A recent event has put Binance, a major global cryptocurrency exchange, under scrutiny. When a major scam dubbed as “PopcornSwap” drained liquidity providers of over $2 million, victims turned to Binance for aid. The controversy surrounding Binance’s response casts a spotlight onto the security measures taken (or not taken) by crypto exchanges, and the use of blockchain tech that powers them.
In January 2021, PopcornSwap, a decentralized exchange operating on Build N Build (BNB) Chain, executed an exit scam stealing a substantial sum of user assets via a concealed function in the exchange’s smart contract. The stolen fund, valued at $2 million then, grew to over $10 million as users speculated on whether funds were frozen or not.
As the saga continued, Binance came under fire. Initially, the exchange declared its inability to freeze wallets outside its exchange addresses, citing the decentralized nature of BNB Chain. However, later events unveiled that in fact, Binance had the capability to freeze private wallets in such circumstances, provided all validators consent.
Nearly two years after the scam, Binance finally froze the scammer’s wallet. This was only after the scammer willingly left the stolen funds in the original account, making no attempt to move them. Some expressed disappointment, wondering why this move was not made at the initial stages itself.
Binance’s actions have raised several questions, many of which center around the transparency and security of blockchain technology. While the power of Binance’s validators to freeze the scammers’ wallet on BNB Chain is seen as a positive security measure, it also contradicts the fundamental feature of decentralization, calling into question the narrative and ethos of blockchain-based systems.
Additionally, the incident highlights the risk associated with smart contracts. A loophole in a smart contract function can result in a substantial loss for stakeholders, posing a grave threat to their investments. With the mechanism for compensating victims after an attack being difficult and subjective, it underlines an inherent flaw of the system.
In response, Binance has stated its compliance with ongoing investigations and readiness to support law enforcement. Despite the exchange’s decentralized claims, it’s evident that they can exercise control over users’ assets if necessary.
In essence, the PopcornSwap incident serves as a cautionary tale: victims of a crypto scam face challenging obstacles on the road to reimbursement — and despite claims of decentralization – certain entities can, if necessary, exercise control over these assets. The incident underscores the complexities of blockchain and its internal administerial processes, urging users to tread carefully in this high-risk, high-reward landscape.
Source: Cointelegraph