“Unprecedented” moves by altcoins in the aftermath of the KuCoin hack showed that the old adage “not your keys, not your coins” might be true in the case of decentralized cryptocurrencies such as bitcoin (BTC) only.
As reported, following several abnormal transactions first noticed on September 25, KuCoin experienced a leakage of its private keys tied with its hot wallets, which resulted in a hack of millions USD worth of customer funds. Per an update by the KuCoin team, with the release of additional suspicious addresses, it now seems that there’s been more than USD 200 million in funds lost, and it could go higher if more such addresses are revealed.
What the updates also revealed is that, a number of projects have swapped, frozen, invalidated, or otherwise ‘interfered’ with their tokens, as well as the token transfers. Such activities include:
“The market has shown unprecedented reaction to recent KuCoin hack,” commented ICO Analytics.
However, these are also moves that many argue can’t be made with BTC.
“If you can freeze it, it isn’t ‘crypto’,” said Growth lead at major crypto exchange Kraken, Dan Held. “It’s completely fucking centralized.”
Changpeng Zhao, CEO of another major crypto exchange Binance, however, used the chance to reiterate his previous statements that decentralization is not “binary black or white,” but that the reality is “usually a bit more grey.”
After Binance was hacked in May of 2019, Zhao also mentioned a possibility to roll back some of the BTC transactions in order to recover the lost funds and “teach [hackers] a lesson.” This prompted a heated debate in the Cryptoverse, showing that, in theory, this would be technically possible but it would be as likely as “all miners stop mining Bitcoin and let it die” because “there’s a huge collective incentive to not change history.”
Also, after the infamous Ethereum (ETH) DAO hack in 2016, the ETH community controversially decided to hardfork the ETH blockchain in order to restore virtually all funds to the original contract and return DAO token holders’ ether.
Meanwhile, the above-mentioned projects have made their arguably centralized moves faster than a traditional, centralized authority is often able to – which speaks both of the technology’s superiority in a way, but also of the potentially worrying fact that it’s possible for an individual / team to make these decisions and exert this much control over the project in the first place. It can be argued then, that the only thing that stands between the projects using their power for something that could be interpreted as a good cause (e.g. stopping a hacker) and using it for their own ‘not as good’ goals is the benevolence of the authority.
If a “decentralized” project can invalidate stolen tokens then it can invalidate YOUR tokens.
Censorship resistance for all or censorship resistance for no one.
— Jameson Lopp (@lopp) September 27, 2020
That said, some industry players and observers wonder if certain measures, such as freezing tokens, could be useful in certain situations, while others see the projects’ power as a necessary evil, so to say.
Don’t you feel that’s kind of ridiculous?
— Dan Held (@danheld) September 27, 2020
There is also a concern over what this unprecedented set of responses could be a base for in the future.
yeah it’s almost as if #DeFi projects aren’t decentralized
— Kyle Torpey (@kyletorpey) September 27, 2020
Meanwhile, the attacker appears to have been on the move since the hack, swapping other stolen altcoins for ETH on the decentralized finance (DeFi) protocol Uniswap. However, this would still leave traces on the Ethereum blockchain, and the associated addresses could potentially be blocked. Nonetheless, the situation could come with “interesting repercussions,” as Bitfinex and Tether chief technical officer Paolo Ardoino said.
This might have interesting repercussions. While we’re staring at laundering while it happens on a transparent DEX, couple of consideratios arise for me:
– will liquidity providers be tainted?
– privacy is key, probably the next DEX should use confidential transactions https://t.co/tmDCSf7yun
— Paolo Ardoino (@paoloardoino) September 27, 2020
As previously said, in a live stream on September 26, KuCoin Global CEO Johnny Lyu assured the affected users that all losses would be covered by the exchange’s risk provisions. Also, the team offered rewards of up to USD 100,000 to anyone who can provide valid information regarding the hack.
IF A PROJECT CAN INVALIDATE A TOKEN ITS NOT DECENTRALIZED!!!!
— RG3² ☠️ (@RG3_Pirate) September 27, 2020
People yearn to be governed and prefer a fake sense of security to real freedom
— Jack (@John_Moxie) September 27, 2020
Well. But since this issue now is public I’m wondering how this will change. Potentially you’re knowingly providing liquidity to an hacker. The more time it passes the more difficult is to argue you were 100% unaware.
— Paolo Ardoino (@paoloardoino) September 27, 2020
US Banks Offering Crypto Custody is ‘Insanely’ Bullish and Risky
‘If DeFi Collapsed, Bitcoin Would Still Be Bitcoin’
Why DeFi Isn’t Always As Decentralized As You Might Think