The KuCoin hacking incident allowed the DeFi community to see which are real decentralized projects, and which ones just use the word “decentralization” to fool people in the industry.
Written by: Ashwath Balakrishnan, working at Crypto Briefing
Translation: Lu Jiangfei
Content overview:
- KuCoin hackers stole up to 150 million U.S. dollars in customer funds, causing some DeFi projects to freeze the stolen tokens;
- Tether’s decision to freeze funds is not surprising, but those projects that claim to be “decentralized” have done the same thing;
- Just like Ethereum once did, Ocean Protocol also decided to implement a hard fork from the block before the hacking, while Ampleforth directly blocked the address of the stolen funds from its smart contract.
- From this series of events, DeFi investors may now be able to see which are true decentralized protocols and which are not.
The KuCoin hacking incident exposed the false “decentralization” status of the DeFi industry
Last week, in response to the community’s heated issue of freezing the outflow of USDT from abnormal transfers on the KuCoin exchange, stablecoin operator Tether Chief Technology Officer Paolo Ardoino stated on Twitter that Tether is not Bitcoin but a centralized stablecoin, which can be used as The fiat currency on the chain has a better and faster transmission layer, and those who complain that centralized stablecoins freeze stolen funds are simply because they have not been stolen.
According to Paolo Ardoino, Tether can decide whether to freeze funds under two circumstances:
- Law enforcement or regulatory requirements;
- The funds are sent to an unrecoverable address.
If it turns out that the KuCoin victim’s funds are indeed locked in the smart contract and will never be accessible, then Tether will help users retrieve the lost funds. In fact, there is nothing wrong with Tether’s doing so, because the stablecoin has never been advertised as a decentralized cryptocurrency, so it will not be labeled as such.
When KuCoin was hacked and affected US$150 million in user funds, Tether once again froze the hacker’s USDT “hiding place”, which was obviously the company’s expected action. But this time, some so-called decentralized projects want to learn Tether and use some “centralized” methods to prevent hackers from predatory behavior.
Ampleforth and Ocean Protocol are two decentralized projects that took action to stop KuCoin hackers:
- Ocean Protocol decided to implement a hard fork, which imitated the measures taken when Ethereum was hacked by “The DAO”. After the hacking of Ethereum, it decided to perform a hard fork from the blocks before the hacking, and use the new chain as the main chain;
- Ampleforth took another approach. They upgraded their smart contract to specifically prevent hacker addresses from transferring AMPL tokens.
For now, the measures taken by Ocean Protocol have not caused much controversy in the community, because this method will not affect the integrity of the smart contract. They forked the original agreement and said that the new smart contract will be a smart contract that they will continue to update in the future, and they will also deploy the majority of consensus on the new smart contract. The stolen tokens have been transferred to a certain address. Users who suffer losses from the attack will also be compensated with new tokens.
However, Ampleforth’s approach does not seem to be detailed enough, because the crypto community believes that this approach opens the door to “audit”.
For Ocean Protocol, if the protocol has been fully developed, the community can choose to keep the old smart contract. After all, before the developer derives the protocol, Ocean Protocol did not create a precedent for forever tolerating censorship.
However, Ampleforth has adopted an approach that surprised the crypto community. According to an article published by Ampleforth on Medium in June 2019, the agreement cannot freeze specific funds, and the worst case is to suspend smart contracts:
In the absolute worst case, setTokenPaused will suspend all transactions on the chain. This is to maintain balance and prevent other unexpected problems with the token itself. In addition, this is also a defensive measure initiated before the market.
The two emergency measures setRebasePaused and setTokenPaused will be regarded as the last choice of Ampleforth, but we hope that these two measures will never be enabled, because we believe that enabling these functions requires a huge responsibility, especially as we are currently in a relatively new system and in a competitive market In the early stages of proving its value.
However, these seemingly impossible things are actually very important. You will notice that there is no tool for a single wallet, whether it is suspending all transactions on the chain or not performing any operations at all. This means that we cannot freeze or confiscate the funds of specific users, and we cannot choose tokens or wallets proposed by Ampleforth The basic principle of becoming a fair and independent currency.
However, Ampleforth did not give the community a chance to choose, and its team finally upgraded the smart contract “as appropriate”. As we all know, the Ampleforth team has the management key and can make these decisions, but this approach sets a bad precedent for decentralized projects in the future.
Since the new smart contract has a review address function, this means that it is almost impossible for AMPL to achieve its ultimate goal, which is to become a basic currency that resists review.
In fact, in this chaos, in addition to Ampleforth and Ocean Protocol, Kardiachain, Orion Protocol, and Aleph also performed similar actions.
Bright side
Although the measures of Ampleforth and Ocean Protocol have caused a lot of controversy, it does not mean that the DeFi industry that focuses on decentralization has no hope at all.
On the one hand, the KuCoin hackers stole 150 million U.S. dollars, which revealed that some projects are not truly “decentralized.” These projects claim that their smart contracts are fixed and will resist censorship, but this is not the case. On the other hand, this incident at least allows people to see what are truly “decentralized” projects.
In addition to Ampleforth and Ocean Protocol, hackers actually attacked Synthetix (SNX), Kyber Network (KNC), Maker (MKR) and Chainlink (LINK), but none of these projects forked contracts or freezes certain wallets.
Facts have proved that the use of a decentralized autonomous organization (DAO), or the distribution of decision-making power outside the core team composed of only 10-20 people, is very useful for maintaining the integrity of the agreement.
Synthetix founder Kain Warwick talked about this situation on Twitter, saying:
(The stolen SNX) is less than 0.5% of the total supply of tokens. Therefore, our immediate response was that the possibility of attempting to fork the protocol by submitting a SIP proposal or performing other stupid behaviors is almost zero. For me, this is basically the final decision made by Synthetix. Of course, others can write SIP proposals to fork the protocol or freeze tokens, but I will vote against it.
In this case, the reasons for Ampleforth’s decision to freeze tokens have become more clear-because 10% of the total supply of AMPL tokens is on the KuCoin exchange, if all these tokens are dropped by hackers on Uniswap Trading cashing out may eventually cause AMPL prices to fall into a death spiral or even collapse. Although the potential consequences are very serious, the solution adopted by Ampleforth has turned AMPL into an auditable cryptocurrency.
Indeed, the “KuCoin hacking incident” caused huge losses to the DeFi industry, but this incident also allowed the market to see which projects are truly decentralized and which are not. There is no doubt that the DeFi community and projects will pay more attention to the issue of “decentralization” in the future, which seems to be helpful to the entire industry in the long run.
Source link: cryptobriefing.com
