Ledger Nano S - The secure hardware wallet

Binance confirms funds are #SAFU, abandons Bitcoin Rollback in response to 7,000 BTC hack

Binance confirms funds are #SAFU, abandons Bitcoin Rollback in response to 7,000 BTC hack

The past 24 hours has seen news break of a massive hack that saw 7,000 BTC stolen from Binance’s Bitcoin hot wallet. With a value of a little over $40 million, it’s far from the largest exchange hack in cryptocurrency history, but there’s no doubt it is one of the most significant. Binance is usually ranked as the largest crypto-to-crypto exchange by volume and a majority of cryptocurrency traders worldwide regard it as the most reputable and secure. In the dramatic fallout from the hack, Binance CEO Changpeng ‘CZ’ Zhao floated the idea of something even more unthinkable: reversing transactions on the Bitcoin ledger to recover the stolen funds.

Binance first announced the hack at around 03:00 UTC on May 8 via an official blog post. As we detailed in an earlier report on the hack, the 7,000 BTC were transferred out of Binance’s Bitcoin hot wallet in a single transaction timed at 17:15 UTC on May 7. Binance’s announcement of the hack included several steps that the exchange will be taking to ensure security and guaranteeing user funds, including suspending withdrawals and deposits during a security review period which Binance estimates will take around one week. The announcement also mentioned that users funds would be guaranteed by a “Secure Asset Fund for Users” (SAFU) that has been in place since a much smaller security breach occurred last July.

But as CZ fielded questions, suggestions, and offers of help during a video Ask-Me-Anything (AMA) session and on Twitter in the hours that followed, by far the most controversial suggestion to emerge was that a rollback of the Bitcoin blockchain could be enacted to return the stolen funds to Binance.

The idea of rolling back the supposedly immutable Bitcoin ledger caused much debate and CZ eventually concluded that such an idea was likely to do more long-term harm than good for Binance, Bitcoin, and cryptocurrency in general. Many have questioned whether it would even be possible for Binance to orchestrate a rollback of the Bitcoin ledger.

So now that the immediate shock and panic that followed the hack’s announcement has quietened down, what are the short and long term consequences of this hack? And how have the wider Bitcoin and cryptocurrency communities reacted to the news?

The Hack

Binance’s initial announcement of the hack is careful to note that the funds theft only affected a hot wallet containing 2% of the exchange’s total BTC holdings. However, it also notes that hackers were able to obtain “API keys, 2FA codes, and potentially other info.” This information was seemingly gathered over an extended period of time, with the still-unidentified hackers demonstrating “the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time” and the foresight to structure the attack “in a way that passed our existing security checks.” It also warns that hackers may still be using stolen account details to influence markets, but that the restriction of withdrawals and deposits over the next week should mitigate the risks associated with this.

Rolling back the Bitcoin Network

During his video AMA conducted in the hours after the attack, CZ said that the idea of rolling back the Bitcoin network to undo the hack had been suggested both Binance supporters and Bitcoin core developers. To do this, Binance would require the support of 51% of hashrate power on the Bitcoin blockchain. CZ mentioned that this level of consensus could be achieved and the transaction undone “within days.” But at the same time, CZ noted there were many important “ethical and reputational considerations” that had to be taken into account first.

While Binance is certainly well-connected and reputable enough within the crypto space to make the rollback feasible, such a response might cause lasting damage to Bitcoin’s reputation. A similar situation occurred with the Ethereum DAO hack in 2016, resulting in a hard fork of the Ethereum network and the creation of the competing Ethereum Classic and Ethereum blockchains, as explained in detail on this Medium post detailing the DAO’s collapse.

The DAO (Decentralized Autonomous Organization) was an Ethereum-based venture capital fund aimed at crowdfunding promising projects on the Ethereum network. Soon after its May 2016 launch, the DAO had become the world’s largest crowdfunding pool, with users contributing 12.7 million ETH, which at the time was worth somewhere in the region of $150 million. Ethereum’s value rose to $20 in the month following the DAO’s founding and the value of its holdings rose with it, reaching more than $250 million. But by mid-June, hackers had founded an exploit which caused the DAO’s smart contract to return funds at a rate faster than its balance was updated. In total, 3.6 million ETH – worth around $70 million – were quickly drained from the DAO’s funds.

The hackers were not able to immediately make off with their stolen funds, as the DAO required a 28 day holding period before the funds would be sent out. During this time, a contentious hard fork was executed on the Ethereum blockchain, resulting in the splintering of Ethereum and Ethereum Classic. The hard fork, like that proposed in response to Binance’s hack, meant that the main Ethereum blockchain was returned to a state in which the hack had never happened.

But the Bitcoin blockchain of 2019 is a completely different beast to the Ethereum blockchain of 2016. Despite a massive fall from its all-time high above $1,400, Ethereum is still trading at close to ten times its peak during the period when the DAO hack took place. Binance is far from the only place were Bitcoin is being traded and transacted. Such a blockchain reversal now would surely be far more controversial than that which followed the DAO hack.

CZ himself admitted as much in a series of tweets detailing his rationale behind abandoning the idea of a Bitcoin blockchain rollback.

His decision to not reorganize the Bitcoin blockchain was mocked in a post to the /r/Bitcoin subreddit, where opinions on the potential rollback ranged from calling it “delusional” to “a grievous betrayal of [the Bitcoin] ethos.” However, while being critical of the concept, the top voted comment within the discussion does note one positive aspect of CZ and Binance’s consideration of a rollback:

“I always [thought] it was an example of a failure of the MTGox trustee (for example) not even asking the community if it would change the protocol to make MTGox whole… not because the request wouldn’t be a total joke– it would be. But because it would be an example of a zealous pursuit of recovery.”

/u/nullc’s comment reflects a generally positive appraisal of Binance’s response to the back that stands in contrast to most other previous exchange hacks – especially the notorious hack of the Mt. Gox exchange in 2014.

However seriously he may have considered the possibility of rolling back the blockchain, CZ seems to share the majority of the cryptocurrency community’s opinion in declaring Bitcoin “the most immutable ledger on the planet,” ending discussion on the rollback once and for all.

Funds Are #SAFU

Even ignoring the controversial suggestion of rolling back the Bitcoin network, CZ and Binance’s response to the hack has offered a stark contrast to a majority of previous major exchange hacks. It also similarly contrasts with the controversy currently surrounding the Bitfinex exchange and its affiliated Tether stablecoin.

While Binance has always been able to thwart hacks and other attacks in the past, it came very close to a similar disaster in July 2018. As detailed in a blog post issued soon after, a number of unusual trades were detected on Binance, causing Binance to suspend all trading and withdrawals. The unusual trading activity was attributed to comprised API keys that users had been using to automate trading. API keys can be used to allow ‘bots’ to take control of trading on a users’ account. While this can be done safely, it seems that a combination of inexperienced API users and malicious bot coders had resulted in manipulated trading that could have turned into a large-scale hack. But not content with thwarting the attack before hackers had made off with user funds, Binance also took stops to safeguard against future hacks by creating the Secure Asset Fund for Users (SAFU).

“SAFU” plays on a widely-shared meme that implies Binance’s funds will be “safe” until the end of time. CZ has seemingly been a big fan of the meme, referencing it in numerous tweets and then using it as an acronym for Binance’s insurance fund against future hacks. Binance allocates 10% of trading fees generated each month to the SAFU, which will now be used to reimburse users who were affected by the 7,000 BTC hack.

Binance has dealt with the latest hack in full public view, with CZ’s video AMA going virtually as soon as it was announced. CZ has also been very active on Twitter whilst dealing with the fallout. This is a world away from the infamous Mt. Gox hack that occurred between 2013 and 2014, in which a staggering 850,000 BTC was stolen. Withdrawals from Mt. Gox were delayed or prohibited altogether for months leading up to the exchange’s February 2014 announcement of the hack, with no clear reasons given.

Similar complaints have been commonplace in recent weeks on cryptocurrency-related subreddits as legal pressure mounts on iFinex, the firm behind Bitfinex and Tether. Reddit user /u/sph44 compiled a lengthy list of the huge number of posts that have been made regarding issues withdrawing from the exchange, mirroring the issues experienced by users of Mt. Gox before it collapsed. Binance withdrawals may be suspended, but clear communication means that nobody is any doubt as to why. And Bitcoin has been trading for a large premium on Bitfinex compared to other exchanges recently, in a situation that has also caused disparity between fiat-to-crypto exchanges such as Coinbase and Tether-utilizing exchanges such as Binance.

Analysis from a CoinDesk article on the hack estimates that users have little reason to worry of a Binance implosion similar to that experienced by Mt. Gox or which many believe may currently be occurring at Bitfinex. 20% of Binance’s quarterly profits are used to buy back and “burn” its BNB tokens, with the most recent burn suggesting quarterly profits of $210 million – far in excess of the $40 million lost in the recent hack.

Fallout from the hack has also shown how much the crypto space has matured since the Mt. Gox collapse of 2014. CZ has praised many on Twitter, including seeming rivals Coinbase, for taking steps such as blocking deposits from accounts related to the hack.

Twitter may also be improving in regards to dealing with crypto scams on the platform. Earlier, many of CZ’s hack-related tweets were followed up Medium links from a fake account offering users up to 10x whatever amount of Bitcoin or Ethereum they sent to a provided address as recompense for the hack. Though replies seemed to suggest a number of users had fallen for the scam, the account appears to have been deleted from the platform and its replies to CZ’s tweets are no longer visible. This will be a relief to others in the crypto space such as Vitalik Buterin, who has amended his Twitter handle to warn that he never engages in free ETH giveaways over the platform.

A final note is that Tron’s Justin Sun offered to personally cover the stolen 7,000 BTC. Sun’s interjection has been widely mocked on both Twitter and other platforms, with many users making less-than-complimentary references to a similar interjection he made into the recent Twitter exchange between Elon Musk and Vitalik Buterin.

The Long-Term Fallout

Binance Coin has predictably been the worst affected of the top 10 cryptocurrencies in the hack’s fallout, dropping from $23 to as low as $20.20 in the past few days. But the price seems to have met resistance at this level, while any effect on the price of Bitcoin has been little more than a momentary blip on the price chart.

The idea of rolling back the Bitcoin ledger was a moment of madness that – as CZ acknowledged soon after – would have much more damaging consequences than the theft of 7,000 BTC. But Binance’s response to the hack has probably guaranteed that the effects will be short lived. It seems unlikely that Binance Coin won’t rebound from the recent dip and again test its recently-recorded all-time high above $25 in the months to come.

About Christopher Williams

Christopher Williams is a British writer based in South Korea with a strong interest in emerging technologies, cryptocurrency, and the development of decentralized apps.

Ledger Nano S - The secure hardware wallet