Bancor, an Israel-based company runs a ‘decentralised’ exchange called Bancor, ofcourse. In June last year, Bacor became the biggest ICO in terms of raising money. Bancor foundation raised $153 Million in Ether by selling its token BNT. What will Bancor build? A decentralised Exchange.
A year later today, the exchange was hacked and lost about $23.5 Million worth of cryptocurrency.
The exchange said in a statement, “a wallet used to upgrade some smart contracts was compromised”. The attackers withdrew 24984 ETH (~12.5 M USD), PundiX’s NPXS token worth approximately One million USD and BNT, Bancor’s tokens worth approximately 10 M USD.
Bancor has taken its exchange offline while it conducts an investigation. There is no word on when the service will resume.
Decentralised Exchanges don’t get hacked
The fundamental idea behind a decentralised exchange is that the users hold their private keys. Hence, decentralised exchanges don’t get hacked. Bancor has claimed to be a decentralised exchange and strictly speaking it looks like one because user funds remained unaffected in this hack. But there are reasons to categorise it as a centralised exchange which we will get to in a minute.
How did Bancor get Hacked?
We have to wait until an official response from Bancor shares more insight. But while we wait, it isn’t a bad idea to glance upon what could be the loopholes that may have led to this hack.
A year ago when Bancor launched, a crypto researcher Udi Wertheimer pointed out the vulnerabilities in the Bancor smart contract in a blogpost. Today, while the real reason for the hack is still under investigation, the vulnerabilities call out on Bancor for being ‘decentralised’.
Ofcourse, I cannot go into the full report but lets focus on the few comments which are relevant to today’s attack.
BNT Token Centralisation
I have never seen a token as centralized as BNT, that puts so much power in the hands of so few – Udi
The comment was made with respect to the power that the Bancor’s smart contract holds. One of them being the team’s ability to freeze or destroy BNT tokens whenever they want. This finding was actually acknowledged by Bancor in their response then.
We believe it is the right choice for Bancor to have options for dealing with unexpected problems… Ultimately, we are the ones you will look to in the event of a breach. We are also the ones you are putting your trust in when you contribute to this project.
Connection to today’s Hack
Bancor was able to freeze the BNT tokens today after the hack. In its statement, Bancor says “Once the theft was identified, we were able to freeze the stolen BNT, limiting the damage to the Bancor ecosystem from the theft”
Bancor clarified that it is not possible to freeze the ETH or NPXS tokens stolen but they are working with multiple exchanges to limit the attackers from liquidating it.
Single Point of Failure
Udi talked about the risks involved in the Bancor project is his post,
Having so much power concentrated centrally, creates a potential single point of failure. The keys held by the team could be stolen for example.
The comment was pointing at the governing system of Bancor. After discovering many backdoor entries into the contract, Udi shared the risk that any centralised system would possess. But Bancor did respond.
This is quite far fetched, as we’re using industry best practice multi-sig contracts, on offline wallets, where the different keys are password encrypted and are never stored in proximity to each other.
Connection to today’s Hack
While the real method is under investigation, despite ‘industry best practices’, the hack took place, which means the measures taken by Bancor failed. Bancor clarified, ‘A wallet used to upgrade the smart contract was compromised’, a single point failure.
User Funds are Safe
User funds are held in wallets and they haven’t been compromised. However Bancor lost their own funds, possibly the investor money. Nevertheless, there is a lesson I learnt as a Bancor user.
My funds haven’t moved. They are in the wallet. But I can only use the wallet when Bancor is back online again. Until then I cannot access the funds. Reason: I do not have the keystore file of my wallet. As stupid as it sounds, I made a simple error in judgment that has got me on the edge of the seat now.
For all of us, I recommend, once Bancor is live again, download the keystore file immediately so you can extract funds whenever you want from other services like MEW.
— Bancor (@Bancor) April 17, 2018
Conclusion – Bancor is Centralised in many ways
Bancor is not fully decentralised. The power is not in the hands of the people. Yes the funds are in user’s wallets, but Bancor plays an important role is how those funds are exchanged on their exchange. Bancor holds the ‘security switches’ that allow them to take actions like freezing tokens in emergency.
Bancor can freeze tokens and can essentially be hacked (an idea considered absurd with decentralisation). Udi even went on to find out possibilities in the smart contract to freeze other tokens, however the same wasn’t used today by Bancor.
The entire episode makes Bancor’s support for Vitalik Buterin’s now famous ‘Centralised exchange can go burn in hell’ quote a tad bit ironic.
“Burning in hell” is a bit extreme, but we do agree with @VitalikButerin that #decentralized solutions — such as Bancor — are the future of #blockchain and value exchange. https://t.co/XLqtc82H19 pic.twitter.com/ZuKKbKFwmM
— Bancor (@Bancor) July 8, 2018