Megaoops

MegaETH - Pre-Deposit - Multisig

read this article also in:

Someone at MegaETH just discovered that Stanford degrees don't come with a Safe Wallet manual.

November 25, 2025: A Vitalik-backed Layer 2 that raised $450 million in a token sale, audited by Zellic and SlowMist, staffed by PhDs from Stanford and MIT, launched a simple pre-deposit campaign.

Simple plan - 9am EST launch, $250 million cap, first-come-first-served, clean KYC through Cobie's Sonar platform.

Professional infrastructure for professional people building professional things.

Then someone hit 4/4 instead of 3/4 on the multisig, and $500 million got locked in the chaos.

The smart contracts worked flawlessly - executing exactly what they were told with mathematical precision.

That was the entire problem.

When your security model assumes elite engineers understand the tools they're using, are you building trustless systems or just expensive faith?

Credit: DLNews, CoinDesk, MegaETH, ChainCatcher, TheBlock, Echo, Amb Crypto, The Defiant, Dune, YAM, Safe, Protos, Phemex, CoinTelegraph, AzFlin, olimpio, CBS42, chud.eth

The plan looked clean on paper.

MegaETH - the real-time Ethereum Layer 2 promising 100,000 transactions per second and sub-10 millisecond blocks - needed early liquidity for their December mainnet launch.

On-chain gaming that didn't freeze. Trades settling before you could blink. MegaETH would make blockchain fast enough that users might actually forget they were using blockchain - the kind of speed that made thirteen-second Ethereum blocks look like dial-up internet.

The team had credentials thick enough to intimidate a venture capital pitch deck. Yilong Li conceptualized the project at Stanford in 2022.

October's token auction raised $450 million from over 50,000 participants. Revolutionary technology, institutional backing, professional execution.

Everything was ready. 9:00 AM ET, Monday, November 25th. Simple FCFS mechanics via Echo's Sonar platform - KYC verified users only, USDC on Ethereum, clean automation.

Behind the scenes: a 4/6 Safe multisig controlling the pre-deposit contract.

4,589 wallets would eventually participate.

Median deposit: $3,100

Top 10 wallets: 29% of the total haul

Standard wealth distribution for a hyped crypto launch.

What could go wrong with a simple pre-deposit?

Triple Threat

Failure #1: Sonar Goes Down.

9:00 AM: Pre-deposit bridge goes live.

9:01 AM: Dead.

Echo's Sonar infrastructure - the KYC gatekeeper designed to prevent exactly this kind of chaos - immediately buckled under traffic it should have anticipated. Rate limits hit. Servers overwhelmed.

The team's first tweet came 24 minutes later: "Unfortunately our 3rd party provider received too many requests resulting in downtime."

Translation: Nobody load tested the infrastructure supporting a quarter-billion-dollar launch.

Failure #2: The UUID Mismatch

Before Sonar even crashed, deposits were already failing. The SaleUUID parameter in the pre-deposit contract didn't match Sonar's expectations. Wrong identifier, wrong sale, wrong everything.

Fixing it required a 4/6 multisig transaction - coordination between signers scattered across time zones while thousands of users hammered a broken website.

23 minutes to identify the problem. A few more minutes to coordinate signatures. Then a few more minutes to execute the fix.

Perfect storm - site down, parameters wrong, clock ticking.

Then there was the Instant Fill…

156 seconds later: $250 million cap filled.

Not 156 minutes. Not 156 deposits spread across an hour. 156 seconds of pure chaos where refresh-spammers and prepared wallets caught a random resumption time that nobody announced.

One depositor put in $40 million. Another $25.5 million.

The fair, automated launch became a sniping competition for whoever had the fastest refresh rate and the deepest pockets.

Community reaction: "Where's my allocation?"

Team reaction: "Let's raise the cap to $1 billion."

When your solution to botched execution is quadrupling exposure, who's protecting whom?

The Decision

10:15 AM: Team announces $1 billion cap increase.

Sentiment was split approximately 60/40 bearish, with critics calling it a “clown show” and demanding refunds, while defenders praised the “raw demand” that locked in $500M.

Early depositors immediately revolted - this meant 4x dilution on their yields with no warning and no withdrawal option.

Those who missed the first window saw a second chance. Social media erupted.

10:30 AM: Damage control. "This will not impact previous participants." Multiplier protections for the first wave. Bridge reopening scheduled for 11:00 AM. Everyone breathe.

The fix required another multisig transaction to increase the contract's cap parameter. MegaETH used a 4/6 Safe - four signatures required out of six possible signers. Standard configuration with a professional setup.

Here's where understanding your tools matters.

Safe's M-of-N signature model works like this: once you collect the required number of signatures, the transaction becomes executable by anyone. Not just the signers. Not just the team. Anyone who can see the transaction on-chain can broadcast it.

This isn't a bug. It's how Safe works. Trustless execution means trustless - the whole point is that no single party controls when fully-signed transactions execute."

Treasuries use this feature intentionally. It's documented. It's transparent. It's by design.

The team collected 4/4 required signatures early, planning to execute at 11:00 AM for a clean, announced reopening.

They should have stopped at 3/4.

Because at 10:26 AM: chud.eth noticed the fully-signed transaction sitting in the queue and executed it.

No hack. No exploit. No vulnerability.

Just a public execution of a public transaction that the team made public by signing it completely.

When the instructions say "anyone can execute" and elite teams think it means "only we will execute," who's testing whom?

The Cap Yo-Yo

10:26 AM: Cap increased. No warning. No announcement.

Just a transaction on Etherscan that opened the floodgates 34 minutes before the team planned.

Deposits exploded. The team watched on Etherscan as their carefully planned schedule dissolved into uncontrolled chaos.

Users following official channels had no idea the bridge had reopened. Refresh-spammers and monitoring bots caught it instantly.

$300 million. $400 million. Climbing fast.

The team scrambled to regain control.

First attempt: cap it at $400 million.

By the time the transaction landed, deposits had already surpassed $400 million.

The contract wouldn't accept a cap below current deposits. So the first attempt failed.

Second attempt: $500 million cap. This transaction succeeded.

Deposits freeze at exactly $500 million.

The team loaded a fresh $1B cap-raise into the Safe, as if the plan hadn’t already face-planted.

It sat in the queue briefly before they abandoned the entire expansion strategy.

Noon comes around and the team waves the White flag. "We've encountered unexpected issues throughout the process and are no longer moving forward with the $1B cap," the team announced. "We will be sharing a retro shortly. We'll also be including the ability for users to withdraw who no longer wish to participate. Apologies for the turbulence."

Final tally: $500 million locked across 4,589 unique addresses.

Median deposit still $3,100. Average deposit $102,396. Top 10 wallets still controlled 29% of everything.

The wealth distribution didn't change - just the total amount of chaos generated getting there.

Mainnet beta Frontier still scheduled: December.

MEGA token launch: Early 2026.

Pre-market Price: $2-$3.

Withdrawal uptake when announced: <5%.

95% of depositors chose to stay despite everything.

When the house is burning but everyone refuses to leave, what does that say about the neighborhood?

This Was Not Acceptable

MegaETH published a detailed retrospective hours later. Full transparency. No deflection. Just operational failure spelled out in technical detail.

The SaleUUID mismatch. The Sonar rate-limiting that took 23 minutes to identify. The multisig mistake where "the party responsible for executing the raise tx was unfamiliar with the specific safe feature."

"At no point were assets at risk," they emphasized.

Contracts audited by Zellic and SlowMist. Security ironclad. Smart contracts executed flawlessly with mathematical precision.

The humans failed.

YAM delivered the instant lesson: "Live now. Don't sign all required signatures on a multisig and expect it not to be executed."

YAM’s follow-up: "When required signatures on a transaction in a safe are reached, ANYONE (even people not on the multisig) can execute the transaction. It's a core feature and it can't be turned off."

#MegaETH trended with 50,000+ mentions.

Sentiment split roughly 60/40 bearish.

Bears: "Clown show." "Rug pull." Demanded refunds.

Bulls: "Raw demand." $500 million locked is bullish regardless of how it got there. Technical hiccups happen.

AzFlin, a developer and DAO founder, highlighted: "If ONE engineer on the MegaETH team was careful, thought everything through and double checked everything, none of this would've happened."

olimpio summarized it perfectly: "PURE CINEMA" "TBH, insane ride."

The pre-market didn't crash. December mainnet still on schedule. Audits still valid. Contracts still secure.

Everything worked except the part where humans had to read documentation.

When transparency about incompetence becomes your best PR move, who's grading on what curve?

The Tally

Chud.eth - Status:Oops, with his defense being, “your honor I was simply building a rich onchain history”, and the real banger, “If you don’t manage your caps, chud will manage them for you.

Action: Executed a fully-signed Safe transaction at 10:26 AM, 34 minutes before the team's scheduled 11:00 AM reopening.

Completely legal under Safe's documented behavior. Zero vulnerabilities exploited. Just someone who understood the tool better than the team deploying it.

Motive: Unknown. Opportunism? Chaos? Profit? Lulz? All of the above?

Current status: Silent. No statements. No interviews. No victory laps.

Outcome: Instant crypto folklore. Every future Safe deployment will reference this moment.

Maybe every multisig tutorial should include: "don't collect all required signatures early" in bold letters.

When reading the manual makes you a legend, what does that say about everyone who didn't?

MegaETH Team Credentials: Stanford PhDs and MIT and Harvard educated founders.

Backed by Ethereum co-founders Vitalik Buterin and Joe Lubin’s MegaLabs.

Raised $450 million in an October auction.

Technical execution: Flawless. Contracts worked. Audits passed. Zero vulnerabilities.

Operational execution: Catastrophic. Didn't load test third-party infrastructure. Misconfigured SaleUUID parameter. Collected 4/4 multisig signatures without understanding Safe's execution model.

Response: Full transparency with a detailed retrospective. No deflection, just "this was not acceptable" and a breakdown of every failure.

Damage: Reputation hit. Meme status achieved. Operational competence questioned.

Mainnet beta is still planned for December 2025. With a token launch early 2026.

Then there are the Depositors..

Total: 4,589 unique addresses.

Amount: $500 million locked.

Experience: Website crashes. Wrong UUIDs. Random resumption times. Premature cap increases. Total chaos.

Withdrawal option: Announced by the MegaETH team - with an uptake below 5% and a pre-market price estimated to be $2-$3.

Safe Wallet’s Role: Worked exactly as designed. Once M-of-N signatures are collected, anyone can execute the transaction. No bugs. No surprises for anyone who read the docs.

Safe Wallet’s Reputation: Unharmed. Ethereum Foundation uses Safe for its $650+ million treasury. Industry standard remains industry standard.

New operational security lesson: "Don't sign all required signatures early" now taught in every Safe tutorial.

When your tool works perfectly and still ends up in a case study about operational failure, are you the problem or the solution?

Because the code executed perfectly. But the humans may have forgotten to read the manual.

When your biggest vulnerability isn't in the smart contract but in the contract between expectation and reality, what are you really securing?

Nobody hacked anything.

No contracts exploited. No funds stolen. No vulnerabilities discovered.

Smart contracts executed flawlessly - doing exactly what they were programmed to do with mathematical precision.

Audits passed. Security held. The blockchain worked.

Somebody just got front run.

The assumption that elite credentials translate to operational competence, that "trustless" systems still don't require humans to understand the tools, that you can automate fairness without testing the automation.

MegaETH built the fastest L2 ever conceived and then demonstrated that speed is worthless when the operators hit 4/4 instead of 3/4 on a multisig they didn't fully understand.

95% of depositors looked at the wreckage and stayed anyway.

When the code is perfect but the execution is chaos, are we really decentralizing anything - or just making it harder to identify who forgot to read the manual?

share this article

REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.

donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C

disclaimer:

REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.