VeChain hack aftermath: CFO resigns, network to vote on burning stolen tokens
Following the theft of $6.5 million worth of VET tokens from its buyback wallet, blockchain platform VeChain announced that it will be taking several measures to ensure the network’s safety. The CFO took full responsibility for the attack and resigned from his position, while the company said the final decision as to what to do with the stolen funds will be left to the community.
Patching things up after a 1.1 billion token theft
VeChain, an enterprise-focused blockchain ecosystem, has announced that it will be implementing measures that will make the network more secure and resistant to hacks. The announcement, published on Medium on Dec. 22, was made in the aftermath of the biggest theft the network has seen.
Just over a week ago, unidentified hackers stole 1.1 billion VET tokens, worth around $6.5 million at press time, from the company’s buyback wallets. At the time, the Singapore-based company said the hack was most likely a result of a human error and that it was working on improving the protocols that enabled such an error to occur.
The company’s quick response to the issue included working with exchanges such as Binance, Huobi, Bitfinex, and Bittrex to blacklist all addresses associated with the hack, which prevented the hackers from dumping the coins on the market. With a fixed supply of 86.7 billion tokens, losing 1 percent of its circulating supply would bring VeChain to its knees.
One of the measures proposed by the company was completely blocking the address controlled by the hacker. VeChain released VeChainThor v1.1.5 two days after the hack, which allowed the network’s Authority Masternode to vote on the issue.
“Currently, 469 addresses owned by the thief have been blocked by the Authority Masternodes, which froze about 727 million VETs,” VeChain sad in the announcement.
To burn or not to burn?
The VeChain community will get to make the final decision on the destiny of the blocked addresses. All of VET token stakeholders will be able to vote on whether or not to implement the blocklist introduced in VeChainThor v1.1.5 patch.
If the community was to vote on burning the addresses, the 727 million stolen VET tokens would be burnt and forever subtracted from both the total and the circulating supply, VeChain said in its Dec. 22 statement.
With most expecting the community to vote yes on the burn, the company is set to take a heavy financial hit. In a bid to preserve its reputation and dampen the financial blow, the company’s chief financial officer Jay Zhang will be stepping down from his role. Zhang will also forgo his candidacy for the 2020 Steering Committee election, as well as half of his compensation for next year.
Nonetheless, the company acknowledged that the responsibility for the hack falls on its CEO Sunny Lu, which is why he also agreed to accept only 50 percent of his compensation for 2020.
But, the positive comments the VeChain team got for handling the hack well were enough to convince everyone to put their trust back into the company. Many users on Reddit said that while the blacklisting of addresses associated with the hack is a good temporary remedy, it revealed just how centralized VeChain is.
The possibility of VeChain’s anonymous nodes to collude remains high, users said, warning that if given too much power, they could begin blacklisting addresses “for the wrong reasons.”