The SEC has dropped its cases against Uniswap, Coinbase, and Robinhood’s crypto unit, marking a shift in its approach to crypto regulation. For years, the SEC has claimed that many crypto tokens are unregistered securities and that platforms offering them operate as illegal exchanges. These legal battles have drained companies of millions in legal fees and stifled innovation in the industry.
Uniswap was under investigation for potentially running an unregistered securities exchange, with questions about whether its governance token, UNI, qualified as a security. Coinbase faced a lawsuit that sought to regulate it like a traditional stock exchange. Robinhood’s crypto unit was also under scrutiny. Now, all three cases have been dropped, allowing these companies to focus on growth rather than fighting bureaucratic overreach.
The SEC justifies its existence by claiming to protect investors, but its actions often do more harm than good (famously failing to prevent the Bernie Madoff Ponzi scheme despite multiple warnings).
In traditional finance, companies issuing stocks must register with the SEC and provide disclosures. The SEC has attempted to force these same rules onto crypto, ignoring the technology’s decentralized nature. Their enforcement-first approach has created uncertainty while failing to curb actual fraud.
The reality is that crypto doesn’t need the SEC’s heavy-handed intervention. Markets function best when individuals are free to assess risk and make their own decisions. The dismissal of these cases is a win for innovation, but as long as regulators continue their attempts to control decentralized networks, the fight isn’t over.
Mid 🤝
Largest Theft In History
The recent ByBit hack, orchestrated by North Korea’s Lazarus Group, is now officially the largest theft in history, surpassing even Saddam Hussein’s infamous 2003 bank heist, where he stole nearly $1 billion. This time, the hackers made off with a staggering $1.46 billion in crypto assets.
While the full attack vector is still under investigation, a clearer picture is emerging. The breach originated from a compromised machine belonging to a Safe{Wallet} developer. With access to this machine, the attackers deployed a malicious JavaScript payload directly into Safe{Wallet}’s productionAWS S3 bucket, a critical infrastructure component serving frontend resources.
From there, all they had to do was wait. When ByBit’s signers initiated their next cold wallet transaction, the compromised UI detected the event and swapped the legitimate transaction with a fraudulent one. Because the signers trusted Safe{Wallet}’s hosted interface, the malicious transaction was unknowingly approved and executed.
Diagram showing a simplified overview of the attack
The implications extend far beyond ByBit. Safe{Wallet}’s UI is widely used across the crypto industry, meaning many other companies could have been at risk. This incident underscores the severe risks of supply chain attacks and the dangers of relying too heavily on third-party software, especially for high-value transactions.
Where do we go from here? If even Safe{Wallet}’s UI isn’t safe to use, what alternatives do users have? I won’t overstate it, but this is a serious concern. At the end of the day, you must always know what you’re signing. Relying on local transaction building and triple-checking the calldata before signing should be heavily encouraged. Because in the end, how much paranoia is too much when you’re securing wallets holding over $1 billion?
1. While writing your Solidity, use the --watch flag with forge build. This will save you a lot of time recompiling: forge build --watch
Foundry auto compiles when you make changes to your source code.
2. Ever wanted to quickly make docs that you can host for your Foundry project? Run forge doc --serve --port 4000 then go to http://localhost:4000 to see some pretty professional looking docs.
See you next Thursday!
Got thoughts on this week’s newsletter? Reply to this email or DM me. I’d love to hear from you!
Disclaimer: The views and opinions expressed in this newsletter are my own and do not reflect those of my employer or any affiliated organizations. Nothing in this publication constitutes financial, legal, or investment advice.
Blaine Malone
Join '3 Thoughts Thursday', the weekly crypto newsletter.
This weeks newsletter is slightly later than normal. Better late than never! EIP-7702 continued... Last week, I explored how EIP-7702 enables sponsored transactions, a long-awaited Ethereum feature. This week, I’m continuing that exploration, now from the Foundry side. Foundry recently introduced new cheatcodes that make it much easier to experiment with EIP-7702: signDelegation - Sign an EIP-7702 authorization for delegation attachDelegation - Designate the next call as an EIP-7702...
⛽ 7702 Gas Sponsorship Over the weekend I explored EIP-7702 by writing a minimal implementation that stripped transaction creation back to its fundamentals. While Viem does a great job abstracting the low-level details, I wanted to understand exactly what was happening under the hood. You can check out the code here. What did I learn? Once delegated, the code is fixed at the EOA unless it's explicitly re-delegated (requires re-signing auth list entry). Type 4 transactions include an...
Live Streaming This week I tried out a different format: I went live. Finding the time to record well-scripted videos is tough when you have a full-time job, so I wanted to dip my toes into the streaming ecosystem. To start, I went live on Twitter. The first stream was simple. I wasn’t on camera myself. I streamed a video of my Pectra countdown timer, which I had vibe-coded earlier in the week. malone @blainemalone the wait is nearly over... https://x.com/i/broadcasts/1PlKQMZwlnNKE x.com...
