benefits to compliant platforms and projects. Investors can take advantage of market panic to prudently allocate assets, seeking investments that offer the best match of stability and returns.

Our investment strategy always revolves around this principle, aiming to achieve optimal risk-return performance in a turbulent market. We integrate macroeconomic trends, emerging technologies, and regulatory policies to formulate flexible multi-strategy asset management solutions, striving to capture excess returns for clients amid turmoil. At the same time, we prioritize security and compliance as the baseline for all investment decisions, ensuring that every return we generate can withstand the test of risk.

Drawing on Nassim Taleb's concept of "anti-fragility," we encourage investors to view crises as opportunities to optimize strategies rather than mere threats. For example, building positions in quality assets during extreme market panic or choosing relatively stable quantitative arbitrage strategies can help investors avoid losses in the short term and gain an advantage when the industry recovers. In this process of adapting to market changes and maintaining a positive attitude, we believe that investors can not only navigate the turbulence but also emerge stronger and achieve greater investment goals.