library

Bitget officially launched the AI trading strategy workflow layer GetAgent Playbook, marking the first time the Agent Harness framework is available to users. Users can select, preview, configure, and launch AI trading strategies from the Agent Playbook strategy library without having to write prompts themselves, all running in an isolated sub-account with auditable operations and transparent processes. Currently, this feature is available to GetAgent Plus and Pro users.Bitget CEO Gracy Chen stated that AI trading is evolving from Q&A to workflows, with prompt configuration being the biggest source of complexity. The Playbook allows users to easily transform trading ideas into Agent runnable and adjustable strategies through a ready-to-use strategy library (Agent Playbook).As of now, Bitget's AI trading tools have attracted over 1 million users, with a cumulative trading volume exceeding $1.2 billion. The Agent Hub covers 9 major modules and 57 tools, supporting read-only mode, simulated trading environments, and Agent exclusive sub-accounts, completely isolating agent operational permissions from the main account, and integrating the entire business chain of spot trading, contracts, copy trading, and wealth management, while exclusively supporting trading of tokenized assets in the US stock market.

According to market news, LayerZero Labs co-founder and CEO Bryan Pellegrino had a heated debate with security researchers today in the ETHSecurity Community Telegram group. The core controversy includes: since LayerZero Labs can immediately upgrade a default library contract without a time limit to forge messages (similar to the case where rsETH was hacked), the LZ OFT, valued at over $3 billion, is recently at risk of being stolen; researcher Banteg pointed out that mainstream projects like Ethena and EtherFi were still using this default library contract weeks ago, and currently, there is still $178 million worth exposed to risk, with these funds coming from projects that are still using the default library.On-chain data shows that LayerZero Labs multi-signature signers participated in non-multi-signature activities such as meme coin trading, DEX exchanges, and cross-chain bridging, which means that the multi-signature keys in the formal environment were connected to websites, increasing phishing risks. Regarding the multi-signature signers of LayerZero using production environment keys for trading activities, Bryan confirmed that the related transactions were completed by members of the multi-signature team, but denied that it was "meme coin trading," explaining it as "testing PEPE on the LZ OFT token standard," and stated that the involved member has been removed. Bryan also suggested that project parties "directly fix configurations" instead of using default configurations to reduce risks. Banteg subsequently tagged a long list of LayerZero users still using the default library contract, pointing out that these projects should migrate to fixed configurations as soon as possible.

The attacker stole the npm access token of the chief maintainer of Axios, the most popular HTTP client library for JavaScript, and used that token to publish two malicious versions containing cross-platform remote access trojans (RATs) (axios@1.14.1 and axios@0.3.4), targeting macOS, Windows, and Linux systems. The malicious packages were removed from the npm registry about 3 hours after being published.According to data from security company Wiz, Axios is downloaded over 100 million times weekly and exists in about 80% of cloud and code environments. Security company Huntress detected the first infections just 89 seconds after the malicious packages went live and confirmed that at least 135 systems were compromised during the exposure window. Notably, the Axios project had previously deployed modern security measures such as OIDC trusted publishing mechanisms and SLSA provenance proofs, but the attacker completely bypassed these defenses. Investigations revealed that while configuring OIDC, the project retained the traditional long-lived NPM_TOKEN, and npm defaults to using the traditional token when both coexist, allowing the attacker to publish without breaching OIDC.

Bitcoin Core developer Murch announced on February 11 that BIP 360 (Pay to Merkle Root, P2MR) has officially entered the Bitcoin Improvement Proposal repository, marking the first time the Bitcoin development community has incorporated quantum resistance into the official technical roadmap.The proposal was co-authored by Hunter Beast, Ethan Heilman, and Isabel Foxen Duke, and is currently in the review and discussion stage, with no protocol changes activated yet.

According to the tracking data from the Web3 asset data platform RootData X, in the past 7 days, the decentralized artificial intelligence operating library Gradient Network has been the project with the most new followers among X (Twitter) Top personalities. New influential figures on X who have followed this project include DeFi analyst Ignas (@DefiIgnas), DeFi analyst Ignas (@DefiIgnas), and Mr. Block (@mrblocktw).

ChainCatcher news, the decentralized staking protocol Lido has launched the Earn tab to showcase a selection of various strategy pools. The first project to go live is the GG Vault (GGV) launched by Veda Labs, which provides one-click access to "blue-chip" DeFi strategies using ETH, WETH, stETH, or wstETH. The second project to go live is the Decentralized Validator Vault (DVV) developed by Mellow, expected to launch in mid-September.

ChainCatcher news, Nasdaq-listed company Caliber (NASDAQ:CWD) today announced the appointment of Michael Trzupek as the first member of the newly established Crypto Advisory Committee, responsible for governance. Trzupek will provide strategic oversight and guidance for Caliber's Digital Asset Trust (DAT) strategy, which focuses on building a LINK token treasury to capture long-term value and returns.Trzupek has been a member of Caliber's board since 2019 and currently serves as the Chief Financial Officer of UK semiconductor intellectual property company Imagination Technologies, holding an MBA from the University of Chicago.Caliber CEO Chris Loeffler stated that Trzupek's extensive experience in capital markets, digital asset investment, and blockchain infrastructure will help the company advance its LINK token treasury strategy, connecting the traditional real estate market with the digital financial ecosystem.

ChainCatcher news, Coinbase's cryptography lead Yehuda Lindell tweeted that Coinbase has released an open-source cryptographic library for the MPC engine, supporting ECDSA and Schnorr/EdDSA protocols for both two-party and multi-party signatures, and providing tools such as DKG and backups. The code includes foundational primitives like commitments, random oracles, and secret sharing, as well as oblivious transfer and a series of ZK proofs, suitable for threshold signature tasks.

ChainCatcher message, the Slow Mist security team published a disclosure revealing a critical vulnerability (GHSA-vjh7-7g9h-fjfh) found in the widely used elliptic cryptography library.Attackers can extract private keys with just one signature by constructing specific inputs, which may lead to the theft of digital assets or identity credentials. This vulnerability could affect blockchain applications and digital identity systems that rely on this cryptography library.

ChainCatcher news, under the leadership of President El Salvador, the Bitcoin Office stated on X that the National Library of El Salvador will establish a Bitcoin section. Library visitors will not only find all the best books about Bitcoin but will also have the opportunity to see a fully operational node and significant information regarding its use in the Bitcoin network.

ChainCatcher news reports that according to Yu Xian, the founder of Slow Mist, the lending protocol zkLend on the Starknet chain was hacked on February 12, resulting in losses exceeding $9.5 million. The reason for the attack lies in the safeMath library used by its market contract, which employs direct division for calculations. This led to a rounding error in the actual number of zTokens that needed to be burned during withdrawals, which the attacker exploited for profit.On-chain data shows that the attacker's address has an active history of 235 days and has interaction records with multiple platforms, including Binance. The hacker has since transferred the stolen funds across chains, with most of it moved to the Ethereum network. Yu Xian stated that by tracking the associated Starknet addresses, it was discovered that this attacker is linked to the hacking incident of EraLend on July 25, 2023.

ChainCatcher message, regarding today's zkLend theft of over 9 million dollars, SlowMist released an analysis stating that the core reason for this attack lies in the safeMath library used in the market contract. During division calculations, direct division was used, resulting in a rounding vulnerability when calculating the actual amount of zToken that needs to be burned during withdrawals. Attackers may exploit this vulnerability to gain illegal benefits.Users are advised to closely monitor their asset status on zkLend and temporarily halt any deposit actions related to zkLend to avoid potential losses.

ChainCatcher news, according to official sources, the OKX exchange has officially launched the "Dynamic" feature, which will soon be available in the Web3 wallet, becoming the first platform to provide Twitter and news aggregation content in both the exchange and Web3 wallet. This feature aims to provide users with comprehensive, real-time market insights to help them make trading decisions more efficiently.It is reported that the OKX "Dynamic" feature integrates key information from news media and social platforms like Twitter, and uses AI to intelligently identify cryptocurrency information, allowing users to quickly view news related to specific cryptocurrencies. It provides a simplified resource library for real-time access to the latest market dynamics, not only meeting the needs of experienced users for aggregated news, quality information filtering, and automatic translation, but also helping novice users easily discover quality KOLs, quickly integrate into the market ecosystem, and better address the pain points of information search and discovery.

ChainCatcher news, the open-source AI platform Sentient announced on X the launch of the OML 1.0 fingerprint library feature, which supports fingerprint recognition of AI models to verify the identity of AI model developers.Previous news, according to The Block, the open-source AI platform Sentient announced the completion of a $85 million seed round financing, led by Peter Thiel's Founders Fund, Pantera Capital, and Framework Ventures, with participation from Ethereal Ventures, Robot Ventures, LD Capital, Symbolic Capital, Delphi Ventures, Hack VC, Arrington Capital, HashKey Capital, Canonical Crypto, and Foresight Ventures.Additionally, according to the Web3 asset data platform RootData, Sentient is building community-contributed open-source AI models with the goal of directly competing with OpenAI. Sentient will launch activities for contributors, each with specific metrics to evaluate contributions and rewards based on these metrics.

ChainCatcher news, according to Chainwire, the Web3 open software library KRNL Labs has completed a $1.7 million Pre-Seed funding round, with participation from TRGC, Superscrypt, Ryze Labs, Builder Capital, Blockchain Founders Fund, WAGMi Ventures, STIX, YAP Capital, and several strategic angel investors.KRNL Labs is innovating at the RPC node level to achieve cross-chain communication, creating a new type of software management for Web3. KRNL Labs unlocks the ability to share libraries across blockchain networks, changing the way tasks are executed.It is reported that KRNL Labs was founded by Tahir Mahmood and Asim Ahmad in 2022, aiming to address the fragmentation issues in Web3 and the inefficiencies of integrating existing solutions.

ChainCatcher news, the decentralized derivatives trading platform Aevo has announced the launch of Aevo Strategies, an automated trading library that executes complex strategies on behalf of users. Users can access an exclusive library containing trading strategies typically used by large institutions and market makers with just one click.

ChainCatcher news, Nervos CKB has launched the wallet connection library CCC (Common Chains Connector), allowing developers to enable users to connect various ecosystem wallets and directly manage assets on the CKB chain. Currently, CCC supports well-known wallets including JoyID, OKX, UniSat, and Metamask. Thanks to the advantages of CKB's custom cryptographic primitives and native account abstraction capabilities, users can seamlessly transact and manage their digital assets on the CKB chain using multiple wallets.In addition, the CCC development team plans to further expand its compatibility, and in the future, it will support other major ecosystem wallets including SOL, Doge, and Nostr, aiming to make every blockchain wallet a CKB wallet and every blockchain address a CKB address.

ChainCatcher message, Paradigm has launched Alloy v0.1, a code library for interacting with Ethereum. Alloy is a complete rewrite of the low-level building blocks required for interacting with EVM blockchains, from RPC types to ABI encoders and primitive types, intended to replace ethers-rs.Alloy v0.1 includes all the utilities needed to interact with EVM-based blockchains, multiple API improvements, and new features. As part of this release, Paradigm will also officially cease maintenance of ethers-rs and encourage everyone to migrate to Alloy.

ChainCatcher news, Magic Eden co-founder rex.magic announced on the X platform that the Magic Eden Bitcoin NFT marketplace has open-sourced the TypeScript library "runestone-lib" for interacting with the Runes protocol. As a new, plug-and-play Rune client implementation, this helps to solidify the multi-client implementation specification for Runes. Runestone-lib provides native support for encoding, decoding, and indexing Runes, and the library also supports Runes-driven applications and experiences on Magic Eden.