Here's an interesting point from Hasu:

This is the only right answer, its zero fault for safe (albeit also not positive), is really just ByBit to blame here. Were they drunk or what where they even thinking? Why send 1.4B in one go anyways - how reckless and unresponsible can you be?! I mean, just look at the god damn display before hitting confirm, or simulate it first. And don't send a billion dollars in a single tx.

@tomw1808.eth I wouldn't go as far as to say that Safe had zero fault, but agree that if ByBit had followed the best security practices, it wouldn't have happened.

I think the problem with display was that they used Ledger Nano S, and from what I learned by following a conversation on X, it just doesn't show all the data. But I imagine that the wallet they used - like MetaMask or whatever - does the simulation.

BTW have they even sent a $1 test tx? I don't do it most of the time, but if I were to send so much money I'd do it for sure.

BTW, seems like OpenZeppelin just launched some solution for verifying these transactions:

Cassie (who used to be at Coinbase and hence has some idea of how to create CEX wallets) also wrote a quite comprehensive article on it on X.

TLDR no one is completely not guilty in this - although clearly, Lazarus is the most guilty :'D