Developers could have prevented crypto's 2022 hacks if they took basic security measures
Users losing funds due to malicious activity is hardly unknown on Ethereum. In fact, it is the very reason researchers recently developed a proposal to introduce a type of token that is reversible in the event of a hack or other unsavory behaviors.
Specifically, the suggestion would see the creation of an ERC-20R and ERC-721R, which would be modified versions of the standards that govern both regular Ethereum tokens and nonfungible tokens (NFTs).
The premise goes like this: this new standard would allow users to make a “freeze request” on recent transactions that would lock those funds until a “decentralized judiciary system” determined the validity of the transaction. Both parties would be allowed to present their evidence, and the judges would be chosen at random from a decentralized pool to minimize collusion.
At the end of the process, a verdict would be reached and either the funds would be returned or they would stay where they are. This decision would then be final and subject to no further contention. This would open up a practical avenue for victims of hacks and other malicious activity to get their assets back in a direct and community-driven manner.
Unfortunately, this may well be an unnecessary and ultimately harmful proposition. One of the cornerstones of the decentralized philosophy is that transactions only go in one direction. They can’t be undone under virtually any circumstances. This new protocol change would undermine that fundamental precept and in order to fix what isn’t broken.
So how does this work when an attacker steals ERC-20R and cashes out to ETH via a DEX in the same transaction? Or ERC-20R will be incompatible with the current DeFi ecosystem? — Roman Semenov ️ (@semenov_roman_) September 25, 2022
There’s also the fact that even implementing such tokens would be a logistical nightmare. Unless every single platform shifted over to the new standard, then there would be huge gaps in the system, meaning that thieves could simply quickly swap their reversible assets for non-reversible ones and avoid the repercussions entirely. This would render the entire asset completely pointless, and more than likely users would simply not engage with it.
Furthermore, the whole idea of a judicial review implies centralization. Isn’t independence from a third party the exact thing cryptocurrency was created for? The existing proposal isn’t clear on how these judges are chosen, other than it will be “random.” Without the system being very carefully balanced, it’s hard to say that collusion or manipulation is impossible.
A better proposal
Ultimately, the notion of a reversible crypto asset may be well-intentioned but is also entirely unnecessary. The premise introduces many new complexities in terms of its actual integration into existing systems, and that is even assuming platforms want to utilize it. However, there are other ways to achieve security in the decentralized ecosystem that don’t undermine what makes cryptocurrency so powerful to begin with.
For one, auditing of all smart contract codes on an ongoing basis. Many problems in decentralized finance (DeFi) arise from exploits present in the underlying smart contracts. Comprehensive and independent security audits can help to find where potential problems exist before these protocols are released. Furthermore, it’s important to try to understand how multiple contracts will interact together when they go live, as some issues only arise when they are used in the wild.
Any deployed contract will have risk factors that should be monitored and defended against. However, many development teams do not have a robust security monitoring solution in place. Often, the first sign that something problematic is happening comes from an on-chain diagnosis. Massive or unusual transactions and other uncommon transaction patterns can point to an attack that is happening in real-time. Being able to spot and understand these signals is key to staying on top of them.
Of course, there also needs to be a system in place for documenting and recording events and communicating the most important information to the correct entities. Some alerts can be sent to the developer team and others can be made available to the community. With a community thus informed, better security can come in a manner that aligns with the decentralized ethos rather than it being relegated to a function of a judicial review.
Let’s look back at the Ronin hack as an example. It took a full six days for the team behind the project to realize an attack had occurred, only becoming aware when a user complained that they were unable to withdraw funds. If real-time monitoring of the network had been in place, a response could have happened almost instantly when the first large, suspicious transaction occurred. Instead, nobody noticed for almost a week, giving the attacker ample time to continue to move funds and obscure their history.
It seems fairly obvious that reversible tokens wouldn’t have helped this situation much, but monitoring could have. By the time it was noticed, many of the stolen coins had been transferred repeatedly across wallets and exchanges. Could all of these transactions just be reversed? The complexities introduced, as well as the possible new risks created, mean that this endeavor simply isn’t worth the effort. Especially when you consider that powerful mechanisms already exist that can offer a similar level of security and accountability.
Instead of messing with the formula that makes crypto so powerful, it would make much more sense to implement comprehensive and continuous security processes across Web3 so that decentralized assets remain immutable but not unprotected.
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.Source