On The Brink with Castle Island - Pluto (Harbor) on the fate of DeFi after KelpDAO (EP.717)
Episode Date: April 27, 2026Pluto is a veteran of DeFi and cross chain systems, with prior stints at Thorchain and Airswap, now building Harbor, a native asset DEX. In this episode, we talk about the KelpDAO exploit and how DeFi... can regain people's trust. Nic sits down with him to discuss: What exactly happened with the KelpDAO/ Aave hack? Will new AI models make hackers more proficient? Is advanced AI a defensive or offensive technology for smart contracts? Why protocol exposures are often not on chain Why DeFi might want to segregate execution from settlement Is it possible to have instant settlement and proactive monitoring Do we have anything to learn from DeFi What could Aave have done different? Where did LayerZero go wrong? Can DeFi work if there are occasional freezes and seizures? Pluto's reflections on Thorchain What Thorchain did right Arbitrum's questionable precedent What Pluto is building with Harbor Where does DeFi go from here? Learn more about Harbor and follow Pluto on X
Transcript
Discussion (0)
All right. I'm sitting down with Pluto. Pluto worked on one of the very first decks is AirSwap
and then worked at Nine Realms, which was a Thor chain development company and then is now working
on something new called Harbor, which we'll talk about. But the purpose of today's conversation
is do a little post-mortem on the Kelp Dow hack, all of the unhinged nonsense that went around
there. And then I think really, you know, a lot of people are having this kind of come to Jesus moment
with Defi where there's a lot of soul searching and we're wondering, is there a point to still
doing Defi? A lot of people are worried about the exposure surface of Defi, whether it's safe in its
current form. You know, it looks like this hack was actually sort of like an old-fashioned one.
It wasn't even a necessarily sort of smart contract exploit. But mythos coming out. I don't know
if we're worried about that. People are worried. Long-time DeFi people that I know are wondering,
Are we getting paid for the risks that we're taking, putting cash into defy?
So I think we're going to cover all that anyway.
If you want to add anything to your introduction, please.
No, I think that about covered it.
It's been a very interesting long journey.
But I'd just say like, yeah, my expertise is in crypto infrastructure and specifically cross-chain,
which I feel like some of the vectors in this particular exploit kind of touched on with, you know,
the involvement of, you know, layer zero's bridge and DV.
ends and basically cross-chain bridging specifically.
Yeah, I mean, I think you actually have a fantastic sort of resume when it comes to sort of like
diagnosing these problems.
And, you know, it's cool that there's at least one person that's still optimistic about
this space and still building it.
It's nice to see.
All right.
So Kelpedow.
I'd never heard of Kelpdow.
I always kind of like vaguely thought restaking was a bad idea, but without knowing specifically
why.
all these layered derivatives give me the hebi-gibis.
And actually what happened reminds me a lot of the reserve mutual, the money market mutual fund
breaking the buck around the time of when it was full of layman commercial paper.
And this thing that everyone thought was meant to trade at one, was starting to not trade at one,
but there are a lot of other financial products that assumed that it would always trade at one.
And when it started not be worth one, all held.
broke loose and in that case, you know, is bailed out. So we don't have that in crypto. So do you want to
kind of summarize what happened here, the sort of like very complex interplay between these
protocols and what happened last week? Yeah, absolutely. So I'll start by saying that, you know,
I'm not an expert on Avey in particular. Avey just happened to be part of the blast radius of this
particular attack. But one of the reasons why people want to exploit bridges is because there
value on one chain and you can possibly use that bridge to then mint or unlock value on a different
chain. So in this particular case, what the attackers were really after was ETH or RS ETH on
Ethereum Mainnet where the actual AVE markets lived where all of this TVL that they could access
and drain using this inflated collateral or this minted collateral out of thin air.
And so the way that they were able to do that was by effectively exploiting the
the OFT, which is basically a boundary, a cross-chain boundary bridge between two chains.
And in this case, it's an implementation provided by layer zero.
But the infrastructure can actually be run by anyone.
And so I think that's kind of where this gets a little bit tricky or complicated
and where sort of finger-pointing comes into play is that sometimes the infrastructure
is run by a consortium of, you know, layer zero and potentially
you know, the foundation team and maybe potentially other teams involved as well. And that would be
a proper DVN, which is essentially stands for decentralized validator network. So you should have
these sort of many parties that are all like watching the transactions on the source chain
and attesting them so that the destination chain properly unlocks the value. For example,
like I'll just give you a short explanation of how like a transaction like this
would occur. If you have a token, just call them OFT tokens, and you want to send them from
Ethereum to Arbitrum, the 100 tokens on Ethereum would get burned or locked by the OFT implementation,
and then a layer zero packet would get emitted on Arbitrum, and then you'd have the DVNs,
all these DVNs, which are basically attesting that the payload hash was in fact correct,
and then after the threshold verification, whether that's one of one or three of three,
or hopefully many, many of many, the destination executes and the hundred is minted and released
on the destination chain, which in this case it was the opposite way they were trying to lock
value which was not actually held on Arbitrum and they effectively spoofed a packet saying
that Arbitrum received 116,000, you know, R.S. Eath and now you're clear to go ahead and release
that to this address on Mainted Ethereum. So that was basically the cruxed.
of the whole hack was basically a spoofing attack and we can get into how they actually did that.
And how was it monetized in the end?
It was monetized in the end by using that 116,000 RSE on the Ethereum main net side to basically
open loans and use as collateral to then withdraw other assets through AVE markets.
So this is actually not an uncomp.
I feel like we've seen many hacks like this in the past, right, specifically focusing on
these kind of cross-chain bridges or like portals. Yeah, it's a combination of getting the bridge
to then spoof a very, very large amount of value on a different chain and then using that chain
the different liquidity sources where in this case, the lending market for RS-Eth was the main
liquidity source. If there was a large uniswap pool for RS-Eath to Eth, for example,
they would have just swapped that spoofed RS-Eth to Eth and then bridge that out to Bitcoin
via any other platform, which you can probably know where this is going. But yeah, we can talk
about that later. And I mean, this is only going to get worse. I mean, it's not like these hacks
are going to get any less sophisticated. I mean, like any idiot now can sort of launch an elementary
style fishing or so like presumably the really sophisticated guys are just going to get better.
Yeah, definitely. And all that that requires is that we get.
get better as builders of infrastructure. And that's why every time I see these, like, you know,
arguments explode, you know, you can probably see some tweets between some prominent figures in
the crypto community going back and forth at each other, pointing blame at, you know, bridges like
Thorchain for quote unquote laundering the funds. These are all downstream of the actual
attacks occurring. And I'm not interested in pointing fingers or even speculating who is the ultimate
beneficiary of these attacks, like, that's not the point.
We need to build better infrastructure and not have one-of-one DVNs that are governing, you know,
the ability to move value that quickly.
And then, you know, aside from that, like, how do we eliminate the blast radius on other
defy protocols like AVE?
AVEA should not be accepting deposits that are that large from brand new addresses without
those being flagged.
Like, you know, if it's true that, you know, mythos was leaked and someone potentially used that, which I've also seen people speculating about this on X, like if Mithos was leaked and that was how this happened, it's like, yeah, crypto can or AI can potentially be the destroyer of crypto, but it could also potentially be the protector as well. And we just need to level up faster than our adversaries are. And, and, you know, if we're feeling downtrodden right now because, you know, we're really facing like,
the music of defy in general potentially being at risk here.
To me, it's just a, it's just a wake up call that we need to double down on our efforts
on securing this infrastructure.
Yes, I want to get into this one of one situation, but before that, I want to take a detour
to AI. So, you know, technology isn't necessarily neutral in terms of sort of like the attack
defense situation, you know, so like some technologies favor the attacker and some favor the
defender, right? I think Vitalik talks about this a lot. So like cryptography is a good defensive
technology. Landmines are defensive. But like drones as we see them are actually I think defensive too
frankly. If you look at how warfare is developing now, it's actually kind of like
asymmetric and favoring the less powerful nation. Right. AI has everyone spooked, you know,
the White House kind of, I think, dragged a bunch of trad-fi institutions and it's
about mythos recently. So what is your assessment? Do you think sophisticated AI is favors the attacker or the
defender in the context of Defy? I still think that the models flattened to a commodity over the long
run and just that the harness the harnesses are really good and that Anthropic has a ton or AOPO
Open AI has a ton of compute power. But I I don't see it being I see it being likely.
that people will be able to use open source models to defy to devise the same caliber of attacks
as as we're seeing today. So I really don't see like certain nation states having an advantage
over others that are purely due to model dominance or even compute. Yeah. But in terms of the war
between like hackers and smart contract developers do you think because obviously you can use
AI defensively like you can do AI based audits do you think that we're in this kind of
transitionary state where you know we have put a bunch of smart contracts on chain that
probably have implicit bugs that no one's ever thought of before maybe an AI is going to find
those and you know eventually with time the stuff that's deployed it does become
hardened, thanks to AI. And I don't know if it's even possible to kind of reach a bugless state.
But that's kind of how I think about it. Like for now, it's going to be, we're going to have a bad
time over the next six months, maybe. But eventually, you know, we'll be able to actually adapt
and have very hard and smart contracts out there. Yeah. I mean, I think that all of the smart
contracts that are live in production and are securing any meaningful amount of TVL, if there was a
potential exploit and it was purely on like the, you know, contract level exploit, it would have,
it would have happened by now. So it's actually like the, the Alve smart contract is rock solid in
my belief. There is no model that's going to find some something in it. I don't think that
hasn't already been looked over. And that's why we're seeing this class of, of defy exploits
move from smart contracts and pure composability, you know, flash loan and then manipulate the
Oracle price by changing, you know, by pushing the balances in this pool, you know, we're not
going to really probably see as many of those because they've already been reasoned through,
but we are going to see more and more infrastructure and social engineering because that,
I don't think has gotten penetrated by the, but it hasn't been addressed by AI properly.
yet. So we don't really have these AI empowered infrastructure defense. And they haven't built these
sort of like proof of reserve Oracle, AI-based guardian networks that are constantly kind of
argument that each other about the potency or legitimacy of a transaction to affect harm. And then
writing that on chain, like I can, we just haven't built the, the defenses into the infrastructure yet.
Yeah, it seems to me, and I'm an investor in this company,
FILACs is one example.
They kind of do sort of like trying to understand the intent of a transaction
and actually trying to make an assessment as to whether that transaction is malicious
or legitimate before it hits the chain, which I think is maybe the end state of this.
Absolutely.
Yeah, because I guess I don't think we actually as an industry can,
coordinate to be responsive to react fast enough before the funds go.
Yeah.
And it's like it's almost like there's very specific boundaries of actions where you kind
of do want to gate things a little bit more.
Right.
Like we want to enable value to be communicated as quickly as possible.
But like any time when it is about to leave the boundary, you want to just like spend
a little bit extra time because it's important that our.
orders match at sub-microsecond in like HFT, but it's not important that the actual funds settle
between institutions and TradFi in sub-microsecond, right? That takes longer. It takes hours, if not
days. There's reasons for that. There's circuit breakers. There's people on both sides checking.
There's middle offices. Like everything that TradFi has built in terms of circuit breakers,
we're just speed running, relearning those things in crypto.
Yeah, and I don't see any irony in that. I think it's fine.
I know people like Matt Levine make fun of us constantly for rebuilding Tradfi.
Whatever.
We can rebuild whatever we want.
If there's good lessons to be taken from Tradfi, we should take them.
But I think this is one of the ironies of cryptos.
The things we really value is composability, atomicity, and kind of final settlement.
And TradFi very explicitly deferred settlement.
And people complain about deferred settlement, but the reason for that is safety.
But the other irony is like, okay, obviously.
has how many employees? I don't know, 20. And people are always saying, well, Avae's managing tens of
billions of dollars with only a handful employees. That's amazing. But also, that's because
the Tradfai equivalent would have like a bunch of compliance people. Right. Looking at every
transaction. So it's a blessing and a curse. Yeah, I think it is wrong to say that crypto shouldn't
take learnings from Tradfi. We absolutely should. But the end state will be.
that we're going to be able to offer the same primitives as Trad V, but for much cheaper.
And that's really all that will make this industry competitive at the end of the day is,
can we provide a valuable service for cheaper than someone else is providing it today?
And if you have fewer people and you have more machines and you have a more,
you have a more programmable way of doing it, that is going to ultimately win out.
So, yeah, I see no reason with taking cues from our predecessors.
Yeah, and I think you're right.
The soft points in the armor are the social layer, the infrastructure of the firms themselves
that are running the validators.
I mean, you saw this with the by-bit hack, of course.
And it's hard to, you know, imagine what all those attacks would look like.
And I guess there are best practices emerging, but that's the tricky part.
I think that's what we'll continue to see issues.
So on that topic, how, I know we don't know for sure, but how, what were the issues here
specifically and how might that have been potentially addressed?
Well, I would like to at least touch on how that could have been addressed at the AVE level
quickly.
You know, I think AVE is not without fault here.
They did have, you know, one of their key risk teams walk out earlier this month.
That was Chaos Labs and Omer Goldberg did a very, very good post on X, which I'll send to you,
basically explaining a lot of the things that we could have added in terms of sanity checks and circuit breakers.
But, you know, my question is like, okay, well, if you knew about all these things that we should have added,
like, why weren't they added while you were working on the project?
So it's like we kind of know what we need to do, but it's almost like a behemoth,
AVE already is so entrenched and, you know, has this perception of being fortress and rock
solid that there is an apprehension to even change those things and to introduce new things
or to upgrade the smart contracts to then take these sort of third-party signals into account.
So I'm almost wondering if this isn't like a great reset where like, yeah, Avey paved the way.
but like they've been in the you know they've been in the in the hot seat for years now and maybe
maybe they're not maybe that tvL you know 15 billion plus in tvL that's capital flight from
AVE maybe it never returns and you know maybe it goes to a different protocol that actually
does build these things in from the ground floor I think this is why this is shocking to a lot of
people because AVE really was understood is like the gold standard in DFI but even they weren't
fully impenetrable. Now, on the layer zero front, what's the diagnosis?
So layer zero is very interesting. You know, they, they provide at the end of the day,
it's just a messaging service. So they're not actually like really doing like cross-chain swaps,
like Thorchain would, for example, where you're sending Ethan on one side and getting BTC out on
the other side. They're locking assets or burning assets on one side and then attesting to them
on the other side and minting them. So bridging is always something that I have just kind of been
opposed to, but I understand why it needs to exist. You can't just have swaps because swaps imply
trading fees, potentially in an AMM there's going to be slippage. There needs to be either always
on liquidity or passive liquidity. So it's just, it is important that this industry
does have bridges where you can put one of one thing in one side and get one out on the other side.
So I think something like, you know, layer zero wormhole very much need to exist.
But I do think that certain implementations of it are better than others.
For example, you know, wormhole's approach works well.
They have the 13 of 19 guardians, each running their own full nodes.
But that's very expensive.
And wormhole doesn't potentially want to support all of these new,
chains that pop up and layer zero provides an out-of-the-box solution for them.
They say, look, we're just the messaging protocol.
We have this stack that you can deploy if you want to create a bridge between our new
chain or our new asset and arbitram or Ethereum.
And so what ends up happening in practice is that people just follow the guide.
They follow the quick start.
And that's kind of like the crux of the issue here between layer zero saying, well, yeah,
we just provided you with this default stack and you are the ones that chose to use it in a one-of-one.
And then Kelpdow is like, yeah, but you guys told us that was okay or that was safe.
And there's no real accountability there.
It's like people need to realize that infrastructure is expensive and having multiple people
all running the infrastructure and attesting to it in this sort of consensus-based network is complex.
But that's ultimately how it has to be done in order to secure these.
assets. So I think the real breakdown here was, you know, not necessarily that Kelpdow ran a
one-of-one between Arbitrum and Eith Mainnet, but it's that Avae allowed it to be a collateral
asset without properly vetting the bridge risk of the one-of-one. I mean, it seems like you need this
sort of diligence waterfall where Avey understands they're exposed to these derivatives that might
be improperly secured, layer zero should do more to look at how their infrastructure has been
deployed by the kelpdows of the world. And you kind of need a diligence flow through all the way
to this sort of issuer. Exactly. Yeah. And another problem exists is that, you know,
layer zero is not really just a messaging protocol. Now they are kind of becoming an issuer as well.
So if you look at like UST-Zero, which is basically the sort of enshrined or native USD-T bridge between chains, there's like this legacy mesh they call where Ethereum is preserved as the root backing chain.
And so for some of like the more legacy integrations, that is the case like Tron and Solana.
USDT was issued on Ethereum and then it's effectively bridged over to Tron.
but this value is still locked on Ethereum.
But in the new native flow, which is like a lion's share of these assets where USDT is being issued on different chains like Arbitrum, Optimism, Mega-Eath, Hyper-EvM, plasma, like Tempo even.
Layer Zero is the actual issuer there.
There is no canonical USDT that's been issued on those chains.
chains, it's actually been issued essentially by layer zero.
And so that actually creates a dependency risk where now those chains or even USDT as an issuer
or tether as an issuer can't really swap it out easily to be becoming their own issue
or running their own infrastructure to do issuance on those chains because now that flavor
of USDT is being used in all of these DFI primitives.
So now layer zero issued USDT on tempo, for example, is being sent around.
It's hard to recall that now and change who the issuer is.
So I think this incident creates a lot of issues and exposure for organizations like Tether.
Yeah, so I've seen kind of a splintering of opinions post this hack.
I mean, you have this argument between the very colorful TAY of Microsoft.
crypto and, you know, Gabe Shapiro. And, you know, some of the defy natives are like, well,
there's no point to defy if we're just constantly freezing transactions post hoc. And if
Arbitrum is stepping in to freeze collateral and, you know, if the stable coins are aggressively
freezing. And then there's kind of the pragmatis, I guess, uh, which you're saying, well,
no one's going to trust this if we let the DR, DPRK or others plunder it constantly to the
tune of hundreds of millions per week.
Where do you kind of shake out on this?
One of the issues that I took with, you know,
working at Thorchain was not necessarily that there was bad actors using the chain.
I mean, that is inevitable regardless of what chain you're interacting on.
If you build something that is truly decentralized and permissionless,
bad actors will use it for that exact reason.
Does that mean we shouldn't make our system?
decentralized and permissionless? No. But at the same time, I do understand the argument that you
should do everything that you can to prevent it and make it more difficult for those people,
bad actors, for example, to use those primitives. Now, the whole question of, you know,
should we do censorship? It's like, no, make your network so decentralized that you
you physically can't, like don't have one of ones or three of fives because then those are just
individuals at the end of the day who live within jurisdictions and are governed by laws and can be
compelled to do things. If you don't want the outcome to be that people can seize assets,
then make your network actually decentralized. And I think that that is something that,
you know, Thorchain, for better or for worse, actually did. And now there's been all,
people will say there has been admin keys and founders had admin keys.
They could have done.
I'm not saying that Thorstein was a model of decentralization or that they had the correct
governance or, you know, they definitely did not help themselves in their case by, you know,
having their co-founders spout off on X and publicly engage in these sort of unproductive
arguments online. But for better or for worse, the end state of Thorchain was that it is censorship
resistant. And I think it is possible to build and to get to that point. Yeah, it's such an
interesting debate because there's a sense of, well, maybe we should bite the bullet and actually
make this decentralized infrastructure. It does mean that bad actors will use it. But you don't want to
be constantly tempted to step into the flow and alter transactions. So you kind of want to acknowledge
that, yeah, there's always going to be this kind of shadow hang over it. The government's always going to
be harassing you a little bit. But if you truly don't have control, then maybe that's the better
outcome. And it's just a matter of hardening your infrastructure. So you don't have as many hacks.
And then you don't have this constant demand to step in. I think, I think if anything, this,
does not bode well for like arbitram, for example, because even before this incident,
I didn't really understand the L2 thesis.
You know, my co-founder, I talk about this all the time, like proof of work, scaling on
Ethereum, it's worked well enough that it still costs less than one cent to send any amount
of USDT, right, in normal gas times.
So if I can spend less than one set in gas fees to send any amount of value on Ethereum,
what's the purpose of, you know, something like arbitrum in the first place, like that offers
decentralized scaling for Ethereum. It's like, no, either use the full corporate chain tempo or use
Ethereum mainnet. I don't really see the reason for having arbitram anymore. And I think that
after this specific event, they're neither here nor there. So why use it? Yeah, that's, I think a lot
of people are having that same thought. Like maybe we're going to get a barbell effect where people
default back to kind of base layer,
Eith, and then maybe it is a corporate chain
as the overlay.
Yeah.
So Thorchain has also been in the discussion here.
It seems like it always is your ex-thor chain.
What do you make of kind of its current state
and its model in terms of decentralization?
Yeah, I mean, I think like, yeah,
well, full disclosure, I did fork Thorchain.
I am working on competitors of Thorchain,
and I believe I'm going to do it better than Thorchian.
chain. So, I mean, take my words with a grain of salt. But the one thing I will give them credit for
is having the sort of staunch pro decentralization and doing cross-chain infrastructure correct.
Like, it is a 67 of 100 effectively multi-signage, threshold signature cryptography. The first of its kind.
I mean, it was a truly first, you know, first mover into.
to Bitcoin to Ethereum swaps.
You couldn't do that.
So it's like it's critical infrastructure that was designed correctly from the beginning
where every validator is running their own RPC full node.
So they weren't going to QuickNode or block Damon.
And you wouldn't have had.
I mean, if Thorchain was the DVN for these bridges,
you wouldn't have been able to spoof or do an eclipse attack on its RPC infrastructure,
because you would have had to compromise the infrastructure of at least two-thirds of those validators.
And that's 67 of them.
In an ideal world, those are 67 different individuals all running the infrastructure
in different cloud configurations, bare metal all across the world.
So it really was like the correct design, whether you want to talk cross-chain swaps or even potentially bridges.
Like that's the future we need to get to.
layer zero could potentially pivot to becoming a more of like a validator-based network where everyone
is observing all of the bridge transactions on every chain and attesting them.
They could learn something from that.
So, you know, I think Thorne Chain very much was a trailblazer, and I really enjoyed and
learned a lot during my time there.
But at the same time, like, there were things that just caused me constant heartburn about how, you know,
certain people decided to design the protocol, shorting BTC with the lending protocol, and
constantly just picking fights on X. It had a time and a place, but when it came to like becoming
a service provider for swaps for the majority of legitimate in-wallet retail users,
that did not lend us any credibility necessarily.
So your own project Harbor, I know, kind of in stealth mode still.
But just tell me a little bit about kind of the design principles that inspired you as you started to build that.
Yeah.
Well, I think one of the major design principles is effectively to segregate the base layer or the validator network that's actually witnessing transactions on those source chains and then attesting them into the blockchain.
and then basically making a general abstraction, which we call subnets, that allow multiple different,
you can call them subnets or layer twos or whatever, but you can basically have the base network,
which is only responsible for custodying the L1 assets, and then those are being credited
to networks that can have their own validators set.
So for example, our first subnet is our exchange, which is a limit order book, and that can
be a one of one, it can be a one of five, it can effectively be its own network that's sort
of cordoned off from the other users who are utilizing the base layer network. I mean, I think
that's just like sort of a risk boundary that allows people to build new applications and
then progressively decentralize them as their user base requires. So it's a unique design
that draws heavily on Thorchain and its original design. But,
I think we're going to be able to service the burgeoning market of cross-chain swaps better because of the order book design.
This week, it seems like we're at a low point in defy sentiment. I think it's maybe the worst that I've ever seen it.
What's your level of optimism around the sector? I just think continuing to invest in crypto infrastructure and investing in security of crypto infrastructure, you know, using these aligned AI agents to build,
consensus-based networks that will flag suspicious transactions for either Dow intervention or
additional review. It's only going to, you know, people will just bristle at the idea of human
intervention. We're not never going to mature as an industry if we don't have some form of
oversight. We cannot be just allowing $290 million worth of an asset minted in one go and then
instantly, you know, deposited into a new address. Like, we have to just do better. So I think,
you know, the, the crux of, like, AI and crypto is actually, like, in infrastructure and in,
in, in just leveling that up in general. But I'm still bullish and still building in crypto,
you know, because of this, like, because I think AI and crypto are complementary. And I feel like
we're just scratching the surface of what the industry can be. And like I said, the protocols
of yesterday might not exist tomorrow, but in their place new protocols will merge. We'll learn
from our past mistakes and we'll usher in the real future of finance. You know, I think about
correspondent banking as an analogy to bridging, right? Because the same challenge, right? Like,
I'm trying to send a wire to Indonesia that goes through New York. And then they, you know,
acknowledge the receipt of the funds.
They make sure that the funds actually got there,
and then they sent it over to one of their partner banks in Hong Kong,
and then they do the same thing,
and then they send it to some local bank in Indonesia.
So we clearly have a way that this actually does work.
So it's clearly possible,
although, of course, we always complain about how long it takes a send of wire,
you know, across the world.
So I don't think this is an intractable problem, you know,
this concept of verifying inbound funds and then releasing funds on the outbound side.
Yeah, exactly.
We just need better designs.
We need better engineering.
We need better security.
And, you know, we need people to, I mean, I think this might be the event that really
causes people to reevaluate and to do more defense in depth and to do, like you were saying,
this sort of waterfall audit of the full risk chain.
And we can't think of these sort of systems as being siloed and easily composable.
They are interconnected for better or for worse.
And so we need more of a holistic approach to risk evaluation.
Well, Pluto, thank you for clearing this up for me.
I'll be honest.
I didn't know what the hell was going on.
So this has been very elucidating.
I appreciate you joining us.
Yeah, thanks for giving me an opportunity.
Happy to have these conversations anytime you want.
