Decentralized much? Crypto projects take drastic steps after $200 million hack
The bad actors behind the estimated $150-$200 million hack of crypto exchange KuCoin managed to proven two aspects of the young market in their wake: 1. Cryptocurrencies are susceptible to hacks on even the best exchanges, and 2. True decentralization isn’t around just yet.
The veil of decentralization is lifted when "DeFi" projects freak out about stolen funds being laundered. https://t.co/w1NmZv21ij
— Jameson Lopp (@lopp) September 27, 2020
KuCoin was hit by a hacker or a group of hackers last week in the wee hours of Saturday. They made away with over $150 million—later revised to over $200 million—worth of various ERC20 tokens like Ocean, VIDT, Orion Protocol, KardiaChain, and others.
But for the good or the worse, the project teams and developers behind these affected cryptocurrencies announced a series of measures over the weekend, with some opting to “hard fork” their blockchains and others “blacklisting” hacker funds.
Ocean Protocol has, at press time, successfully hard forked its own blockchain — rendering the over 21 million OCEAN tokens, worth $7.8 million, as effectively worthless.
The Ocean Protocol hard fork is complete. You can find the new Ocean contract address on our website. https://t.co/9VuvCyRiUc
— Ocean Protocol (@oceanprotocol) September 27, 2020
Aleph has taken similar measures for its 8.5 million stolen ALEPH (worth over $1 million). The project reissued tokens on a new smart contract and announced the previous address and tokens were “rendered obsolete.”
⚠️ UPDATE: KuCoin Exchange Hack ⚠️
After much consideration and in the best interest of the https://t.co/fO29efHiM1 ecosystem and our supporters, we have decided to implement the following course of action
— Aleph.im Network (@aleph_im) September 26, 2020
Bitfinex and stablecoin issuer Tether (USDT) has also frozen all funds originating from or tied to the hacker. Datalink (VIDT) has frozen the stolen 14.49 million VIDT, while Covesting has frozen over $500,000 worth of its COV tokens. The two have also worked with KuCoin to “recover” the lost funds, they stated.
One popular project, Synthetix, has, however, not taken any measures at press time. Whale Alert data showed hackers moved over 540,000 Synthetix Network tokens to various unknown wallets.
I really cannot stress this point enough. If you leave funds idle on an exchange for like six months and forget they are there you deserve to lose them. It is like leaving an envelope of cash on your doorstep for months. Maybe it doesn’t get stolen or blow away but if it does…
— kain.eth (@kaiynne) September 28, 2020
However, such moves are arguably against the true ethos of cryptocurrencies: Centralized policymaking and actions take away the “de” from decentralization, making it no better than the traditional markets where stock trading can be stopped in case of any legal cases or incidences against their issuing companies.
If a "decentralized" project can invalidate stolen tokens then it can invalidate YOUR tokens.
Censorship resistance for all or censorship resistance for no one.
— Jameson Lopp (@lopp) September 27, 2020
Meanwhile, on its part, KuCoin has promised to reimburse all funds that were affected in the hack and is actively working with other exchanges to ensure the cyber-thieves don’t cash out.
Overall, at press time, over $100 million in stolen funds has been either frozen or blocked by crypto projects unanimously, as per KuCoin. The hacker can’t cash out a majority of his stash as a result (and couldn’t market sell the tokens earlier due to limited liquidity in some of the stolen altcoins).