Prisma Finance陷入僵局：资金失踪，“好撒玛利亚人”黑客要求公众卑躬屈膝

Prisma Finance 声称，继上周发生 1,160 万美元的攻击事件后，未关联账户仍有 54 万美元面临风险。然而，自称“白帽”的黑客要求 Prisma 团队道歉并公开身份，然后才归还资金。

Prisma Finance Impasse: Funds Unrecovered, 'White Hat' Hacker Demands Apology

Prisma 金融陷入僵局：资金未收回，“白帽”黑客要求道歉

Decentralized finance (DeFi) firm Prisma Finance faces an ongoing impasse as it grapples with the aftermath of an exploit that siphoned $11.6 million from its platform. While the company urges users to revoke permissions for an affected smart contract, a self-proclaimed "white hat" hacker responsible for the exploit has withheld the return of funds, demanding an apology and disclosure of the Prisma team's identities.

去中心化金融 (DeFi) 公司 Prisma Finance 面临着持续的僵局，该公司正在努力应对从其平台上窃取 1160 万美元的漏洞的后果。虽然该公司敦促用户撤销受影响智能合约的权限，但一名自称“白帽”的黑客却拒绝返还资金，要求 Prisma 团队道歉并披露其身份。

Unrevoked Smart Contract Permissions Expose Funds

未撤销的智能合约权限会暴露资金

Prisma Finance has identified 14 active accounts that have yet to revoke permissions for the compromised smart contract. Five of these accounts, containing open trove positions totaling over $500,000, remain vulnerable. The largest of these accounts holds $484,380, while the others range from $7,120 to $22,080.

Prisma Finance 已确定 14 个活跃账户尚未撤销受感染智能合约的权限。其中 5 个账户的未平仓头寸总额超过 50 万美元，仍然容易受到攻击。这些账户中最大的账户持有 484,380 美元，其他账户的金额从 7,120 美元到 22,080 美元不等。

'Path Forward' Prioritizes Fund Recovery and Protocol Resumption

“前进之路”优先考虑资金回收和协议恢复

In a recent update, Prisma Finance's core contributor "Frank" outlined the company's "path forward," emphasizing the need to both recover stolen funds and resume protocol operations. However, Frank stressed that the safety of user funds must be ensured first.

在最近的更新中，Prisma Finance 的核心贡献者“Frank”概述了该公司的“前进道路”，强调需要追回被盗资金并恢复协议运营。不过，Frank强调，首先要保证用户资金的安全。

Exploiter Demands Apology and Identity Disclosure

剥削者要求道歉并披露身份

The self-proclaimed white hat hacker has accused Prisma Finance of bad faith and has refused to return the stolen funds until the company makes a public apology. The hacker demands that Prisma hold an online conference where the entire team reveals their identities, apologizes for the exploit, and explains the steps they will take to improve security.

这位自称白帽黑客的人指责 Prisma Finance 不诚实，并拒绝归还被盗资金，直到该公司公开道歉。黑客要求 Prisma 召开在线会议，整个团队在会议上透露自己的身份，为此次攻击道歉，并解释他们将采取的提高安全性的步骤。

Prisma Rejects Demands, Questions Hacker's Intentions

Prisma 拒绝要求，质疑黑客的意图

Prisma Finance has rejected the hacker's demands, arguing that there is no evidence to support their claims of good faith. The company has pointed out that the hacker has yet to return any funds, despite expressing a desire to help rectify the mistake.

Prisma Finance 拒绝了黑客的要求，认为没有证据支持他们的善意主张。该公司指出，尽管黑客表示希望帮助纠正错误，但尚未归还任何资金。

On-Chain Messaging Fuels Dispute

链上消息传递引发争议

The dispute between Prisma Finance and the hacker has escalated in on-chain messaging, with both sides exchanging accusations. The hacker has criticized Prisma's communication and has threatened to distribute the stolen funds if their demands are not met.

Prisma Finance 与黑客之间的链上消息纠纷不断升级，双方互相指责。黑客批评了 Prisma 的沟通方式，并威胁称，如果不满足他们的要求，就会分发被盗资金。

Funds Swapped, Protocol Value Plummets

资金交换，协议价值暴跌

Blockchain security firms Cyvers and Peckshield have reported that the hacker has begun swapping the stolen funds into Ether (ETH). Approximately 200 Ether has been transferred to Tornado Cash, a cryptocurrency mixer that has been sanctioned by the US Office of Foreign Assets Control (OFAC). As a result of the exploit, the total value locked on the Prisma Finance protocol has declined from $220 million to $87 million.

区块链安全公司 Cyvers 和 Peckshield 报告称，黑客已开始将被盗资金兑换成以太坊 (ETH)。大约 200 以太币已被转移到 Tornado Cash，这是一种受到美国外国资产控制办公室 (OFAC) 批准的加密货币混合器。由于该漏洞，Prisma Finance 协议锁定的总价值已从 2.2 亿美元下降至 8700 万美元。

Ethical Hacking and Negotiating with Hackers

道德黑客攻击以及与黑客谈判

The Prisma Finance exploit raises questions about the ethical implications of hacking and the wisdom of negotiating with hackers. Some experts believe that engaging with hackers can encourage further attacks and undermine the security of decentralized systems. Others argue that negotiation can be a valuable tool for recovering stolen funds and mitigating the damage caused by exploits.

Prisma Finance 漏洞引发了人们对黑客行为的道德影响以及与黑客谈判是否明智的质疑。一些专家认为，与黑客接触可能会鼓励进一步的攻击并破坏去中心化系统的安全性。其他人则认为，谈判可以成为追回被盗资金和减轻漏洞造成的损害的宝贵工具。

Conclusion

结论

The standoff between Prisma Finance and the self-proclaimed white hat hacker continues, leaving the fate of the stolen funds and the future of the protocol in limbo. The incident highlights the challenges faced by DeFi projects in the face of exploits and raises important questions about the ethical considerations and best practices in the rapidly evolving world of decentralized finance.

Prisma Finance 和自称白帽黑客之间的对峙仍在继续，被盗资金的命运和协议的未来仍悬而未决。该事件凸显了 DeFi 项目在面临漏洞利用时所面临的挑战，并提出了有关快速发展的去中心化金融世界中的道德考虑和最佳实践的重要问题。