Prisma Finance陷入僵局：資金失踪，「好撒瑪利亞人」駭客要求公眾卑躬屈膝

Prisma Finance 聲稱，繼上週發生 1,160 萬美元的攻擊事件後，未關聯帳戶仍有 54 萬美元面臨風險。然而，自稱「白帽」的駭客要求 Prisma 團隊道歉並公開身份，然後才歸還資金。

Prisma Finance Impasse: Funds Unrecovered, 'White Hat' Hacker Demands Apology

Prisma 金融陷入僵局：資金未收回，「白帽」駭客要求道歉

Decentralized finance (DeFi) firm Prisma Finance faces an ongoing impasse as it grapples with the aftermath of an exploit that siphoned $11.6 million from its platform. While the company urges users to revoke permissions for an affected smart contract, a self-proclaimed "white hat" hacker responsible for the exploit has withheld the return of funds, demanding an apology and disclosure of the Prisma team's identities.

去中心化金融 (DeFi) 公司 Prisma Finance 面臨著持續的僵局，該公司正在努力應對從其平台上竊取 1,160 萬美元的漏洞的後果。雖然該公司敦促用戶撤銷受影響智能合約的權限，但一名自稱「白帽」的駭客拒絕返還資金，要求 Prisma 團隊道歉並披露其身分。

Unrevoked Smart Contract Permissions Expose Funds

未撤銷的智能合約權限將暴露資金

Prisma Finance has identified 14 active accounts that have yet to revoke permissions for the compromised smart contract. Five of these accounts, containing open trove positions totaling over $500,000, remain vulnerable. The largest of these accounts holds $484,380, while the others range from $7,120 to $22,080.

Prisma Finance 已確定 14 個活躍帳戶尚未撤銷受感染智能合約的權限。其中 5 個帳戶的未平倉部位總額超過 50 萬美元，仍然容易受到攻擊。這些帳戶中最大的帳戶持有 484,380 美元，其他帳戶的金額從 7,120 美元到 22,080 美元不等。

'Path Forward' Prioritizes Fund Recovery and Protocol Resumption

「前進之路」優先考慮資金回收和協議恢復

In a recent update, Prisma Finance's core contributor "Frank" outlined the company's "path forward," emphasizing the need to both recover stolen funds and resume protocol operations. However, Frank stressed that the safety of user funds must be ensured first.

在最近的更新中，Prisma Finance 的核心貢獻者“Frank”概述了該公司的“前進道路”，強調需要追回被盜資金並恢復協議運營。不過，Frank強調，首先要確保用戶資金的安全。

Exploiter Demands Apology and Identity Disclosure

剝削者要求道歉並披露身份

The self-proclaimed white hat hacker has accused Prisma Finance of bad faith and has refused to return the stolen funds until the company makes a public apology. The hacker demands that Prisma hold an online conference where the entire team reveals their identities, apologizes for the exploit, and explains the steps they will take to improve security.

這位自稱白帽駭客的人指責 Prisma Finance 不誠實，並拒絕歸還被盜資金，直到該公司公開道歉。駭客要求 Prisma 召開線上會議，整個團隊在會議上透露自己的身份，為此攻擊道歉，並解釋他們將採取的提高安全性的步驟。

Prisma Rejects Demands, Questions Hacker's Intentions

Prisma 拒絕要求，質疑駭客的意圖

Prisma Finance has rejected the hacker's demands, arguing that there is no evidence to support their claims of good faith. The company has pointed out that the hacker has yet to return any funds, despite expressing a desire to help rectify the mistake.

Prisma Finance 拒絕了駭客的要求，認為沒有證據支持他們的善意主張。該公司指出，儘管駭客表示希望幫助糾正錯誤，但尚未歸還任何資金。

On-Chain Messaging Fuels Dispute

鏈上訊息傳遞引發爭議

The dispute between Prisma Finance and the hacker has escalated in on-chain messaging, with both sides exchanging accusations. The hacker has criticized Prisma's communication and has threatened to distribute the stolen funds if their demands are not met.

Prisma Finance 與駭客之間的鏈上訊息糾紛不斷升級，雙方互相指責。駭客批評了 Prisma 的溝通方式，並威脅稱，如果不滿足他們的要求，就會分發被盜資金。

Funds Swapped, Protocol Value Plummets

資金交換，協議價值暴跌

Blockchain security firms Cyvers and Peckshield have reported that the hacker has begun swapping the stolen funds into Ether (ETH). Approximately 200 Ether has been transferred to Tornado Cash, a cryptocurrency mixer that has been sanctioned by the US Office of Foreign Assets Control (OFAC). As a result of the exploit, the total value locked on the Prisma Finance protocol has declined from $220 million to $87 million.

區塊鏈安全公司 Cyvers 和 Peckshield 報告稱，駭客已開始將被盜資金兌換成以太坊 (ETH)。大約 200 以太幣已被轉移到 Tornado Cash，這是一種受到美國外國資產控制辦公室 (OFAC) 批准的加密貨幣混合器。由於漏洞，Prisma Finance 協議鎖定的總價值已從 2.2 億美元下降至 8,700 萬美元。

Ethical Hacking and Negotiating with Hackers

道德駭客攻擊以及與駭客談判

The Prisma Finance exploit raises questions about the ethical implications of hacking and the wisdom of negotiating with hackers. Some experts believe that engaging with hackers can encourage further attacks and undermine the security of decentralized systems. Others argue that negotiation can be a valuable tool for recovering stolen funds and mitigating the damage caused by exploits.

Prisma Finance 漏洞引發了人們對駭客行為的道德影響以及與駭客談判是否明智的質疑。一些專家認為，與駭客接觸可能會鼓勵進一步的攻擊並破壞去中心化系統的安全性。其他人則認為，談判可以成為追回被盜資金和減輕漏洞造成的損害的寶貴工具。

Conclusion

結論

The standoff between Prisma Finance and the self-proclaimed white hat hacker continues, leaving the fate of the stolen funds and the future of the protocol in limbo. The incident highlights the challenges faced by DeFi projects in the face of exploits and raises important questions about the ethical considerations and best practices in the rapidly evolving world of decentralized finance.

Prisma Finance 和自稱白帽駭客之間的對峙仍在繼續，被盜資金的命運和協議的未來仍懸而未決。這起事件凸顯了 DeFi 計畫在面臨漏洞時所面臨的挑戰，並提出了有關快速發展的去中心化金融世界中的道德考量和最佳實踐的重要問題。