Key compromise
The unauthorised exposure of a private key or signing material — the upstream cause of many high-profile crypto theft events.
Causes: phishing, malware, insider exfiltration, supply-chain compromise of a wallet vendor. Mitigations: MPC custody, hardware-isolated signing, principle-of-least-privilege key management, regular key rotation.
Related terms
- MPC (multi-party computation)A cryptographic scheme letting multiple parties compute a signature without any one of them holding the full private key.
- Cold storageCryptographic key storage with no live network connection — the gold standard for long-term reserve safekeeping.
- MultisigA wallet requiring m-of-n signers to authorise a transaction — the dominant operational-control pattern in DeFi.
- ExploitA security failure that lets an attacker drain protocol funds — historically the dominant loss vector in DeFi.