机构投资者正在深入数字资产。但是随着空间中更多的钱，安全风险增长

了解机构投资的链和链核审核有助于投资者保护资产，符合法规并避免欺诈。

The world of cryptocurrency has seen a massive influx of institutional investors, especially in 2025, marking a turning point in the integration of digital assets into the mainstream financial landscape. As this integration deepens, the importance of both on-chain and off-chain audits cannot be overstated.

加密货币世界已经大量涌入了机构投资者，尤其是在2025年，这标志着数字资产集成到主流金融景观中的转折点。随着这种整合的加深，链上和链审计的重要性都不能被夸大。

These audits serve as a fundamental safeguard, ensuring that the institutions engaging in crypto investments are equipped to navigate the unique landscape of digital assets, protect their assets, and meet the regulatory requirements imposed upon them.

这些审核是一种基本的保护措施，确保从事加密投资的机构有能力浏览数字资产的独特景观，保护其资产并满足对它们施加的监管要求。

Institutions, in comparison to individual investors, typically handle significantly larger sums of money. This difference in scale is crucial. While individual investors might be able to stomach a smaller-scale error in judgment, a single mistake by an institution could have devastating consequences, potentially wiping out billions of dollars in an instant.

与个别投资者相比，机构通常处理更大的金钱。这种规模差异至关重要。尽管个人投资者可能能够在判断中遇到较小规模的错误，但机构的一个错误可能会带来毁灭性的后果，并有可能立即消除数十亿美元。

Institutions are also subject to a higher level of scrutiny, especially in terms of compliance with anti-money laundering (AML) regulations. This scrutiny is even more intense when an institution is operating in a less-regulated domain like crypto, making it imperative that they demonstrate adherence to the law.

机构还受到更高的审查，尤其是在遵守反洗钱（AML）法规方面。当一个机构在像加密货币这样受监管的领域较低的领域运作时，这种审查更加严格，这使得他们必须表现出遵守法律的遵守。

The Structure of On-Chain and Off-Chain Audits

链和链审核的结构

On-chain audits concentrate on examining blockchain-based systems. They involve scanning transactions and smart contracts for any anomalies or signs of malicious activity. These audits are performed by professionals certified in cryptocurrency, such as the Certified Cryptocurrency Auditor™ (CCA), attesting to the solidity of the investment platforms and ensuring they adhere to the strictest compliance measures.

链上审核集中于检查基于区块链的系统。它们涉及扫描交易和智能合约，以了解任何异常或恶意活动的迹象。这些审核是由经过加密货币认证的专业人员进行的，例如认证的加密货币审核员™（CCA），证明了投资平台的稳固性，并确保他们遵守最严格的合规措施。

Without these certifications and specialized knowledge, institutions could be exposing themselves to vulnerabilities that could be easily detected by a professional with the right expertise.

没有这些证书和专业知识，机构可能会使自己面临具有正确专业知识的专业人员可以轻松检测的漏洞。

In the realm of on-chain audits, the focus is on three key pillars:

在链上审核的领域中，重点是三个关键支柱：

* **Security:** Detecting any vulnerabilities in smart contracts or instances of funds being stolen from wallets.

***安全：**检测智能合约中的任何漏洞或资金实例被钱包偷走。

* **Compliance:** Assessing whether the crypto company is adhering to AML regulations and other legal frameworks.

***合规性：**评估加密公司是否遵守AML法规和其他法律框架。

* **Trust:** Examining the reputation of the crypto firm and the level of confidence investors have in its activities.

***信任：**研究加密公司的声誉以及投资者对其活动的信心水平。

The Importance of On-Chain Audits

链上审核的重要性

The need for on-chain audits is becoming increasingly urgent as North Korean hackers, in particular, have targeted crypto platforms with an alarming frequency. In 2024 alone, these hackers managed to steal $1.34 billion from crypto platforms, a figure that represents 61% of all the funds stolen from such platforms throughout the year.

随着朝鲜黑客尤其是针对令人震惊的频率的加密平台，对链上审计的需求变得越来越紧迫。仅在2024年，这些黑客就可以从加密货币平台上窃取13.4亿美元，这一数字占全年从此类平台中偷来的所有资金的61％。

A significant portion of these stolen funds were due to vulnerabilities in smart contracts, a factor that on-chain audits are uniquely positioned to highlight and rectify.

这些被盗的资金中很大一部分是由于智能合约中的脆弱性，这是链上审核的独特位置以突出和纠正的因素。

In contrast to on-chain audits which focus on blockchain-based systems, off-chain audits delve into systems external to the blockchain. This includes examining exchanges, the status of hot and cold wallets, and an institution’s internal security policies.

与关注基于区块链的系统的链上审核相反，链审核深入研究区块链外部的系统。这包括检查交流，冷藏钱包的状况以及机构的内部安全政策。

Despite the growing awareness of on-chain security, these other areas are just as vulnerable, if not more so, than blockchain-based systems. For instance, a recent case involved Bitfinex being hacked, with the stolen Bitcoin taking years to track due to a lack of continuous monitoring and rapid reporting after the initial theft.

尽管对链上安全性的认识越来越大，但其他领域与基于区块链的系统一样脆弱，甚至更多。例如，最近的一个案件涉及黑客攻击，由于缺乏持续的监测和初次盗窃后的持续监控和快速报告，被盗的比特币需要数年的时间进行跟踪。

Finally, after persistent efforts by chain analytics firm Chainalysis, in cooperation with Bitfinex and a professional services firm, a significant portion of the stolen funds were recovered.

最后，在与Bitfinex和一家专业服务公司合作的连锁分析公司链链分析的持续努力之后，收回了大部分被盗资金。

By 2025, the recovered Bitcoin from the Bitfinex hack alone amounted to approximately $3.6 billion, showcasing the potential scale of the losses that can be prevented with continuous off-chain auditing.

到2025年，仅Bitfinex黑客攻击的比特币总计约36亿美元，展示了通过连续的脱链审计可以预防的损失的潜在规模。

The Role of Crypto Forensics

加密法证的作用

In both on-chain and off-chain audits, crypto forensics plays a crucial role. Using advanced analysis tools, crypto forensics can track suspicious activity, a capability that is becoming increasingly important as institutions, especially those in decentralized finance (DeFi), are engaging in new financial instruments and platforms.

在链和链审计中，加密法证都起着至关重要的作用。使用高级分析工具，加密法证可以跟踪可疑活动，这一能力越来越重要，因为机构，尤其是那些从事分散财务的机构（DEFI），正在从事新的金融工具和平台。

A striking example is the recent case of Celsius Network, a DeFi lending firm that went bankrupt in mid-2022. Before the collapse, executives at Celsius secretly moved over $300 million in Bitcoin to an exchange, intending to deceive investors and regulators with falsified reports.

一个惊人的例子是最近的塞尔斯网络（Celius Network）的案例，塞尔斯（Celsius Network）是一家在2022年中期破产的贷款公司。在崩溃之前，塞尔西乌斯的高管秘密地将超过3亿美元的比特币转移到了交易所，打算用伪造的报告欺骗投资者和监管机构。

However, crypto forensic tools managed to expose these transactions, leading to criminal charges against the executives for siphoning funds from investors and lying to both customers and regulators. This case vividly illustrates how forensic audits can protect investors from fraud and deception, especially in the less-regulated realm of DeFi.

但是，加密法证工具设法揭露了这些交易，导致对高管的刑事指控，要求投资者向客户和监管机构撒谎。这个案件生动地说明了法医审计如何保护投资者免受欺诈和欺骗的侵害，尤其是在不受限制的DEFI领域。

Institutions, especially in the West, are keenly aware of the need to balance transparency with customer privacy. This tension is particularly relevant in the context of anti-money laundering (AML) regulations.

机构，尤其是在西方的机构，敏锐地意识到需要在透明度与客户隐私之间取得平衡。在反洗钱（AML）法规的背景下，这种张力尤其重要。

Institutions need to be able to demonstrate compliance with these regulations, but they also value the privacy of their customers' financial data. To navigate this balance, a promising technology is Zero-Knowledge Proofs (ZKPs).

机构需要能够证明遵守这些法规，但它们也重视客户财务数据的隐私。为了导致这种平衡，有希望的技术是零知识证明（ZKP）。

ZKPs allow institutions to prove financial transactions meet AML standards without revealing any personal or private details about the customer or the nature of the

ZKP允许机构证明金融交易符合AML标准，而无需透露有关客户或性质的任何个人或私人详细信息