The decentralized financial platform bZX has often been in the spotlight this year, and not just for the right reasons. Most of the popular DeFi platforms today, including bZX, began the journey around 2018, at the end of the first boom in coin supply. DeFi began to absorb steam in 2019, although it was still a somewhat neglected sector of the industry.
As growth continued, doubts began to grow that the major disruptions typical of the digital asset sector were being delayed. Given the complexity and sophistication of these platforms, it was reasonable to assume that not all are robust.
This year can be described as a testimony to the old saying, “When it rains, you pour.” Unfortunately for bZX, it was the first major DeFi platform that had a major breakthrough in February 2020. It was also the second platform used when two subsequent attacks paralyzed a project and made it miss an opportunity. Most of the DeFi mutations.
Related: Could BZx’s rapid credit attacks signal the end of DeFi?
While several other platforms followed, bZX’s problems did not really end: shortly after the restart in September, it was hacked again. Although it may seem like the last blow for the project, co-founder Kyle Kestner is still optimistic that the platform will be back to normal again.
“Since we got our money back and the funds are safe, we have a whole set of shared assets unlocked and a large trading volume,” Kistner told Cointelegraph. “We did not go back to where we were before, but our trading volumes grew really fast.”
Kistner repeatedly stated during interviews that, despite all these hacks, the platform has certainly not lost users’ money. The money of the first victims was returned, and the hacker from September was taken to zero via blockchain analysis and returned the money. In any case, Kistner and the bZX team this year have been rude to say the least.
Caught with their drinks
Cointelegraph: The first bZX hacking happened on February 14 when the team was absent from the ETHDenver conference. How did you hear about the attack?
Kyle Kestner: We were at this party, it was the Keep and Compound clock. We’re sitting there talking to Ryan [Burkon, CEO of Tellor], and he tells me how he just put money into Fulcrum and shows me the interest rates. I noticed that ETH rates were abnormally high. And I said, “Oh, this is very strange.”
I talked to Tom [CEO of bZX] about this and felt something very strange about it. Later that evening, we received a message from Lev Livnev from DappHub, who noticed a strange treatment, which actually led to a lot of interest in the iETH pool.
And you know, we drank, so we needed to wake up. It was a crazy experience, it was 11.30 and we were celebrating with the rest of the workers in the area, and suddenly I was in a very dangerous situation. During the investigation, we realized that it was necessary to stop the operation of the entire system.
This thing did not really have a pause button, but together we cracked a solution by disabling Oracle’s whitelist. This prevented further acceptance of funds.
Then I call my wife and say, “I do not know how to meet people from the industry, go back to ETHDenver and see everyone there.” For a moment I thought I could pack my suitcase and go home, but my wife pulled me out. Tom sat there, a little frozen and washed everything.
Eventually, Kistner and the team regroup. They managed to take a good break – the protocol did not automatically spread a loss of more than 1100 ETH worth around $ 300,000 among all users of the platform. This gave them a chance to get their money back in full and allowed the company to continue working. “It gave us morale,” Kestner said.
When the team showed up at ETHDenver the next day, Kistner said, “People really congratulated us. There was a lot of support, and people said, “We are builders, you are builders, we are all.”
CT: Then there was the second attack. How did you know?
KK: We just got to that restaurant. We were in a ski resort in Colorado, he helped us organize this, and we were in awe of it. We ordered all this food, and Tom looked at his phone – he just loves to perform various transactions on the system, especially if something looks weird or strange. So he looked at this one transaction, and it looked very strange because she had to terminate the contracts, and she had a quick loan and needed small amounts over and over again.
So we looked at this transaction, and it took us about two seconds to say, “Well, someone has been hacked.” It does not work properly at all.