How Anchorage Digital protects clients

Many of our clients have asked us about the recent security incident at Bybit. This is what we have shared with them:

What happened?

On February 21, 2025, it was reported that Bybit, a cryptocurrency exchange, suffered a security breach which resulted in the loss of nearly $1.5 billion worth of Ether (ETH). Attackers deceived Bybit’s team by manipulating a routine ETH wallet transfer on Safe, a multi-signature wallet used to manage Ethereum assets. From what has been reported so far, attackers disguised a malicious transaction as a legitimate one by embedding malicious JavaScript into the Safe signing code. When the transaction was approved, it allowed the malicious smart contract to sweep the ETH into the attacker’s wallet.

How does Anchorage Digital’s security model protect clients from this type of attack?

Importantly, Anchorage Digital’s transaction flow is designed to prove with certainty that a given transaction reflects a client's intent. Anchorage Digital’s end-to-end security process—which involves multiple lines of defense for every transaction—would have mitigated this type of attack in four unique ways:

1. Quorum-based approvals through independent iOS devices: By default, every transaction requires approval from at least two members of the client organization, using authentication through authorized devices. All sensitive operations, such as withdrawing assets, require biometrically authenticated endorsements from multiple users within the client’s organization, backed by the iOS secure enclave. In the case of the Bybit incident, the attacker would not have been able to act simultaneously on behalf of all quorum members.
2. Smart contract pre-authorizations: Smart contract interactions for assets held in custody with Anchorage Digital Bank or Anchorage Digital Singapore are limited to only occur through applications pre-approved by Anchorage Digital. In the case of the Bybit incident, the smart contract interaction would not have been pre-authorized. 
3. Risk review: For our custodial solutions through Anchorage Digital Bank and Anchorage Digital Singapore, each transaction endorsement is reviewed using a combination of human oversight and automated outlier detection based on detailed behavioral analytics. In the case of the Bybit attack, any detected anomalies would have been flagged for review in cooperation with our client. For self-custodied assets through Porto by Anchorage Digital, users can simulate smart contract interactions before executing a transaction, and will see an in-app warning if risks are identified. 
4. Hardware-enforced logic: Our hardware security modules (HSMs) do not just blindly sign, they carefully construct the transaction based on a quorum of cryptographically signed intents. In the case of the Bybit incident, our HSM would not have signed the transaction due to unexpected or invalid cryptographic signatures presented as a result of the malicious alteration.

How else does Anchorage Digital protect client assets?

• Client assets in custody with Anchorage Digital Bank or Anchorage Digital Singapore are bankruptcy remote. We keep assets in custody both physically and legally segregated from other clients’ and the firm’s assets. We’ve also implemented operational practices such as separate client on-chain addresses that further ensure the safety of client assets.
• Our Atlas settlement network enables clients to settle directly, eliminating the need to leave assets on exchanges and reducing exposure to third-party risks.‍‍

Anchorage Digital is purpose-built to make sure our clients’ assets remain safe and secure. If you have additional questions or are interested in learning more about participating in crypto with Anchorage Digital, please get in touch.