The recent KuCoin hack of the KuCoin exchange and the ongoing OKEx event where withdrawals have been frozen have raised questions about how blockchain projects trade with exchange-traded coins when the said exchanges are breached or funds are disrupted.
In the case of projects like Tron, which have replaced OKEx’s tokens, such actions can be expected because their operation relies on a centralized management model. However, can projects stop smart contracts or freeze tokens if they are truly decentralized?
Was everything legal?
Choosing a strategy to save users money in case of force majeure can become a real dilemma for a project where tokens are traded on the cryptocurrency exchange. The implementation of measures using funds belonging to other persons is a great responsibility, especially if this occurs without the prior consent of these persons.
Events last month with KuCoin and OKEx – the two major cryptocurrency exchanges – showed that the various DeFi projects deal with the security of users’ funds with varying degrees of responsibility. In response to the KuCoin breakthrough on September 26, some projects froze funds, some implemented a hard fork, and others waited and saw the situation. Just a spoiler: All of these measures effectively blacklisted hackers’ cache of stolen codes and helped users get their money back, a move unprecedented in the industry. However, there are people who do not like projects where decisions have to be made without giving society a choice.
About this topic: OKEx lips are still restricted by sudden freezing of cryptocurrencies
In an effort to prevent KuCoin hackers from mining stolen assets, blockchain projects have taken steps to shut down affected tokens, which range from 10% to 40% of the total supply. According to KuCoin, Velo, Orion, Noia and about 30 other projects gained full access to transactions by implementing token swaps. In reality, however, these were not code exchanges in the usual sense of the word, as projects replaced the assigned letters with new ones.
Orion Protocol was one of the first projects to respond to the announcement of the KuCoin hack. In an effort to save the 38 million tokens affected by the incident, the project team decided to re-issue the ORN tokens via token swap on the same day the hack was announced. According to the project’s founders, the move made the previous contract title and icons obsolete. Alexei Kuluskov, CEO of Orion, told Cointelegraph:
“Almost immediately, the value of the stolen ORN tokens decreased and had little impact on the secondary market. We immediately updated our smart contract title during IPOs and IPOs so that normal trading can resume as soon as possible.”
KardiaChain, another DeFi project affected by a KuCoin security breach, with a total of $ 10 million in KAI flaws, also took steps to make the previous contract title obsolete and the code was changed to remove any risk of KAI theft. Tokens are sold in the secondary market. Astrid Dang, Head of Marketing and Partnerships at KardiaChain, explained that as a result of this tactic, the hacker tokens have been destroyed, while all other KAI addresses have been added to the new KAI token in the new contract address.
Other projects, such as Covesting, opted for less stringent measures that did not “affect the stability or decentralization of the symbol itself”. In particular, Covesting is selectively blocking addresses to keep user resources intact.
There have also been projects like Synthetix and Compound that expose their users to hacking KuCoin, but they don’t turn down contracts or block wallets. Does this mean that they are more decentralized than others? Perhaps, but it is worth noting that the amount stolen is relatively small – less than 1% of the circulation.
Everything is fine if it ends well
Did the projects have any other choice? The problem becomes particularly acute when considering the urgency required in situations where a large amount of money is at stake. The KuCoin hack shocked the entire market, and many enterprises faced a choice: trade or lose control of a large portion of the funds.
The share of stolen tokens on some projects is as high as 40% of the total, meaning the attacker can inflict more damage by manipulating the coin price. Koloskov, whose Orion project led to a breach of 38% of the traded ORNs, told Cointelegraph:
“To prevent the hacker from taking advantage of the exploitation of the ORN community, we had no choice but to change the symbol. We made an executive decision to immediately suspend trading, deposits and withdrawals on KuCoin while temporarily blocking deposits to other official listing partners.”
Some projects were unable to avoid the fall in prices.