{"id":7086,"date":"2022-04-13T18:24:23","date_gmt":"2022-04-13T18:24:23","guid":{"rendered":"https:\/\/virconlegal.com\/bir-guven-ve-sorumluluk-analizi-ronin-hack\/"},"modified":"2025-11-17T09:06:26","modified_gmt":"2025-11-17T09:06:26","slug":"bir-guven-ve-sorumluluk-analizi-ronin-hack","status":"publish","type":"post","link":"https:\/\/virconlegal.com\/tr\/bir-guven-ve-sorumluluk-analizi-ronin-hack\/","title":{"rendered":"Bir G\u00fcven ve Sorumluluk Analizi: Ronin Hack"},"content":{"rendered":"\n

Blockchain neredeyse her sekt\u00f6rde yayg\u0131n olarak kullan\u0131lmaktad\u0131r ve bunlar\u0131n hepsi blockchainin merkeziyetsiz, \u015feffaf, g\u00fcvene dayal\u0131 olmayan, de\u011fi\u015ftirilemez ve tamamen da\u011f\u0131t\u0131lm\u0131\u015f e\u015fler aras\u0131 sisteminden faydalanmaktad\u0131r. Her blockchain projesi vizyonuna ve \u00f6nceliklerine ba\u011fl\u0131 olarak \u00fc\u00e7 temel unsura ba\u011fl\u0131d\u0131r: merkeziyetsizlik, g\u00fcvenlik ve \u00f6l\u00e7eklenebilirlik.  <\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

K\u00fcresel \u00e7apta benimsenmeyi hedefleyen pek \u00e7ok blockchain projesi, temel mimarileri arac\u0131l\u0131\u011f\u0131yla bu \u00fc\u00e7 unsuru ayn\u0131 anda ve \u00f6d\u00fcn vermeden ger\u00e7ekle\u015ftirmeye ve en \u00fcst d\u00fczeye \u00e7\u0131karmaya \u00e7al\u0131\u015fmaktad\u0131r. Ancak, \u00fc\u00e7 unsur aras\u0131ndaki etkile\u015fim ve denge bunu ba\u015farmay\u0131 zorla\u015ft\u0131rmaktad\u0131r. Blockchain \u00fc\u00e7lemi (trilemma) kavram\u0131, Vitalik Buterin taraf\u0131ndan ortaya at\u0131lm\u0131\u015ft\u0131r ve \u015fu soruna dikkat \u00e7eker: merkeziyetsizlik, \u00f6l\u00e7eklenebilirlik ve g\u00fcvenlik unsurlar\u0131ndan yaln\u0131zca ikisine \u00f6ncelik verildi\u011finde, genellikle di\u011ferinden taviz verilmesi gerekir. Bu kavram, merkeziyetsiz, \u00f6l\u00e7eklenebilir ve g\u00fcvenli bir blockchain olu\u015fturulmaya \u00e7al\u0131\u015f\u0131ld\u0131\u011f\u0131nda \u00e7o\u011funlukla belli ba\u015fl\u0131 \u00f6d\u00fcnler verilmesinin ka\u00e7\u0131n\u0131lmaz oldu\u011funu kabul eder.  <\/p>\n\n\n\n

Merkeziyetsizlik blockchain’in \u00f6z\u00fc ve esas\u0131d\u0131r, g\u00fcvenlik kilit bir \u00f6zelliktir, \u00f6l\u00e7eklenebilirlik ise en b\u00fcy\u00fck zorluktur. \u00d6l\u00e7eklenebilirlik ve merkeziyetsizlik genellikle g\u00fcvenlik taraf\u0131ndan engellenir, ancak g\u00fcvenlik, \u00f6l\u00e7eklenebilirlik sunan bir blockchain a\u011f\u0131ndaki herhangi bir de\u011fi\u015fiklikle tehlikeye girme e\u011filimindedir.  <\/p>\n\n\n\n

\u00d6l\u00e7eklenebilirlik, saniyedeki i\u015flem say\u0131s\u0131n\u0131 (TPS) veya sistemin verimini art\u0131rmak i\u00e7in uzla\u015ft\u0131rma s\u00fcresini azaltarak kitlesel benimsemeyi sa\u011flamak i\u00e7in projenin daha y\u00fcksek hacimde i\u015flem ger\u00e7ekle\u015ftirme yetene\u011fini belirledi\u011finden, herhangi bir blockchain projesinin \u00f6nemli bir y\u00f6n\u00fcd\u00fcr. <\/p>\n\n\n\n

\u00d6l\u00e7eklendirme f\u0131rsat\u0131 ve talebi nedeniyle, \u00fc\u00e7\u00fcnc\u00fc taraf blockhchainler, side chainler, roll-up’lar ve kanallar gibi yenilik\u00e7i \u00f6l\u00e7eklendirme y\u00f6ntemleri geli\u015ftirmeye ba\u015flam\u0131\u015ft\u0131r. Bu y\u00f6ntemler \u00e7o\u011fu blockchain projesini trilemmay\u0131 ele almaya te\u015fvik ederken, \u00e7o\u011fu durumda merkeziyetsizlik ve g\u00fcvenlik aras\u0131ndaki denge ihmal edilmi\u015f gibi g\u00f6r\u00fcnmektedir. <\/p>\n\n\n\n

Sky Mavis taraf\u0131ndan geli\u015ftirilen blockchain oyunu Axie Infinity i\u00e7in kullan\u0131lan Ethereum ba\u011flant\u0131l\u0131 bir yan zincir olan Ronin Network, \u00f6l\u00e7eklendirme y\u00f6ntemlerini entegre ederken g\u00fcvenlik ve merkeziyetsizli\u011fin nas\u0131l kar\u015f\u0131 kar\u015f\u0131ya geldi\u011fini g\u00f6steren bir \u00f6rnektir. Axie Infinity sadece bir trilemma \u00f6rne\u011fi de\u011fil, ayn\u0131 zamanda geli\u015ftiricilerinin, yat\u0131r\u0131mc\u0131lar\u0131n\u0131n ve kullan\u0131c\u0131lar\u0131n\u0131n \u00f6ncelikleri ve eylemlerinin yan\u0131 s\u0131ra bu eylemlerin sonu\u00e7lar\u0131 g\u00f6z \u00f6n\u00fcne al\u0131nd\u0131\u011f\u0131nda sorumluluk ve g\u00fcven alg\u0131lar\u0131n\u0131 incelemeye de\u011fer bir projedir. <\/p>\n\n\n\n

Arka plan<\/strong><\/p>\n\n\n\n

Axie Infinity, Sky Mavis taraf\u0131ndan geli\u015ftirilen blockchain tabanl\u0131 bir oyna-kazan oyunudur ve Ethereum tabanl\u0131 kripto para birimleri kullanan oyun i\u00e7i ekonomisiyle bilinir. Axie Infinity, d\u00fcnya \u00e7ap\u0131ndaki b\u00fcy\u00fck da\u011f\u0131t\u0131m\u0131 ve pop\u00fclaritesi nedeniyle \u015eubat 2021’de muazzam bir kullan\u0131c\u0131 ak\u0131n\u0131na u\u011frad\u0131.  <\/p>\n\n\n\n

Ethereum’un \u00f6nemli \u00f6l\u00e7eklenebilirlik eksiklikleri ve Axie Infinity’nin artan pop\u00fclaritesi ile Sky Mavis, TPS’yi art\u0131rma ihtiyac\u0131 hissetti ve Axie Infinity’yi \u00f6l\u00e7eklendirmek i\u00e7in gereken h\u0131zl\u0131, d\u00fc\u015f\u00fck maliyetli i\u015flem hacmini sa\u011flamak i\u00e7in \u015eubat 2021’de Ethereum ba\u011flant\u0131l\u0131 bir yan zincir olarak Ronin a\u011f\u0131n\u0131 ba\u015flatt\u0131. <\/p>\n\n\n\n

Ronin a\u011f\u0131, ana Ethereum a\u011f\u0131ndan ba\u011f\u0131ms\u0131z olarak \u00e7al\u0131\u015fan ve kendi mutabakat mekanizmas\u0131na sahip bir yan zincir olarak geli\u015ftirilmektedir. Ronin a\u011f\u0131, kullan\u0131c\u0131lar aras\u0131ndaki s\u00fcrt\u00fc\u015fmeyi azaltmak, Axie Infinity i\u00e7in i\u015flemleri y\u00fcr\u00fctmek ve Axie Infinity oyuncular\u0131n\u0131n dijital varl\u0131klar\u0131n\u0131n zincirler aras\u0131nda de\u011fi\u015fimini sa\u011flamak amac\u0131yla Ronin’i Ethereum ana a\u011f\u0131na ba\u011flamak i\u00e7in Ethereum ba\u011flant\u0131l\u0131 iki y\u00f6nl\u00fc bir k\u00f6pr\u00fc (Ronin K\u00f6pr\u00fcs\u00fc) kullanmaktad\u0131r. <\/p>\n\n\n\n

Ronin a\u011f\u0131, a\u011fdaki i\u015flemleri i\u015flemek ve do\u011frulamak i\u00e7in bir dizi g\u00fcvenilir do\u011frulay\u0131c\u0131ya dayanan bir yetki kan\u0131t\u0131 mutabakat modelini benimsemi\u015ftir. Multisig sistemi ile birlikte, bireyler veya kurumlar taraf\u0131ndan kontrol edilebilen yetkili c\u00fczdanlara sahip olan bu do\u011frulay\u0131c\u0131lar\u0131n \u00e7o\u011funlu\u011fu, ak\u0131ll\u0131 s\u00f6zle\u015fmede uygulanacak bir i\u015flem veya de\u011fi\u015fiklik i\u00e7in veya bir para yat\u0131rma veya \u00e7ekme i\u015fleminin tan\u0131nmas\u0131 i\u00e7in i\u015flemleri imzalamal\u0131d\u0131r. <\/p>\n\n\n\n

Hack<\/strong><\/p>\n\n\n\n

29 Mart 2022’de Sky Mavis, Ronin k\u00f6pr\u00fcs\u00fcnde bir g\u00fcvenlik ihlali ya\u015fand\u0131\u011f\u0131n\u0131 ve do\u011frulay\u0131c\u0131 d\u00fc\u011f\u00fcmlerin ele ge\u00e7irildi\u011fini, bunun sonucunda 173.600 ETH ve 25,5 M $ de\u011ferinde USDC sabit paran\u0131n (625 milyon $’dan fazla) iki i\u015flemde Ronin k\u00f6pr\u00fcs\u00fcnden bo\u015falt\u0131ld\u0131\u011f\u0131n\u0131 bildirdi. (1)<\/p>\n\n\n\n

Resm\u00ee Topluluk Uyar\u0131s\u0131\u2019na g\u00f6re, k\u00f6t\u00fc niyetli para \u00e7ekme i\u015flemleri, do\u011frulay\u0131c\u0131lar\u0131n (validator) \u00f6zel anahtarlar\u0131n\u0131n ele ge\u00e7irilmesi sonucunda ger\u00e7ekle\u015fmi\u015f ve bu anahtarlar sahte para \u00e7ekme i\u015flemleri olu\u015fturmak i\u00e7in kullan\u0131lm\u0131\u015ft\u0131r. Geli\u015ftiriciler, sald\u0131r\u0131 s\u0131ras\u0131nda Ronin\u2019in dokuz do\u011frulay\u0131c\u0131 node\u2019dan olu\u015ftu\u011funu ve bir para yat\u0131rma veya \u00e7ekme i\u015fleminin ger\u00e7ekle\u015fmesi i\u00e7in be\u015f tanesinin imzas\u0131n\u0131n gerekti\u011fini a\u00e7\u0131klam\u0131\u015ft\u0131r. Hacker, Sky Mavis\u2019e ait d\u00f6rt do\u011frulay\u0131c\u0131 node\u2019un kontrol\u00fcn\u00fc ele ge\u00e7irmi\u015f ve be\u015finci imzay\u0131 sa\u011flamak i\u00e7in, Axie Infinity projesini destekleyen topluluk odakl\u0131 bir organizasyon olan Axie DAO taraf\u0131ndan i\u015fletilen \u00fc\u00e7\u00fcnc\u00fc taraf bir do\u011frulay\u0131c\u0131y\u0131 kullanm\u0131\u015ft\u0131r. Do\u011frulay\u0131c\u0131 anahtarlar\u0131n\u0131n \u00e7o\u011funlu\u011funu kontrol eden hacker, Ronin Bridge s\u00f6zle\u015fmesinin \u00e7oklu imza (multisign) modelinden yararlanarak kripto paralar\u0131 do\u011frudan sahte bir Ethereum c\u00fczdan\u0131na \u00e7ekmeyi ba\u015farm\u0131\u015ft\u0131r. <\/p>\n\n\n\n

Resm\u00ee Topluluk Uyar\u0131s\u0131, Sky Mavis do\u011frulay\u0131c\u0131lar\u0131n\u0131n nas\u0131l ele ge\u00e7irildi\u011fine dair detay vermese de, hacker\u2019\u0131n Axie DAO taraf\u0131ndan i\u015fletilen \u00fc\u00e7\u00fcnc\u00fc taraf bir do\u011frulay\u0131c\u0131n\u0131n kontrol\u00fcn\u00fc, Kas\u0131m 2021\u2019de Sky Mavis ile Axie DAO aras\u0131nda yap\u0131lan bir anla\u015fma sayesinde elde etti\u011fini belirtmektedir.
Y\u00fcksek a\u011f trafi\u011fi d\u00f6neminde kullan\u0131c\u0131 maliyetlerini azaltmak ve i\u015flemleri \u00fccretsiz h\u00e2le getirmek amac\u0131yla, iki ayr\u0131 zincir aras\u0131nda geli\u015ftiricilerin sunucularla ileti\u015fim kurmas\u0131n\u0131 sa\u011flayan gas-free bir RPC node kurulmu\u015ftur. Bu i\u015flemlerin ger\u00e7ekle\u015ftirilebilmesi i\u00e7in, Axie DAO\u2019nun Sky Mavis\u2019i beyaz listeye (whitelist) almas\u0131, yani Sky Mavis do\u011frulay\u0131c\u0131lar\u0131n\u0131n kendi ad\u0131na i\u015flem imzalamas\u0131na izin vermesi gerekmi\u015ftir. B\u00f6ylece Sky Mavis, i\u015flemleri h\u0131zl\u0131ca onaylayarak kullan\u0131c\u0131 ve a\u011f y\u00fck\u00fcn\u00fc azaltabilmi\u015ftir.
Her ne kadar bu anla\u015fma Aral\u0131k 2021\u2019de iptal edilmi\u015f olsa da, whitelist eri\u015fimi teknik olarak kald\u0131r\u0131lmam\u0131\u015ft\u0131r. Bu da, Sky Mavis do\u011frulay\u0131c\u0131lar\u0131n\u0131 ele ge\u00e7iren hacker\u2019\u0131n, i\u015flemleri onaylamak i\u00e7in gerekli olan Axie DAO do\u011frulay\u0131c\u0131 imzas\u0131n\u0131 kullanabilmesine olanak tan\u0131m\u0131\u015ft\u0131r. (2)<\/p>\n\n\n\n

G\u00fcven ve Sorumluluk<\/strong><\/p>\n\n\n\n

Bu \u00e7er\u00e7evede, Ronin a\u011f\u0131n\u0131n istismar edilmesi, g\u00fcvensiz bir a\u011fda g\u00fcven ve blockchain projelerinde sorumlulu\u011fun da\u011f\u0131t\u0131m\u0131 hakk\u0131nda temel sorular\u0131 g\u00fcndeme getirdi.<\/p>\n\n\n\n

G\u00fcven, yakalanmas\u0131 zor bir kavramd\u0131r ve tan\u0131m\u0131 y\u00fczy\u0131llard\u0131r filozoflar aras\u0131nda tart\u0131\u015fma konusu olmu\u015ftur. Ancak zaman i\u00e7inde g\u00fcvenin \u00e7\u00f6kmesi, sorumlulu\u011fun do\u011fdu\u011fu nokta h\u00e2line gelmi\u015ftir. Kurumsal g\u00fcven \u00e7\u00f6kt\u00fck\u00e7e, g\u00fcven kavram\u0131 da\u011f\u0131t\u0131k g\u00fcvene d\u00f6n\u00fc\u015f\u00fcr; yani g\u00fc\u00e7 art\u0131k tek bir merkezden al\u0131n\u0131r ve \u00e7e\u015fitli kaynaklara da\u011f\u0131t\u0131l\u0131r. Bir zamanlar yukar\u0131 do\u011fru, otoritelere y\u00f6nelen g\u00fcven art\u0131k yatay bi\u00e7imde akmaktad\u0131r \u2014 kimi zaman insanlara, kimi zamansa programlara ve kodlara.
Blockchain g\u00fcveni, da\u011f\u0131t\u0131k g\u00fcvenin bir bi\u00e7imidir. Bu g\u00fcven, iyi davran\u0131\u015flar\u0131n \u00f6d\u00fcllendirildi\u011fi, k\u00f6t\u00fc davran\u0131\u015flar\u0131n ise cezaland\u0131r\u0131ld\u0131\u011f\u0131 bili\u015fsel risk de\u011ferlendirme s\u00fcre\u00e7lerine dayan\u0131r. Blockchain\u2019e duyulan g\u00fcven, onun merkeziyetsiz, g\u00fcvene dayal\u0131 olmayan (trustless), \u015fifreli (encrypted) ve algoritmik yap\u0131s\u0131ndan kaynaklan\u0131r. (3)<\/p>\n\n\n\n

Sky Mavis a\u011f\u0131 g\u00fcvene dayal\u0131 olmayan bir ortamdan uzakla\u015ft\u0131rd\u0131k\u00e7a, a\u011f i\u015flevini yerine getirmek i\u00e7in g\u00fcvene ihtiya\u00e7 duyar hale geldi ve Sky Mavis \u00f6ncelikleri ve sonraki eylemleri nedeniyle blok zincirine olan g\u00fcveni ray\u0131ndan \u00e7\u0131kard\u0131;<\/p>\n\n\n\n

Sky Mavis\u2019in, \u00f6l\u00e7eklenebilirlik sorununa getirdi\u011fi merkeziyetsiz olmayan \u00e7apraz-zincir k\u00f6pr\u00fc \u00e7\u00f6z\u00fcm\u00fc (cross-chain bridge), projeyi Ethereum ana a\u011f\u0131 \u00fczerindeki g\u00fcvene dayal\u0131 olmayan (trustless) ve merkeziyetsiz g\u00fcvenlik mutabakat\u0131 yap\u0131s\u0131ndan uzakla\u015ft\u0131rm\u0131\u015ft\u0131r. \u00c7oklu imza (multisig) modelinde imzalar\u0131n birden fazla ve birbirinden ba\u011f\u0131ms\u0131z varl\u0131k aras\u0131nda b\u00f6l\u00fc\u015ft\u00fcr\u00fclmesi yayg\u0131n bir uygulama olmas\u0131na ra\u011fmen, Sky Mavis, dokuz do\u011frulay\u0131c\u0131 node\u2019un d\u00f6rd\u00fcn\u00fc kendi merkezi sunucusunda tutmay\u0131 tercih etmi\u015ftir. Ayr\u0131ca, a\u011f\u0131n mutabakat\u0131 i\u00e7in yaln\u0131zca k\u00fc\u00e7\u00fck bir do\u011frulay\u0131c\u0131 havuzu kullan\u0131lmas\u0131 ve i\u015flemleri do\u011frulayan \u00f6rnek say\u0131s\u0131n\u0131n azalt\u0131lmas\u0131, merkeziyetsizlikten \u00f6d\u00fcn verilmesi anlam\u0131na gelir. Bu durum, a\u011f\u0131n zorluk seviyesini d\u00fc\u015f\u00fcrmeyi gerektirirken ayn\u0131 zamanda sistemin g\u00fcvenli\u011fini de zay\u0131flat\u0131r.
Sky Mavis\u2019in \u00f6ncelikleri, saniyedeki i\u015flem say\u0131s\u0131n\u0131 (TPS) en \u00fcst d\u00fczeye \u00e7\u0131karma arzusunda yo\u011funla\u015f\u0131rken; merkeziyetsizlik, g\u00fcvenlik ve g\u00fcven gerektirmeyen yap\u0131 gibi temel ilkeler ihmal edilmi\u015ftir. Blockchain \u00fc\u00e7lemi (trilemma) ba\u011flam\u0131nda de\u011ferlendirildi\u011finde, Sky Mavis, \u00f6l\u00e7eklenebilirlik ad\u0131na maliyet ve h\u0131z\u0131 art\u0131rmak u\u011fruna g\u00fcvenlik ve merkeziyetsizlikten vazge\u00e7mi\u015ftir. <\/p>\n\n\n\n

Vitalik Buterin’in de ele\u015ftirdi\u011fi Sky Mavis’in \u00f6ncelikleri ve tercihlerinin yan\u0131 s\u0131ra, zincirler aras\u0131 k\u00f6pr\u00fclerin \u00f6zellikle a\u015fa\u011f\u0131dakilere kar\u015f\u0131 savunmas\u0131z oldu\u011fu savunulmaktad\u0131r %51 sald\u0131r\u0131lar\u0131:<\/a>
gibi tehditler g\u00f6z \u00f6n\u00fcnde bulunduruldu\u011funda, \u00e7apraz-zincir k\u00f6pr\u00fcler (cross-chain bridges) kullanan projeler i\u00e7in, yan zincirlerin in\u015fas\u0131nda olgunla\u015fm\u0131\u015f s\u00fcre\u00e7ler, g\u00fcncellemeleri do\u011frulamaya y\u00f6nelik \u00e7er\u00e7eveler, g\u00fcvenlik denetimleri, kalite kontrolleri, temel metrikler i\u00e7in g\u00f6sterge panellerinin kurulmas\u0131, beklenmeyen sapmalarda devreye giren tetikleyici sistemler ve ak\u0131ll\u0131 s\u00f6zle\u015fmelerin denetimi gibi mekanizmalar, kullan\u0131c\u0131lar\u0131n, varl\u0131klar\u0131n\u0131n ve en \u00f6nemlisi g\u00fcvenlerinin korunmas\u0131 a\u00e7\u0131s\u0131ndan vazge\u00e7ilmezdir. Ancak Sky Mavis\u2019in g\u00fcvenlik ihlalini alt\u0131 g\u00fcn boyunca fark etmemesi ve bunu yaln\u0131zca bir kullan\u0131c\u0131n\u0131n \u015fik\u00e2yeti \u00fczerine \u00f6\u011frenmesi, Sky Mavis\u2019in g\u00fcvenlik \u00f6nlemlerini yeterince izlemedi\u011fini ve s\u0131k\u0131 bi\u00e7imde uygulamad\u0131\u011f\u0131n\u0131 a\u00e7\u0131k\u00e7a ortaya koymaktad\u0131r. <\/p>\n\n\n\n

Resm\u00ee Topluluk Uyar\u0131s\u0131\u2019na g\u00f6re, Sky Mavis sorumlulu\u011fu \u00fcstlenmektedir; bu durum, Ronin\u2019in i\u015fleyi\u015finde ve ya\u015fanan g\u00fcvenlik ihlalinde \u00fcstlendi\u011fi kritik rol\u00fc z\u0131mnen kabul etti\u011fi \u015feklinde yorumlanabilir. A\u011f\u0131 g\u00fcvene dayal\u0131 olmayan (trustless) bir yap\u0131dan uzakla\u015ft\u0131rmalar\u0131, a\u011f\u0131 sald\u0131r\u0131lara kar\u015f\u0131 savunmas\u0131z h\u00e2le getirmi\u015ftir. Bu nedenle, Sky Mavis\u2019in \u00f6ncelikleri ve tercihleri sonucunda g\u00fcvenin zedelenmi\u015f olmas\u0131, sorumlulu\u011fun b\u00fcy\u00fck bir k\u0131sm\u0131n\u0131n Sky Mavis\u2019e ait oldu\u011funu savunmak i\u00e7in g\u00fc\u00e7l\u00fc bir zemin olu\u015fturmaktad\u0131r.  <\/p>\n\n\n\n

Sky Mavis’in \u00e7e\u015fitli a\u00e7\u0131lardan ba\u015far\u0131s\u0131z olmas\u0131na ra\u011fmen, Sky Mavis, Binance liderli\u011findeki bir “kurtarma turunda” di\u011fer VC’lerin ve Animoca Brands, a16z, Dialectic, Paradigm ve Accel gibi mevcut yat\u0131r\u0131mc\u0131lar\u0131n kat\u0131l\u0131m\u0131yla 150 milyon dolar toplad\u0131. (4) Bu durum, mevcut yat\u0131r\u0131mc\u0131lar\u0131n s\u00f6z konusu fonlar\u0131n geri \u00f6denmesinden Sky Mavis ile m\u00fc\u015ftereken sorumlu olup olmad\u0131klar\u0131 sorusunu g\u00fcndeme getirmektedir. Sorumlulu\u011fu payla\u015fsalar da payla\u015fmasalar da, yat\u0131r\u0131mc\u0131lar\u0131n yat\u0131r\u0131m yapmadan \u00f6nce daha iyi durum tespiti (due diligence) yapmalar\u0131 gerekti\u011fi a\u00e7\u0131kt\u0131r. <\/p>\n\n\n\n

Kullan\u0131c\u0131lar sald\u0131r\u0131n\u0131n ma\u011fduru gibi g\u00f6r\u00fcnse de sorumlulu\u011fun bir k\u0131sm\u0131 onlara aittir. \u00d6zellikle Axie Infinity’nin bir gelir modeli haline geldi\u011fi \u00fclkelerde, kat\u0131l\u0131mc\u0131lar\u0131n h\u0131zl\u0131 ve ucuz i\u015flemlere odaklanmas\u0131, \u00f6l\u00e7eklendirme y\u00f6ntemleri nedeniyle tam olarak merkezsizle\u015ftirilmemi\u015f ve g\u00fcvenlik ihlallerine a\u00e7\u0131k projelere yol a\u00e7\u0131yor. <\/p>\n\n\n\n

Ronin a\u011f\u0131n\u0131n istismar\u0131, g\u00fcvenin neden ve nas\u0131l ba\u015far\u0131s\u0131z oldu\u011funu ayd\u0131nlat\u0131rken, sorumlulu\u011fun ayr\u0131m\u0131 ve da\u011f\u0131l\u0131m\u0131 tart\u0131\u015fmal\u0131 olmaya devam etmektedir.<\/p>\n\n\n\n

Sonu\u00e7<\/strong><\/p>\n\n\n\n

Ronin a\u011f\u0131n\u0131n istismar\u0131, merkeziyetsiz \u00f6l\u00e7eklendirmenin yan\u0131 s\u0131ra kat\u0131l\u0131mc\u0131lar\u0131n g\u00fcveni i\u00e7in g\u00fcvene dayal\u0131 olmayan bir a\u011f olu\u015fturman\u0131n ve da\u011f\u0131t\u0131lm\u0131\u015f sorumlulu\u011fu g\u00fc\u00e7lendirmenin \u00f6nemini vurgularken, ne yaz\u0131k ki blockchain trilemmas\u0131n\u0131n \u00fcstesinden gelememektedir.<\/p>\n\n\n\n

\n\n\n\n
  1. https:\/\/roninblockchain.substack.com\/p\/community-alert-ronin-validators?s=w<\/li>
  2. https:\/\/roninblockchain.substack.com\/p\/community-alert-ronin-validators?s=w<\/li>
  3. https:\/\/associazioneblockchain.it\/doc\/trusting-a-trustless-network-the-paradoxes-of-trust-in-blockchain-technology\/<\/a><\/li>
  4. https:\/\/www.coindesk.com\/video\/the-hash-on-cdtv-clips\/sky-mavis-raises-150m-to-reimburse-axie-infinity-hack-victims\/<\/li><\/ol>\n","protected":false},"excerpt":{"rendered":"

    Blockchain neredeyse her sekt\u00f6rde yayg\u0131n olarak kullan\u0131lmaktad\u0131r ve bunlar\u0131n hepsi blockchainin merkeziyetsiz, \u015feffaf, g\u00fcvene dayal\u0131 olmayan, de\u011fi\u015ftirilemez ve tamamen da\u011f\u0131t\u0131lm\u0131\u015f e\u015fler aras\u0131 sisteminden faydalanmaktad\u0131r. Her blockchain projesi vizyonuna ve \u00f6nceliklerine ba\u011fl\u0131 olarak \u00fc\u00e7 temel unsura ba\u011fl\u0131d\u0131r: merkeziyetsizlik, g\u00fcvenlik ve \u00f6l\u00e7eklenebilirlik.   K\u00fcresel \u00e7apta benimsenmeyi hedefleyen pek \u00e7ok blockchain projesi, temel mimarileri arac\u0131l\u0131\u011f\u0131yla bu \u00fc\u00e7 unsuru […]<\/p>\n","protected":false},"author":1,"featured_media":7088,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[137],"tags":[146,147,149,148,145],"ppma_author":[125],"class_list":["post-7086","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blok-zinciri","tag-axie-infinity-tr","tag-hack-tr","tag-p2e-tr","tag-ronin-hack-tr","tag-ronin-network-tr"],"authors":[{"term_id":125,"user_id":1,"is_guest":0,"slug":"virconlegal","display_name":"virconlegal","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/4f3ec5d54b8792b25790cf55d797a6dce67ee1dc5500de97bf1aa1af483fb68a?s=96&d=mm&r=g","author_category":"","first_name":"","last_name":"","user_url":"http:\/\/virconlegal.com\/blog","job_title":"","description":""}],"_links":{"self":[{"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/posts\/7086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/comments?post=7086"}],"version-history":[{"count":1,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/posts\/7086\/revisions"}],"predecessor-version":[{"id":7094,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/posts\/7086\/revisions\/7094"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/media\/7088"}],"wp:attachment":[{"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/media?parent=7086"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/categories?post=7086"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/tags?post=7086"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/virconlegal.com\/tr\/wp-json\/wp\/v2\/ppma_author?post=7086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}