Fun

DEX Volume Soars But Bzx Exploit Raises Questions About ‘Decentralization Theatre’

News Feed - 2020-02-18 08:02:00

DEX Volume Soars But Bzx Exploit Raises Questions About ‘Decentralization Theatre’


As the decentralized finance juggernaut rolls inexorably forward, the exploitation of defi project Bzx – in which $350K, or around 2% of total assets was taken – has called the decentralization of the industry into doubt. The attack forced an admin key reset to redeem lost funds and sparked a surge in defi insurance, with major players hastily taking out cover to immunize themselves from financial loss. Exactly how decentralized is decentralized finance, critics are wondering.


Also read: 50 Cent, Talib Kweli, Snoop Dogg and Nas: Celebrities Who Could Be Bitcoin Millionaires DEX Volume Swells 71% in a Week


Decentralized exchanges, around which the defi movement revolves, are going strong. More than $2.3B was traded on Ethereum-based DEXs last year, and 2020 is on course to comfortably surpass that. $119M was traded in the last seven days, according to Dune Analytics, marking a 71% increase. Meanwhile, new DEXs are springing up regularly to meet growing demand. The latest, Dexive, will operate as a dual Ethereum and Neo decentralized exchange, with integrated trading features such as asset details, news portal, discussion forum and microblog. There are plans to ultimately integrate other blockchains such as Eos and Zilliqa to create a universal DEX. Latest DEX volume according to Dune Analytics


While demand for decentralized token trading, and the defi primitives it supports, ramps up, the industry has looked shaky of late. The Bzx exploit that occurred on February 15 has sparked intense debate as to whether decentralized trading protocols are truly decentralized, or whether the presence of a “kill switch” nullifies all such claims. Bzx is the seventh largest defi protocol, with over $18 million worth of funds locked. A Complex Transaction


The exploitation of Bzx occurred on February 15, with project co-founder Kyle Kistner providing details via the platform’s official Telegram channeland temporarily pausing all trading on the exchange. “Exploit” is probably the most apposite term, although arbitraging, attacking, hacking, and thieving have all been liberally used. The net result is the same: Bzx’s balance wound up $350K worth of ETH lighter, though the damage was far worse given the consequent loss of equity. So, how did it happen?


Essentially an exploit was executed against a contract on the project’s Fulcrum trading platform. The perpetrator took out a 10,000 ETH flash loan from non-custodial exchange Dydx before dispatching 5,000 ETH to Compound and borrowing 112 wrapped bitcoins (WBTC).


Thereafter, the attacker sent 5,000 ETH to Bzx, opening a 5x short position for WBTC. After the exchange had converted 5,637 ETH to 51 WBTC via Uniswap, the attacker then converted the 112 WBTC to 6,871 ETH on Uniswap before paying Dydx their original 10,000 ETH. The total transaction cost incurred by the multi-part smart contract was $8. Confused? You’re not alone; the sophistication of the exploit has had commenters applauding and head-scratching in equal measure. Tweets like "DeFi apps are no different than centralized exchanges because all the contracts have admin keys" is the cheap, boring fast-track to "CT wokeness" these days, forcing me to take the devil"s advocate and point out why that"s sometimes wrong. Warranted retort:


— Eric Wall IS RIGHT (@ercwl) February 17, 2020


An Oracle Problem


In the end, the perpetrator exploited a Bzx flaw that enabled them to trade an inordinate amount on Uniswap at an inflated price of 3x. In other words, it wasn’t an oracle bug per se, but a fundamental vulnerability in the design of the defi stack that facilitated its execution. Opening such a huge position caused a drain of funds from Bzx to Uniswap, enriching the rogue actor to the tune of $350K and resulting in a $620,000 loss of equity for Bzx. Market manipulation at its finest. Our first claims assessment has finalised with the 30,000 DAI claim on @bzxHQ being declined.


7 out of 8 members voted No, with over 76,000 NXM being staked in the process (over $300,000 worth of stake).


The claimant can resubmit a claim one more time if they wish. https://t.co/ffAvyKZlt0


— Nexus Mutual 🐢 (@NexusMutual) February 16, 2020



As well as temporarily taking Fulcrum down for maintenance, Bzx deployed a contract upgradethey said would make their system more robust against similar attacks and statedthat they would cover the attacker’s loan repayment by streaming “interest and exit liquidity to existing iETH holders” from the 600k of WBTC left behind. Amid the post-mortem of the attack, insurance for DeFi lending has experienced a serious uptick, with hundreds of thousands of dollars’ worth of cover taken out across protocols such as Maker, Compound, Dydx and Bzx. The largest defi protocols according to Defi.Pulse How Decentralized Is Decentralized?


Perhaps the most relevant question to emerge from this fiasco was posed by Twitter user @SupraBo_ in responseto Bzx’s update on the transaction: “Decentralized finance is so efficiently decentralized that it can be paused.” The bZx attack occurs regularly in traditional markets in the form of derivative manipulation, which tends to result in harsh regulatory punishments.


The real conundrum with DeFi is not flash loans or oracles, but that "attackers" merely play a permissionless game by the rules.


— Qiao Wang (@QWQiao) February 16, 2020



Another tweetsuggested the attack exposed the wider danger posed to the Ethereum network of fast-growing finance initiatives: “DeFi = how to increase systemic risk on Ethereum.” Litecoin creator Charlie Lee, meanwhile, sounded offby calling defi “the worst of both worlds,” noting that it “can be shut down by a centralized party, so it’s just decentralization theatre. And yet no one can undo a hack or exploit unless we add more centralization. So how is this better than what we have now?” Research by Chris Blec, who bills himself as “defi’s best friend and toughest critic,” has shown that most defi protocols have an admin key that can override the system in emergencies.



While it is easy to see why faith in defi has been knocked by this ingenious heist of sorts, another perspective is that the event represents a bump in the road for the movement, which remains at an early, experimental stage despite over $1 billion worth of value being locked in, mostly in lending solutions. The exposure of vulnerabilities, and consequent beefing up of procedures, is necessary for maturation of an industry in which innovation continues to play out.


What are your thoughts on the Bzx exploit? Do you think defi protocols are truly decentralized? Let us know in the comments section below.


Images courtesy of Shutterstock.


Did you know you can verify any unconfirmed Bitcoin transaction with our Bitcoin Block Explorer tool? Simply complete a Bitcoin address search to view it on the blockchain. Plus, visit our Bitcoin Chartsto see what’s happening in the industry. Share this story: Tags in this story Decentralized, defi, DEX, Ethereum, trading Related Tax Rules Hit Brazilian Crypto Exchanges, Forcing Trading Platforms Out of Business EXCHANGES | Lubomir Tassev


Tax regulations implemented even before dedicated legislation has been adopted have hit Brazilian cryptocurrency exchanges. Digital asset brokers failing to… read more. Russians Can Use Qiwi, Sberbank, Yandex Money and Now Binance P2P Exchange to Buy Bitcoin With Rubles EXCHANGES | Lubomir Tassev


A growing number of platforms allow Russian residents to purchase cryptocurrencies with local fiat money. Established cryptocurrency exchanges are not… read more. Kai Sedgwick


Kai"s been manipulating words for a living since 2009 and bought his first bitcoin at $12. It"s long gone. He"s previously written whitepapers for blockchain startups and is especially interested in P2P exchanges and DNMs. Please enable JavaScript to view the comments powered by Disqus.

News Feed

Ethereum Co-Founder Vitalik Buterin Criticizes Corporate Metaverse Attempts — ‘Anything Facebook Creates Now Will Misfire’
Ethereum Co-Founder Vitalik Buterin Criticizes Corporate Metaverse Attempts — ‘Anything Facebook Creates Now Will Misfire’ On Saturday, the co-founder of Ethereum, Vitalik Bu
Bitcoin ‘cascading long squeeze’ to blame for slump to $60K
Ciaran Lyons3 hours agoBitcoin ‘cascading long squeeze’ to blame for slump to $60KAn increasing number of traders entering new long positions was the “fuel” behind Bitcoin’s slump to $60,000, according to Bitco
XRP Price Ready To Run To $11 ATH? Alternative Larger Metrics Show The Answer
Este artículo también está disponible en español. A crypto analyst has shared an XRP price chart, analyzing its action on the 4-hour timeframe while pinpointing key metri
Epic Games Teams Up With Lego to Build a Kids Metaverse
Epic Games Teams Up With Lego to Build a Kids Metaverse Epic Games, the game developing studio, and Lego, the famous construction block company, have announced a partnership to dev
Ethereum Stabilizes After Market Drop – Key MA Reclaim Could Trigger A June Rally
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Biggest Movers: FTT Fire Sale Sends Token Over 70% Lower, SOL Also Falls Significantly
Biggest Movers: FTT Fire Sale Sends Token Over 70% Lower, SOL Also Falls Significantly FTX Token plunged by over 70% in today’s session, as sentiment surrounding Binance’s pote
Indian Government Finalizing Crypto Consultation Paper — ‘We Are Looking at a Global Paradigm on Digital Assets’
Indian Government Finalizing Crypto Consultation Paper — "We Are Looking at a Global Paradigm on Digital Assets" India’s economic affairs secretary has reportedly revealed
William Suberg10 hours agoBitcoin puzzles traders as BTC price targets $40K despite declining volume“Something doesn’t feel right” about the latest BTC price uptick, a warning tells traders, as Bitcoin open interes
Popular Radio Presenter Suspended for Alleged Ties to Bitcoin Scam
Popular Radio Presenter Suspended for Alleged Ties to Bitcoin Scam South Africa’s national broadcaster has suspended one of its employees that is accused of convincing unsus
Meta History Museum Raised Over $1,000,000, Releases New NFT Collection in Support of Ukraine
Meta History Museum Raised Over $1,000,000, Releases New NFT Collection in Support of Ukraine The META HISTORY project team created Ukraine’s first NFT war museum one month
Sberbank Launches First Blockchain ETF in Russia
Sberbank Launches First Blockchain ETF in Russia Russian banking giant Sberbank has presented the country’s first exchange-traded fund (ETF) giving investors access to the b
Zuckerberg becomes fourth-wealthiest person following shift to Meta
Vince Quill2 hours agoZuckerberg becomes fourth-wealthiest person following shift to MetaTech giant Meta"s current market capitalization is more than $1.4 trillion — making it one of the most valuable companies in the