Advertisement
Advertisement

The Bancor Hack Aftermath: How Decentralized are Exchanges?

By:
Adrian Zmudzinski
Updated: Jul 16, 2018, 08:25 UTC

The Bancor hack event has once again called into question the extent to which the Ethereum DAPPs is truly decentralized. This is because Bancor, like many other DAPP developers, has programmed the smart contracts underlying their applications to grant them some degree of authority.

Bancor Aftermath

Bancor Hacked: Stolen over $23M in Ethereum

Last year the company raised over $150 million in an ICO. Bancor’s services include a wallet with an integrated exchange service. Last week, Bancor stated that “a wallet used to update some smart contracts has been compromised. As a result, the attackers stole $12.5M in Ethereum, $1 million in NPXS Token of Pundi X and $10 million in BNT.

Bancor announced they’ve frozen the BNT, but they can’t do the same for the other tokens. The company added that it is communicating with a number of exchanges in an effort to “make it harder for the thief to liquidate” the stolen tokens. Nevertheless, it remains to be seen how successful these efforts will be.

Following the incident, Bancor suspended the exchange and undertook an investigation. The exchange has now resumed its activity, as it announced in the following tweet:

Twitter critics, including Litecoin’s creator Charlie Lee, underlined the irony that Bancor, which claims to be decentralized, responded to the hack with strategies in line with a centralized system.

An exchange is not decentralized if it can lose customer funds OR if it can freeze customer funds. Bancor can do BOTH. It's a false sense of decentralization. https://t.co/22UYygIhEF

— Charlie Lee [LTC⚡] (@SatoshiLite) July 10, 2018

Bottom line

This event has once again called into question the extent to which the Ethereum DAPPs is truly decentralized. This is because Bancor, like many other DAPP developers, has programmed the smart contracts underlying their applications to grant them some degree of authority. These include, for example, the possibility to “freeze” tokens or update smart contracts so as to change their behavior in the future.

Thus, while the infrastructure hosting the DAPPs is decentralized, the applications themselves involve so much central authority that they cannot be defined as decentralized. This is a particular problem with security, as such an architecture needs only the creator’s wallet to be compromised in order to damage the entire DAPP. In addition to this, unlike what most users expect, such a system requires trust in the creators of the application.

Decentralised exchanges remain a potential solution to many — but not all — of the problems in this area. But what we always need to know is how decentralized the exchanges really are.

About the Author

Adrian Zmudzinski is passionate about technology and Information Technology (IT). Adrian specialized in the analysis of tokens, the blockchain technology, and cryptocurrencies.

Did you find this article useful?

Advertisement