Coinbase Logo

Strengthening our Defenses with SEAL Wargame Simulations

TL;DR: We conducted a successful SEAL wargame with Base and Optimism (OP), testing our response to a simulated vulnerability in bridge withdrawals.

By Coinbase’s Protocol Security & Security Operations Teams

Engineering

, May 22, 2024

, 3min read time

Screenshot 2024-05-22 at 9.41.58 AM

We have a responsibility to keep our systems secure and resilient. That's why we teamed up with Base and Optimism to stress test our security protocols, carrying out a SEAL wargame to simulate a hypothetical vulnerability.

The Simulation

The SEAL simulation was designed to simulate a complex security incident involving a potential vulnerability in bridge withdrawals. Specifically, a faulty upgrade introduced a vulnerability that allowed withdrawals on Layer 1 without corresponding backing withdrawals on Layer 2 . Our monitors deployed on the Hexagate platform swiftly detected this discrepancy, triggering alerts and initiating our incident response protocols.

Simulated Incident Timeline

  • Custom invariants developed in Hexagate’s Gatelang scripting language identified incorrect withdrawals on Optimism and Base test chains.

  • Optimism was notified and a war room was established for incident coordination.

  • Transaction details were shared with the SEAL 911 teams for analysis.

  • The vulnerability was verified and potential solutions were discussed, including reverting to the previous stable version and validating pause transactions.

  • Updates were shared among teams

  • The incident response was confirmed to be effective, the lessons learned were discussed, and next steps for system improvements were put into motion.

Key Takeaways

What Went Well

  • Effective Monitoring: Our custom invariant monitors built on Hexagate’s platform detected the issue accurately and timely.

  • Swift Coordination: Predefined runbooks and communication channels facilitated seamless collaboration with Base and OP teams.

  • Strong Collaboration: Working closely with security and engineering teams ensured a thorough and effective response.

Learnings

  • Strategic Decision-Making: The drill underscored the importance of nuanced decision-making in pausing operations, balancing immediate response with service continuity.

  • System Reliability: The exercise highlighted the need for robust and redundant alerting mechanisms across all systems.

  • Clear Communication: Effective incident response relies on clear, direct communication and well-defined roles and responsibilities.

Moving Forward

This simulation was just one step. We’ll debrief, document our learnings, and outline action items for further improvement. This ongoing process ensures that we continue to enhance our security posture and response capabilities.

Conclusion

Simulated incident drills are a vital part of our commitment to security, helping us test and refine our systems and processes. Our successful collaboration with Base and Optimism in this SEAL drill shows we’re ready to handle real-world threats and are dedicated to maintaining the integrity and security of the ecosystem.

Coinbase logo