Don’t worry, this is a feature of the blockchain!
Lack of oversight is something all the users want, so obviously, everyone is fine with this.
Your comment is quite misleading. Blockchain is all about verification and transparency and that is the reason why people knew about the hack that quickly. Authorities, private companies and individuals are following the funds block after block. The hack concern an exchange, a central entity with lots of ether tokens, not a blockchain.
From my understanding and this is still under investigation, the main issue is that the compromised exchange didn’t suffer from any breach. Their multi-sig setup signed a transaction liked if the company was agreeing. Could have been all the required key stolen ? Maybe. All the employee having keys getting corrupted ? Unlikely. From what I’ve read on the Ethereum Virtual Machine (EVM) multi-sig (Safe or Gnosis safe as exemples) setups users have no way for harware wallets (signing devices) to verify what they are signing and that the whole Ethereum ecosystem has been used to blindly signed for years. So they could have hacked the centralized coordinator entity such as app.safe.global but as I said this is still under investigation.
This is an Ethereum (or more of a EVM) design issue that you don’t have on Bitcoin multi-sig ecosystem for exemple where all the mainstream hardware wallet let you verify on their screen what you are signing.
A feature of blockchains (well not really blockchain in itself but rather in there competitive PoW consensus mechanism (I know Ethereum switched to PoS but…) is immuability and finality of the transactions, so you cannot rollback. Ethereum did a rollback in the early days creating a fork named Ethereum Classic which is the ledger that did not rollback. I don’t think Ethereum will rollback again, especially for such a small amount of eth and I think if they wanted and could have to, it would have been done already.
This while being a scary feature at first, in reality it enable you to create reversible transactions through escrow multi-sig setup emulating what the banking system sometime offer (a friend of mine couldn’t cancel an international bank transfer after 15 minutes for some reasons (he got scammed)). So you get the soft system built on top of a hard system, unlike internationnal banking which is soft only.
Sorry that your Neopoints were stolen.
Ethereum and EVM multi-sig is basically blind-signing on every hardware wallet. EVM is simply a bad design.
and nothing of value was lost
These incidents sincerely undermine some of the “big advantages” of blockchain. I worked for an NFT company for awhile, and we talked about how people stealing like this would just have the funds reversed because the blockchain can fork to solve it. But that shit rarely happens, or if it does, it’s probably all international money laundering. I have 0 faith in the community now, and it was a whole cult back in 2021.
I worked for an NFT company for awhile, and we talked about how people stealing like this would just have the funds reversed because the blockchain can fork to solve it
This is a pretty naive perspective when it goes directly against the whole ethos of the network. You can’t have credible neutrality and also have hardfork bailouts every time a centralized exchange with poor security practices gets hacked or “hacked”, these are mutually incompatible things. For a financial infrastructure that does reversals and central authority judgment calls, there is always fiat and banks.
I think it’s worth mentioning that this isn’t the first time eth suffered a big attack and it also wouldn’t be the first time they’d hard fork to roll back on the transactions. An attack in 2016 was rolled back in 2017, creating the eth classic, which ignored the changes.
I agree that there’s some line, but if we’re really talking about $1.5bn & it really is a theft, it seems reasonable to me. /shrug
It’s probably money laundering anyway, but I dunno. If the blockchain is protected through a decentralized ledger, couldn’t they vote via governance?
Keep in mind, I read the headline & not the article. I got no clue what chain or crypto involves the story. The web3 world gave me a salary boost, and that was enough for me. It was stressful working in a grey area at times.
It’s Ethereum, so close relevance to anything web3.
it seems reasonable to me.
It won’t seem reasonable to the people developing the software or running the staking nodes whose consensus would be needed, see https://nakamoto.com/credible-neutrality/ for an idea of why. Basically the idea is that the more a network acts to impartially execute algorithms than as a subjective governance body, the more it can be relied on without worrying about the potential bias of that governance, and that impartiality is at the core of its actual value. The whole “code is law” thing might not be literal reality, there is a line, but that line is located at an existential threat to the network itself (ie. the DAO hack hardfork which was the only time this was really done, or the plans for a hard fork to recover after a hypothetical quantum computing attack breaks encryption on all wallets).
If there was an office somewhere practically able to wield a ctrl-z button for Ethereum accepting support tickets for its use, that would be a very different sort of cryptocurrency and imo not one that would be likely to work out.
Anyway this kind of hack does suck, but I think ultimately the lesson just has to be for people to either self custody or avoid crypto entirely. Centralized crypto exchanges rarely deserve the trust placed in them.
