RusseII
commented
2 years ago https://github.com/yearn/yearn-devdocs/blob/master/docs/developers/v2/EMERGENCY.md great resource for this
Closed RusseII closed 2 years ago
RusseII
commented
2 years ago https://github.com/yearn/yearn-devdocs/blob/master/docs/developers/v2/EMERGENCY.md great resource for this
Create an incident response plan. In the event of a hack, know ahead of time who will be in the war room, which platform(s) (e.g., Discord, Signal, etc) and which channels you'll use to communicate. For the core response group, having voice comms is very helpful. Know who you will reach out to for help. Know what your first steps will be (e.g.: pause contracts, reach out to security partners, alert users that an issue is happening via Twitter/Discord, etc). Know who will take on what roles: Who will communicate with the public and outside partners? Who will start digging into the attacker's txs to find the vulnerability that was exploited? Who will be responsible for submitting the txs to (for example) pause the contracts? Having this all in a doc somewhere will be helpful so you can rely on it when the adrenaline is clouding your judgment.