Bybit
$1.43BA fake signing screen got signers to approve a hidden transaction.
Signers verify the real transaction on clear-signing hardware, so a swapped screen is caught.
OpSec failures cost 6× more than code exploits: $4.8B+ stolen since 2024 through key compromise, social engineering, and insider access.
Real incidents below, mapped to the DARC controls that would have stopped them.
A fake signing screen got signers to approve a hidden transaction.
Signers verify the real transaction on clear-signing hardware, so a swapped screen is caught.
A fake meeting compromised a staff device and exposed internal hot-wallet keys.
Training on the fake-meeting vector plus segregated keys and a rehearsed compromise protocol kept the damage capped.
Poisoned infrastructure behind the bridge's single verifier approved a fake message.
A cross-chain risk check flags a single-verifier bridge before you adopt it.
A long social-engineering con got council members to pre-sign an admin handover.
Signers verify what a transaction really does, so a disguised handover is refused.
One company controlled a 5-of-9 validator set, reached via a fake job offer.
No single entity can meet the threshold, so one breach can't move funds.
The registrar's nameserver was compromised, hijacking DNS to a cloned frontend that inserted a malicious approval.
MFA on registrar and DNS blocks the common account takeover and the domain stays a monitored asset, though a breach inside the registrar sits beyond any customer's control.
DARC connects to your infrastructure and keeps you measured against a battle-tested operational security baseline, continuously. The platform does the work: it tracks your controls, flags drift the moment it happens, and pushes new protections as threats evolve. The standard underneath it sets the bar; the platform makes sure you stay above it.
DARC is not a one-time check. Through the platform, your code repository, cloud infra, DNS, multisig wallets, and more, are monitored every day. Continuous by default, wherever possible.
When the threat landscape shifts, controls are added or updated for every subscriber. We see incidents across the industry firsthand. That intelligence becomes a control update before most teams have even heard of the attack.
Every DARC plan includes a team portal. Security travels down to every team member, with their own controls and scope-specific training.
Onboarding a new employee? Get them to your security baseline from day one, controls assigned, training queued, contracts ready to sign.
Each team member sees their own controls and exactly what's expected of them. No more buried, stagnant security policies that nobody reads.
Modules on the most common crypto-native attack vectors, recruiting scams, wallet drainers, clipboard swaps, fake meeting links.
Ready-to-sign templates drafted to satisfy DARC controls, NDAs, security policies, acceptable use, and key holder agreements.
The Security Alliance
Every control in the DARC framework was written and reviewed by Wonderland and SEAL practitioners with hands-on incident experience.
SEAL is one of the leading security organizations in digital assets. Their emergency response team has protected billions in on-chain assets across the industry's largest incidents.
DARC Pro and Enterprise also grant your team the SEAL certification. Two certifications, one process.
Each domain below is a way digital-asset teams actually get compromised, and the controls that close it. The platform measures you against all of them, continuously. The full catalog is open and public.
No one owns security until something breaks.
A named owner, plain-language policy, and clean on/offboarding. Accountability in place before the incident, not after.
One leaked key is the whole treasury.
Encrypted storage, tested recovery, rotation schedules, and a written compromise protocol, ready before you need it.
A multisig is only as strong as its sleepiest signer.
Hardware wallets, independent verification per transaction, simulation, and a quorum you can actually reach in an emergency.
The contractor who left in March can still log in.
MFA everywhere, least privilege, quarterly reviews, and 24-hour offboarding. No orphaned credentials, no shared logins.
Attackers don't exploit your code. They commit to it.
Branch protection, signed commits, secret scanning, and review gates on everything between dev and production.
Audited once. Changed twelve times since.
Audit coverage that tracks reality, verified bytecode, timelocks, pause mechanisms, and re-audit triggers.
Hour one of a hack is not the time to write the plan.
Playbooks, contacts, and rehearsed drills, so your worst day runs on preparation, not improvisation.
Millions moved on the strength of a Slack message.
Verified payment flows, spend limits, and separation of duties on everything that touches funds.
The exploit was visible on-chain before anyone looked.
Continuous monitoring and alerting on the contracts, wallets, and privileged operations that matter.
You're one npm install away from compromise.
Pinned dependencies, vetted vendors, and controls over all the code you didn't write.
The contracts were fine. The DNS wasn't.
Registrar locks, DNSSEC, and frontend integrity checks on the front door attackers actually use.
A seed phrase in a desk drawer.
Locked storage, clean-desk rules, controlled signing areas, and a verified hardware supply chain.
A continuous adversarial testing service combining AI and human red teams. We simulate real-world attacks against your organization on an ongoing basis to identify weaknesses before threat actors do. Available as an add-on to any DARC plan.
Every incident on this page was preventable. See where your team stands before someone else checks.