Binance is tackling to issue of proving where user funds are by using the third-party auditor Mazars, a leading Hong Kong-based auditing firm, to prove independently that user funds held by the exchange are safe and “untouched”. This is particularly important as users are demanding to know that funds are safe (or “SAFU”) and that they can trust the exchange to keep holding their funds. Auditing centralized exchanges help to ensure that they are compliant with applicable laws and regulations, as well as industry best practices. This helps to protect users from fraud, manipulation, and other malicious activities.
Binance BTC Reserves are Fully Backed
Mazars, an international audit, tax, and advisory firm, has confirmed that Binance has more than enough Bitcoin (BTC) to cover all customer deposits. The report verified a 101% collateralization ratio on 575,742 BTC in net customer deposits as first published on their proof-of-reserves system on November 25. All assets included customers’ spot, options, margin, futures, funding, loan and earn accounts for BTC and wrapped BTC circulating on the Bitcoin, Ethereum, BNB Chain, and BSC blockchains.
To ensure customers’ assets are not being lent out or stolen without permission, Binance implemented a Merkle Tree proof-of-reserves system that allows customers to independently verify the safety of their assets.
Binance Merkle Tree Proof-of-Reserves (Source: Binance)
Binance Securely Controls Custodial Wallets
Mazars has also asked Binance to perform transactions at specific times to prove that the wallets were actually under Binance’s control. This clarifies the situation in late November when Binance moved 127,351 BTC to an unknown wallet. According to the report, Mazars used Etherscan and BSCscan to check that the wallets indeed belong to Binance.
Moreover, Mazars reviewed the scripts that Binance uses to extract the total net deposits, making sure there was no duplicated or rigged user IDs. This confirms that Binance’s Merkle tree is built with open source script developed by Silver Sixpence.
What This Means for Investors
Binance is the world’s largest crypto exchange by trading volume, and is arguably the most used platform for all crypto users. After the collapse of FTX, Binance CEO Changpeng Zhao (CZ) was jokingly hailed as the “savior” of crypto, doing everything he can to repair the industry. However, Binance itself is no exception to scrutiny as a result of FTX’s collapse. People need to know what centralized exchanges are doing with their money.
Binance’s audit has cleared up a lot of doubt, restoring confidence in the exchange. However, there are still two issues raised by the crypto community:
A Step in the right direction
Overall, auditing centralized exchanges are essential for protecting users and ensuring that exchanges are operating in a safe and secure manner. By conducting regular audits, exchanges can help to ensure that their customers are protected and that they are getting the best possible service. Binance has also provided on-chain proof of funds using “Merkle” Proofs in November of 2022. This means that Binance has taken efforts to prove that both Fiat and Crypto deposits in their custody are safe.
FAQ
Is Mazars a reliable auditing firm?
While most of the community praises Binance’s initiative, several Crypto Twitter users expressed concerns that Mazars is not one of the “Big Four” accounting firms: Deloitte, Ernst & Young (EY), PricewaterhouseCoopers (PwC), and KPMG. For the longest time, audits made by any one of the Big Four is the gold standard, and any other firms are deemed not “credible” enough. This is reasonable enough seeing as FTX was in fact audited by smaller accounting firms. But that might not be the case for Mazars. Founded in 1945, Mazars is one of Europe’s largest audit and accounting firms with global presence. In fact, Mazars was a longtime accountacy firm for former president Donald Trump. But after finding out Trump’s business filings were not adding up, Mazars cut ties with his business. Given their track record, it is safe to say that Mazars is reliable as they conduct due diligence on any business.
Binance audit only accounts for BTC reserves
The audit only focuses on BTC assets for now. As of now, Binance does not have a proof-of-reserves system for other cryptocurrencies. But at the end of the day, this is a big step towards a more transparent ecosystem. Let’s hope there will be more developments in the coming weeks.
“Not your keys, not your crypto” — this decade-old mantra has taken full effect after the FTX collapse. Crypto users have lost faith in centralized exchanges (CEXs) and are migrating to decentralized exchanges (DEXs) instead. Though a non-custodial option seem to be an ideal solution, it would likely take a long time until price discovery shifts from centralized to decentralized platforms. Let’s take a closer look.
Impact of FTX Collapse on Centralized Exchanges
Almost every centralized platform in the crypto industry had done business with FTX, and some companies bore the brunt of the collapse such as BlockFi, Genesis Trading, and KuCoin. Crypto users around the globe found they could no longer withdraw assets from several crypto exchanges as the contagion spreads.
FTX’s collapse is a symptom of a problem inherent to centralized exchanges, also known as custodial exchanges. Customers’ tokens parked on the platform are exposed to the risk the exchange could go bust. Because crypto has no government depositary schemes to cover losses, customers of insolvent exchanges must wait for bankruptcy courts to regain what remains of their funds — if there is any left after other investors claim their share.
Given the circumstances, all crypto exchanges including Binance have been implementing proof-of-reserves to verify they have enough assets to cover all customers’ funds. Though it is a good transparency initiative, investors still fear for the safety of their funds. As a result, many CEX customers rushed to withdraw their funds, opting for non-custodial solutions. This is where DEXs come in.
Rise of Decentralized Exchanges after FTX Collapse
Soon after FTX’s downfall, decentralized exchanges saw a vertical spike in trading volume. According to DeFi Llama, the monthly DEX volume showed an increase of 80% from $57.6 billion in October to $103.8 in November. At the time of writing, Uniswap had the largest trading volume with 60%, followed by Curve (9.6%), PancakeSwap (9%), DODO Exchange (8%), and Balancer (3%).
Moreover, Uniswap also surpassed Coinbase in daily ETH trading volume on November 14 ($1.1 billion vs $600 million). This is significant as CEXs have always been dominant in trading large market cap coins given their deep liquidity. It strongly indicates traders are moving away from CEXs.
This is compounded by the fact that Bitcoin (BTC) has been exiting CEX wallets at a record pace. According to on-chain data analytics Glassnode, BTC withdrawals from CEX to self-custody wallets is unfolding at a historic rate of 106k BTC monthly. This accounts for $3.7 billion worth of Bitcoins over the past week. Simultaneously, hardware wallet providers such as Ledger and Trezor reported its highest sales day. Check out some of these wallets:
Decentralized exchanges, also known as non-custodial exchanges, are decentralized finance (DeFi) protocols that allow users to trade directly with other users via smart contracts, without handing over management of their funds to an intermediary or custodian.
They are non-custodial, which means users have full and exclusive control of their wallet’s private keys. This is the opposite of putting your assets on CEXs as they hold onto the wallets and keys on your behalf. This feature makes it impossible for centralized players to siphon user funds, and is why people are doing their trading on DEXs instead.
Transactions on DEXs are facilitated through the use of smart contracts, and liquidity pools are funded by other users. As such, there is significantly reduced counterparty risk — you do not need to trust other users, only the code. There are three types of DEXs that uses different protocols: automated market makers (AMM), order book DEXs, and DEX aggregators. But they are all programmed to determine the best price for an asset, all while offering a better rate for users compared to CEXs.
Moreover, anyone can earn passive income if they provide liquidity to the protocol. On the other hand, CEXs are managed by a centralized organization such as a bank or a small handful of professional trading firms or market makers. In this case, since liquidity is concentrated in these actors, CEX maker and taker fees are much higher than DEX swap fees. Additionally, they can also choose to withdraw their assets during periods of volatility, restricting trades when users need it most.
Challenges Facing Decentralized Exchanges
Despite the many critical advantages DEXs offer, it has several downsides that hinders widespread adoption:
Relies Heavily on Centralized Exchanges
Most DEXs are dependent on price oracles (i.e. Chainlink) that source data from CEXs. As such, an attacker can manipulate the price of an asset on a particular DEX, leading to inaccurate price data being fed to all protocols which rely on that DEX as a price oracle.
A flash loan attack is a common method to trick price oracles. In such events, attackers essentially create false arbitrage opportunities by instantaneously borrowing, swapping, depositing large numbers of tokens, tricking price oracles that the target token’s price is being moved on a single exchange.
This creates a disparity which can then be arbitraged, allowing the sale or purchase of assets at above or below market price. Polygon’s Quickswap was a victim of this attack in October 2022.
DEX Transactions are Slower than CEX
Trading on DEXs are often much slower because all trades take place on the blockchain. It takes time for blocks to be validated and transactions to go through. On the other hand, CEX trades are almost instantaneous because they take place on proprietary matching engines instead of the blockchain. These engines are complex software that synchronizes and combines data from thousands of trading pairs at the same time.
Liquidity Issues and Impermanent Loss
DEXs cannot yet compete with large CEXs in size as they cannot offer as much liquidity. When they do not have enough liquidity, large orders can incur slippages in which the buyer pays above-market prices on their order. As such, a lack of liquidity can deter institutional participation as large orders are likely to suffer from slippage.
On another note, liquidity providers are exposed to a risk of impermanent loss when depositing two assets for a specific trading pair. In most cases, liquidity providers end up withdrawing more of the token that lost value and less of the one that gained value because the ratio of tokens held in the pool changes as trades occur.
Smart Contract Vulnerabilities
Although there is significantly reduced counterparty risk when using DEXs, there is still the issue of smart contract vulnerabilities that can be exploited by hackers. Smart contract codes are publicly available and anyone can review their code. Therefore, exploitable bugs can still slip past audits and other code reviews.
In the wake of FTX’s collapse, users’ confidence in centralized exchanges are waning and the crypto community expects a shift toward decentralized platforms. However, according to JPMorgan and several other financial analysts, centralized exchanges will continue to control the majority of global digital-asset trading volumes. Although DEX trading volume has surged over the past month, it is a possibility that it reflects the automatic liquidations following the FTX collapse, and does not indicate the start of a long-term trend.
DEX users are still confined to a relatively small base of niche traders and investors, and their interfaces can be difficult to navigate. At this stage, CEXs still provide a better user experience, fiat gateways, and deeper liquidity. To date, Uniswap has a total of 4.5 million users cumulatively, whereas Coinbase has a total verified user base of 108 million.
With that being said, DeFi is still in its infancy. Development in liquidity protocols, safekeeping mechanisms, and user interfaces is needed to fully realize the potential of non-custodial trading services. As long as DEXs can compete with CEXs in terms of liquidity and speed, we may start to see widespread adoption or even a full-on switch to DEXs. After all, decentralized infrastructures are key to preventing centralized collapses, something we, as the community, has had enough of for the past year.
In light of the FTX collapse, cryptocurrency exchanges are implementing proof-of-reserves (PoR) as a form of on-chain accounting that shows their entire holdings and customers’ assets. As centralized entities, this is a big step towards a more transparent crypto ecosystem, but some argue it might not be enough to regain investor trust. In this article, we will explain how PoR works and why it matters.
Proof-of-reserves (PoR) is a cryptographic method to verify that an exchange has enough assets to cover all customers’ deposits. In doing so, the exchange ensures customers they have sufficient liquidity on hand to process all withdrawals, should a bank run occur.
This has left the crypto community wondering what other crypto exchanges might be doing with customer assets. As a result, Binance CEO Chengpeng Zhao (CZ) urged all crypto exchanges to do PoR, albeit Kraken was one of the first exchanges to prove their reserves in February 2022.
All crypto exchanges should do merkle-tree proof-of-reserves.
Banks run on fractional reserves. Crypto exchanges should not.@Binance will start to do proof-of-reserves soon. Full transparency.
Proof-of-reserves essentially involves taking a snapshot of all balances held on the exchange which are aggregated into a Merkle tree — a data structure designed to encapsulate and encrypt data. These Merkle trees, also known as hash trees, function as a map of the exchanges’ assets and liabilities (customers’ tokens).
From there, a Merkle root is obtained, which is a cryptographic fingerprint that uniquely identifies the combination of these balances at the time when the snapshot was taken. Afterwards, digital signatures produced by the exchange are collected, which prove ownership over the on-chain addresses with publicly verifiable balances. To put it simply, the exchange discloses these addresses and provides proof that they have access to the associated private key.
Because Merkle trees are part of blockchain technology, anyone can compare and verify if these balances exceed or match the customers’ balances represented in the Merkle tree. In the case of crypto exchanges, this process is either self-attested by the exchange or carried out by an independent third-party audit. As of now, most crypto exchanges have been working with Nansen, a blockchain analytics platform, for their PoR audit.
1/ We are working with exchanges to display proof-of-reserves on @nansenportfolio for everyone to track their token holdings and transactions.
Here's the current list of exchange portfolios and we will live update this thread with more, so make sure you are following! 🧵
Although proof-of-reserves is certainly a step in the right direction, there are still several improvements that could be made to enhance transparency and trust.
Proof-of-Reserves are Pointless without Proof of Liabilities
A proof-of-reserve audit without disclosure of total liabilities, not just customers’ tokens, does not paint a full picture of an exchange’s solvency. This would include anything the exchange owes such as debts and taxes. Kraken CEO Jesse Powell expressed that Binance’s PoR is pointless without liabilities. This is also in reference to other platforms publishing their PoR without mentioning any liabilities. He also added that accounts with negative balances must also be included in the sum of total liabilities.
However, the problem is that these liabilities are NOT on-chain, which means an independent auditor has to step in. At that point, crypto exchanges will have to provide the same proof as all public and regulated companies provide — audited financial statements. (Clonazepam) Coinbase is one of the few exchanges to do this. Since they are a public company subject to U.S. regulations, they have already been proving their reserves using balance sheets audited by the SEC.
Therefore, the most reliable way to prove an exchange’s assets are more than its liabilities is via third-party auditors. In fact, CZ responded to Powell’s comments that Binance would involve third-party auditors to audit their PoR results.
Proof-of-Reserves Audits Can be Falsified
Although the cryptographic proof do not lie, it can be manipulated and framed to look healthy. There is the issue of crypto exchanges moving their funds right after the snapshot for the audit was taken. Recently, Crypto.com mistakenly transferred 280,000 ETH to a Gate.io address after it released its proof-of-reserves audit. Many speculated that exchanges were borrowing assets to show a healthy balance sheet, only to return them after the snapshot.
Moreover, a PoR audit is only as good as its verifier. There is also the issue of exchanges colluding with third-party audits to produce false results. Unless the exchange is audited by a reputable source such as the Big Four accounting firms, we will just have to take their word for it.
Proof-of-Reserves Do Not Prevent Customer Fund Misappropriation
Even then, audits and attestations may not suffice. At its core, crypto exchanges are not the same as banks — crypto is not insured by government depositary schemes. Even if all the steps are done correctly, customers can still lose their crypto if mishandled.
Merkle tree-based PoR would not prevent the misappropriation of customer funds completely. It only tracks the money, providing information. It does not provide customers with greater control over their funds. If the exchange is caught in the act, you would not be able to get your crypto back as it is likely to be tied up in litigation.
At the end of the day, proof-of-reserves is the first step towards a more transparent crypto ecosystem. In effect, it functions as a verification tool to filter out fraudulent crypto exchanges, albeit not completely.
By leveraging blockchain technology, PoR brings crypto exchanges closer to the treasuries of DeFi protocols, allowing anyone to trace funds on-chain at any time. However, there is much to improve in this aspect. But with on-demand, real-time tracking of exchange reserves, the industry is working towards a decentralized and trustless system, where customers do not need to trust the institution, only the math.
Over the past two years, Solana has risen to be one of the largest blockchains by both market cap and usage, rivalling that of Ethereum. This rapid growth was largely driven by Sam Bankman-Fried (SBF), former CEO of recently bankrupt exchange FTX, who was a huge proponent of the project. In light of the FTX contagion, Solana was hit hard, leaving investors to question the state of the ecosystem.
In case you are out of the loop, we have covered the entire timeline of the FTX contagion in chronological order listed down below:
According to an FTX balance sheet shared with investors, the exchange held $982 million in SOL. It is also reported by CoinDesk that the second largest holding of Alameda Research, the sister company of FTX, is SOL. It stands to reason that FTX and Alameda might have dumped their holdings to raise liquidity, though not confirmed.
Since the beginning of FTX’s downfall, SOL has tanked -59% in price, putting it at -94% below its all-time high. It is also expected that many investors have exited their SOL position out of fear.
Moreover, FTX and Alameda Research purchased 50.52 million SOL tokens from Solana Foundation and 7.56 million SOL from Solana Labs, representing nearly 11% of the total supply. On the bright side, most of these tokens are vested through a linear monthly unlock mechanism, which means FTX do not have them in custody yet. The last of these unlocks will occur by January 2028.
Given FTX and Alameda are undergoing bankruptcy, their tokens will be frozen once unlocked, preventing further sell pressure. But it is likely that proceedings will involve liquidating SOL to repay FTX creditors.
Massive TVL Decline in Solana’s DeFi Ecosystem
Apart from SOL’s price, Solana’s DeFi ecosystem has also been severely impacted. Since the beginning of FTX’s downfall, more than $700 million have exited Solana’s ecosystem, leaving just a mere $285 million in total value locked (TVL) at the time of writing, according to DeFi Llama.
A lot of this has to do with Project Serum, an order book based decentralized exchange (DEX) laying at the heart of Solana’s entire DeFi ecosystem, providing liquidity and pricing data to many other major DeFi protocols. Unfortunately, Serum was launched by SBF, and most of its liquidity comes from FTX and Alameda. Moreover, the recent FTX hack revealed that the private key of Serum’s program was compromised, suggesting FTX insiders were in control of them. As a result, Serum developers forked the program to separate from FTX and protect end-users.
Depegged Wrapped Tokens on Solana
Another critical issue is that wrapped tokens notably soBTC and soETH are depegged. This is because these wrapped assets are backed by collateral held in FTX, but because their liquidity dried up, no one knows if FTX still has the underlying assets. As a result, these wrapped tokens are no longer redeemable.
This is very problematic, because almost all DeFi protocols have soBTC and soETH as collateral since it is accepted as the de facto BTC and ETH in Solana. But if underlying assets are completely invalid, then these wrapped tokens have no value, which could worsen the contagion.
Will Solana Make a Comeback?
It is important to remember that this collapse is from centralized players and not from decentralized protocols. The technology behind the Solana blockchain is not affected. Though Solana is experiencing big price declines, its community remains resilient and bullish as they continue to build despite market sentiment.
QUIC gives validators more control over incoming traffic. It will help prevent spammed transactions from overwhelming validators like in the April 2022 outage.
Stake-weighted QoS ensures that validators can forwards transactions to slot leaders based on stake-weight, regardless of network conditions. Even if the slot leader is being spammed, other validators should be able to forward transactions to them. This QoS feature has been rolled out with QUIC.
Local fee markets allow users to have their transactions included over others by adding a prioritization fee. This addition unlocks a new dimension in competing for transaction inclusion, whereas in the past, spamming was the only way to compete.
Moreover, Google Cloud is running a block-producing validator on Solana, introducing Blockchain Node Engine to the blockchain next year. All of these features together will immensely increase the throughput capacity of the network.
Improved Network Performanceand Decentralization
As a result of recent development, network performance has improved as average time to produce a block has decreased, increasing transactions per second. Moreover, active user number on Solana remains strong despite this year’s market downturn. As of October 2022, there are 11.5 million active accounts and 1.7 million active fee payers.
Solana’s validator network is becoming more decentralized, ranking third on the Nakamoto Coefficient, a measurement for network decentralization. Furthermore, with FTX and Alameda expected to liquidate their SOL holdings, new buyers will come and help spread out the holding percentages, further increasing decentralization.
Strong Developer Community
In 2022, Solana has seen unprecedented developer activity across DeFi, DAOs, NFTs, GameFi, payments and mobile apps. Open source repos and developer activity on Solana surged this month, thanks to growing developer education resources and an easier onboarding experience. Additionally, DAO tooling and adoption has made it possible for large numbers of Solana projects to be managed on-chain.
Solana also has a thriving NFT ecosystem. Even after the dip, it remains the second largest NFT ecosystem, according to CryptoSlam!. Solana NFTs are onboarding hundreds of thousands of users to the network, with over $3.6 billion in primary and secondary sales.
According to sec3, a security research firm for Solana projects, thousands of developers are using, deploying, and auditing 1,000+ unique programs on Solana. Between the Phantom wallet, the NFT ecosystem, big partnerships with Instagram, and new use cases like StepN (move-to-earn), Solana continues to bring new users into the web3 space.
Final Takeaway
It is important to remember that Solana is NOT FTX. Even though Solana was heavily invested by FTX, its technology and decentralized protocol were never affected. The huge price declines we are currently seeing is most likely due to mass panic sells and forced liquidations of the FTX Group as well other ventures. As long as Solana continues to build, fresh healthy money will come flowing in the ecosystem.
Celsius Network was one of the largest gateways to crypto with $864 million worth of venture capital raised. They also had over $3 billion worth of funds held in custody for 1.4 million customers. Offering attractive yields, simple to use UI, and promises of security and transparency, it was truly the perfect crypto on-ramp for less experienced crypto users. They abstracted away the complexities of DeFi (Decentralized Finance), and offered only pure and straightforward DeFi yields.
However, their questionable asset management practices have recently come to light. Celsius Network’s risk management strategy heavily relied on continued bullish crypto narratives pushing prices upwards. Which left them unprepared for significant drawdowns. They also engaged in “degenerate trading” strategies which put them at risk of liquidation and potential bankruptcy.
Some believe Celsius will be another big platform to collapse during this bear market, potentially pushing crypto prices even lower than before. And likely resulting in a further liquidation cascade that could destroy protocols, VCs, investment funds, and others.
For another perspective on the situation on Celsius Network and how events may unfold, check out Michael’s analysis:
https://www.youtube.com/watch?v=xGbCX-AdiY4
Celsius Network – Then And Now
What is Celsius Network?
Celsius Network ($CEL) is a one-stop shop fintech app that offers the ease-of-use benefits of CeFi (Centralized Finance) with the best DeFi offerings. They are a centralized DeFi platform allowing users to deposit funds into custodial wallets on the platform. They also offered a range of DeFi services. These included token swaps, high yields on stablecoins and cryptocurrencies and crypto-backed lending and borrowing.
Celsius had a straightforward dashboard, free inter-account crypto transfers and a variety of DeFi features. Hence, Celsius managed to offer a truly incredible product to over a million customers, attracting industry respect and venture capital. So what went wrong?
The Demise of Celsius Network?
Celsius’ demise can be summed up in three parts. Firstly, its problems really started to surface during the LUNA collapse, then followed by a slow unravelling of Celsius’ overleveraged. Finally, poorly planned out WBTC and ETH/stETH positions led them to a complete lockdown of their platform.
LUNA/UST Giga Yields
Luna, through its Anchor protocol, promised a “risk-free” 20% interest on their USD-pegged stablecoin, UST. This was a highly popular product right up until its collapse. However, Celsius was also taking advantage of these high yields, which allowed them to offer high yields to customers while taking some profit.
Although this was denied by Celsisus’ founder, on-chain investigations by firms such as The Block Research, Hoptrail, and Nansen revealed that Celsius was staking up to $535 million worth of UST on Anchor protocol. Reportedly, prior to the full depeg of UST, Celsius managed to withdraw their funds with minimal damage. This left the Terra ecosystem with half a billion-dollar hole in their pockets. It seems that Celsius managed to get out of that situation mostly unscathed. However, this should’ve served as a red flag that indicated what kind of risk Celsius is willing to take on.
WBTC as DAI collateral
This one’s also pretty straightforward. Celsius used customer’s WBTC (wrapped BTC on Ethereum) as collateral to borrow DAI on the Maker protocol. This is so they could stake the DAI stablecoin for very favorable yields. Everything had been going great until BTC prices rapidly tumbled after the UST collapse. As prices tumbled, it was cheaper to keep adding collateral instead of paying off their DAI debt, losing some capital and the DAI yields. This did this likely in hope for a trend reversal or possibly a short-lived BTC relief rally. However, customers’ funds were subsidising this collateral.
stETH & locked ETH
Celsius offered their customers an attractive <8% yield on ETH while the best ETH staking deal one could get was by staking their ETH on the Ethereum PoS Beacon chain, which offers ~4.2% yield at best. So how could they possibly deliver such an incredible deal for their customers?
The solution was staked ETH (stETH) which is a liquid ETH derivative offered by Lido Finance. stETH is a fully collateralized representation of ETH staked on the Ethereum PoS Beacon chain. After the Merge, when users can withdraw staked ETH, 1 stETH will be redeemable for 1 ETH. This allows anyone to earn a yield on ETH offered by the Beacon chain without running the staking infrastructure. But, stETH’s dollar value is not pegged to ETH’s dollar-value. Also, stETH cannot be redeemed for ETH.
So Celsius was doing three things with their customer’s ETH to generate the exorbitant yields:
Lending out ETH and earning interest on DeFi protocols (27% of their total ETH);
Swapping them for stETH to generate ETH staking yields and at the same time lending out stETH to provide liquidity and earn interest on Curve Finance, a decentralized crypto exchange. (44%); and
Staking ETH on Beacon chain, rendering it illiquid for at least a year or whenever The Merge happens and the ETH gets unlocked. (27%).
The current issue Celsius is facing is the fact that while swapping an equivalent amount of ETH for stETH, stETH currently is not trading for the same dollar value as its ETH equivalent. This is due to several reasons. As a result, they’re currently in possession of roughly $0.94 for every $1 worth of ETH owed to their customers. On paper. In reality, it’s much worse than that. Celsius holds ~445k stETH, currently valued at $540 million and cannot all be swapped for ETH on the Curve Finance pool due to lack of liquidity.
So, Celsius was lending 27% of their ETH on DeFi, and swapped 44% of their ETH for stETH. However this stETH is now worth less than ETH. stETH also cannot even be fully exchanged for ETH. As a result, most of Celsius’ ETH is illiquid.
Celsius Liquidity Crisis
The situation is getting direr by the day for Celsius. Whilst BTC and ETH prices were tumbling, their ETH liquidity was drying up. Hence they had to top up their WBTC collateral several times from 22k all the way down to 14k to avoid margin calls.
To do this, they’ve put all withdrawals, swaps, and transfers between accounts on hold since 12th June 2022. Thereby completely locking users out of their assets. This was to prevent a bank run, which would’ve completely drained Celsius of their holdings.
Celsius files for Chapter 11 bankruptcy
On 13th July 2022, Celsius Network filed for bankruptcy in the Southern District Court of New York. In its announcement that Celsius had filed for Chapter 11 protection. The filing of Chapter 11 bankruptcy protection means that Celsius can continue operating its business and restructure its obligations.
The Company also states it has US$167m cash on hand to support operations during the restructuring processes. It hopes that through the process, it would stabilize its business to maximize value for all its stakeholders.
Will Celsius users get their cryptocurrencies back?
Celsius’ Directors justified its earlier decision to pause trading and withdrawals to “… stabilise its business and protect its customers”. This is to prevent customers who did not quickly withdraw their funds from being left waiting for Celsius to come up with the liquidity.
In an interview with Cointelegraph, Danny Talwar, Head of Tax at Koinly expressed concerns that Celsius may be like Mt.Gox. Mt. Gox collapsed in 2014 and users still have not seen any of their funds returned.
Celsius has not made any announcement as to whether or not they will reopen the platform to allow withdrawals. In their blog post on 14th July 2022, Celsius stated that:
“Most account activity will be paused until further notice. Withdrawals, Swap, and transfers between accounts will remain paused, and rewards will stop accruing as of the date of the filing. Celsius is not requesting authority to allow customer withdrawals at this time.”
Looking forward, Celsius “…intend[s] to put forward a plan that restores activity across the platform, returns value to customers, and provides choices.”
Celsius lawyers: Users gave up legal rights to their cryptocurrencies
Celsius Network’s lawyers stated that users with Celsius’ Earn and Borrow accounts gave up the rights to their crypto under its terms of service.
According to a tweet from Kadhim Shubber, a Financial Times reporter, Celsius Network’s lawyers stated the recovery plan would involve HODLing. They believe customers would be interested in hodl-ing throughout this bear market. Then they would realise their recovery when the market recovers.
Celsius to run out of money in October/November 2022?
Celsius was initially expected to run out of money in October 2022 according to their Weekly Cash Flow Forecast filed with the Court. However, an updated Forecast filed on 6th September 2022 shows that the Company will still have US$42 million in cash left by the end of November 2022.
Celsius weekly cash flow forecast
Profiting off the Celsius collapse? What is #CelShortSqueeze?
Twitter hashtag #CelShortSqueeze has been trending even before Celsius Network filed for Chapter 11 bankruptcy protection. #CelShortSqueeze appears to have been set up as a grassroots movement by $CEL token supporters or traders liquidated by $CEL backed loans.
The #CelShortSqueeze movement is an attempt by Celsius supporters to make it harder to short the $CEL token. This is by encouraging others to buy $CEL on exchanges such as FTX or Uniswap, and send the tokens to private wallets. The purpose of this is to take the $CEL tokens out of circulation of centralized exchanges. Hence spot short traders intending to borrow $CEL from exchanges are forced to use decentralized exchanges. This is because on decentralized exchanges, users can set the sell prices.
The #CelShortSqueeze movement seems to be effective in propping up $CEL token prices at or over 80 cents. This is despite the news of Celsius filing for bankruptcy protection. Whilst prices initially dipped to 48 cents right after news of the bankruptcy came out, #CelShortSqueeze supporters helped bring back prices to 80 cents and over.
In a win for #CelShortSqueeze supporters, prices of $CEL pumped to $1.42 on 29th July 2022, the highest in almost 1 month.
The #CelShortSqueeze movement shows what retail investors can be capable of when they band together through the power of social media. There is a lot of uncertainty right now as to what will happen to the $CEL token as Celsius Network is figuring out how to restructure and rescue the company. The restructuring process can take years and it is unknown when Celsius will re-open withdrawals to customers. So Celsius holders are certainly hoping that the #CelShortSqueeze movement does not lose steam until then.
Celsius seeks to open withdrawals for some customers
On 1st September 2022, Celsius filed a Court motion to open certain accounts for customers to withdraw their funds. However, Celsius’ motion only applies to Custody and Withold Accounts and for assets with a value of US$7,575 or less. Celsius’ Custody and Withold Accounts are basically storage wallets and users still retain legal ownership of their cryptocurrencies. In contrast, Celsius’ Earn and Borrow Accounts offer borrowing and annual crypto earnings services. If the Court grants this motion, around US$50 million (out of the US$225 million held in the accounts) will be released to customers.
Whilst some have reacted positively to this news, there are others who point out that this is hardly fair to affected Celsius users. Commentators have pointed out that in any event, under US law, Celsius is unable to avoid transferring sums under this amount if creditors so request.
Celsius co-founder declares shares “worthless“
Daniel Leon, one of the co-founders of Celsius is seeking a Court declaration that his equity in the Company is “worthless”. Leon is a substantial shareholder of the Company and holds 32,600 common shares. Shareholders make these declarations during bankruptcy proceedings when they do not think they will receive any further distribution for their holdings. The result of this declaration is that the shares can be used as a tax write-off.
Celsius will be revived as Kelvin- a crypto custody service?
According to an announcement at a Celsius employee meeting on 8th September 2022, CEO Alex Mashinsky and Head of Innovation and Chief Compliance Officer Oren Blonstein plan to revive Celsius. The plan is to launch a project called Kelvin, which will store users’ cryptocurrencies and charge fees for specific transactions.
This is a departure from Celsius’ existing business model, where Celsius does not charge any fees for transactions, withdrawals, origination, or early termination.
Latest: Celsius leaks customers’ personal data-where is the info now?
On 5th October 2022, Celsius filed publicly available court documents revealing personal data on thousands of its customers. The court documents filed by Celsius revealed, among others, customers’ names, and transaction information such as transaction amounts, times, types, and descriptions. According to Henry de Valence, Founder of Penumbra Labs, the information leaked by Celsius is sufficient to “dox all the on-chain activity” of any Celsius user by matching the dates and amounts to the blockchain transaction data.
However, this saga is far from over, as the customers’ data has recently been made publicly available on a website called Celsiusnetworth.com. The website lets people search the names of Celsius users, along with their cryptocurrency holdings on Celsius. It also included a leaderboard that listed which customers suffered the greatest losses.
Celsius executives and founders withdrew nearly US$35 million before withdrawals were frozen
As a result of Celsius’ court filings, it has been revealed that its executives had already withdrawn funds totaling nearly US$35 million in the weeks before withdrawals on the platform were frozen. Filings revealed that ex-CEO and co-founder Alex Mashinsky withdrew around US$10 million from the Celsius platform in May 2022. Meanwhile, co-founder and former chief strategy officer Daniel Leon withdrew around US$7 million, and current chief technology officer Nuke Goldstein around US$550,000.
Celsius paused its withdrawals weeks later in June 2022 before filing for Chapter 11 bankruptcy in July.
A spokesperson for Alex Mashinsky states that the US$10 million withdrawal was planned even before Celsius intended to pause withdrawals, as the funds were used to pay taxes. Also, Mashinsky’s family still had US$44 million worth of cryptocurrencies frozen on the Celsius platform.
Conclusion
What becomes of Celsius going forward is unclear. However, what is clear is that time and time again we get to witness the extreme importance of the age-old rules of crypto – be wary if something seems too good to be true, and never put in more than what you can afford to lose.
It is easy to become swept up in the hype, so doing your own research is incredibly important. Thinking critically and understanding the fundamentals can help you avoid a lot of heartache in the future.
Everyone loves a good comeback story. With Luna Classic now in the hands of the community, they are doing everything in their power to revive the ecosystem. Several crypto heavyweights such as Binance have also joined their cause. The question is, “will Luna Classic succeed long-term?” In this article, we will take a look at the recovery plan proposed by the Classic community and share some insights on the future direction of Luna Classic.
History of Terra Luna
The collapse of the Terra ecosystem in May 2022 was one of the most devastating black swan events in crypto history, wiping at least $60 billion off the market which triggered a dangerous domino effect across the industry such as the fall of Three Arrows Capital and Voyager Digital.
Terraform Labs (TFL) developers shortly abandoned the Classic chain in support of Luna 2.0, the new Terra blockchain. This led to an overhaul of the community demographic, leaving only the validators and true believers of Luna Classic behind, not to mention millions of investors who are still holding onto LUNC or USTC with no exit opportunity.
Luna Classic’s Chance at Redemption
Despite its unfortunate history, there might be a glimmer of hope for Luna Classic. The technology and blockchain infrastructure are still there, and developers can still build on it. In fact, there are numerous DApps that have expressed an interest to return and build on Luna Classic. However, the ecosystem faces the opposite problem of most layer-one protocols. Instead of incentivizing user adoption with tokens, Luna Classic has hundreds of thousands of active users but no additional token incentives.
This means that Luna Classic’s native tokens do not offer much utilities for developers to build off of, due to trillions of LUNC tokens in circulation and the USTC depeg. Therefore, in order to attract developers and builders to the Classic chain, the token situation must be addressed, and that is exactly what the community is doing right now.
Luna Classic – Community-Driven Blockchain
Community volunteers have self-organized into multiple groups to help build and restore the Luna Classic blockchain. Terra Rebels is one of the larger communities with seasoned developers and business professionals that is leading the recovery plan. None of the groups have any affiliation with TFL nor work under any central organization or established entities at this time. Essentially, the communities are filling the developer void impartially and in accordance with community proposals that pass the voting process. All codes are open to audits and feedbacks, and all community members have a say in vetting and implementing the code base.
On August 26th 2022, after two months of disabled proof-of-stake validation in response to the collapse, governance was restored as citizens of Luna Classic could delegate, stake, and vote for the future of the ecosystem. As of now, proposals and the associated implementations are being passed by the Terra Classic Decentralized Autonomous Organization (DAO). When adopted, a new wave of delegators and validators from the community would stake on Luna Classic, built by community developers. This would be the beginning of a truly community-driven blockchain, but the path to that is still long and arduous.
Recovery Plan of Luna Classic
Deflationary Token Mechanism (Tax and Burn)
On September 15th 2022, Terra Classic governance proposal 4661 passed with a 99.88% “yes” vote to enable a 1.2% tax and burn on all on-chain transactions. With more than 6 trillion LUNC in circulation, the main goal is to reduce the hyperinflated total supply until it reaches 10 billion LUNC. After that, the mechanism will be disabled via smart contract, and the total supply will not be changed. Based on the law of supply and demand, this creates scarcity which inherently increases the value of LUNC tokens. However, it takes more than just burning for LUNC to maintain a relatively stable price. There has to have a mechanism for LUNC to capture some of the value brought to the blockchain, otherwise it would be another exit race for all investors.
The main concern for the tax and burn is that it would likely reduce on-chain activities, as core users and projects are affected. Terra Rebels addressed this in their white paper, stating that the community can structure the implementation to be flexible as time progresses. The tax rate can be changed via parameter proposal at any time and adjusted after every epoch. Nevertheless, the community has voiced with unity that they are willing to play their part.
The bigger play here however is to reach out to major centralized exchanges (CEX) and implement the same tax and burn for all LUNC trades on their platform, since it only applies to on-chain transactions. As a result, several major CEXes such as Binance, KuCoin, Kraken, Huobi, MEXC Global, and more have joined the cause. Moreover, a petition has been filed on change.org to relist LUNC on Coinbase. It is important to note that the Terra ecosystem is still under strict government regulations as a result of the collapse. But if it succeeds, the help from the U.S. market would greatly accelerate the burning process.
This goes to show the power of a unified and driven decentralized community, and perhaps the potential crypto heavyweights see in a Luna Classic comeback.
USTC Repeg Proposal
In October 2022, two factions of the Terra community proposed their own approach to repeg USTC. As both plans are new, there are no specific timings outlined. It is up to the community to debate these proposals and decide which approach is better.
The first one jointly published by Alex Forshaw, Edward Kim and Maximilian Bryan presents the idea of minting 500 million LUNC to purchase Bitcoin as collateral for a new algorithmic fungible token (AFT) called USTN. The whole point of it is for current USTC holders to receive compensation meaningful relative to the current USD value of their holdings, making them as whole as possible under current legal constraints. It is akin to a debt-for-equity swap in traditional finance.
However, this proposal was met with a lot of criticisms from the community, since minting more LUNC defeats the purpose of the tax and burn initiative. Although it would create a short-term growth cycle, it would most likely be unsustainable medium to long-term, due to the oversupply of LUNC.
Shortly afterwards, Forshaw announced that the updated plan will not involve minting LUNC. Instead, USTN’s Bitcoin collateral will be managed by a tranche-based decentralized reserve system as outlined in section 5 of their original white paper. However, most of the community still do not like the idea of creating a new token. Why not just create mechanisms around USTC, bringing value to the ecosystem, instead of phasing it out? This is where the second proposal comes in.
Proposal #2 – Quantitative Tightening to Incentivize New Businesses
In response to Forshaw’s proposal, core developer Tobias Andersen (aka Zaradar) developed a different solution that focuses on improving USTC, instead of substituting it. Andersen believes that a USTC repeg could be accomplished by incentivizing new businesses to use Luna Classic’s existing blockchain infrastructure. The plan to achieve this however is a more “painful” journey as quoted by the author, but is more organic and sustainable in the long run.
The plan adapts a form of quantitative tightening (QT), a traditional finance technique used by central banks to decrease liquidity in the economy. For Luna Classic, it would involve installing burn taxes and increasing interest rates on staking rewards. Rewards would be lowered and lock-up periods increased. The whole point is to significantly reduce the circulating supply of both USTC and LUNC, making the value networks sustainable long-term.
As for incentivizing new businesses on the blockchain, the features include partitioned pools, where DApps can create their own commodity token which is captalized via LUNC and traded via USTC. Based on each pool, this brings another utility to USTC as a “value transfer”, with investors using the stablecoin to swap between pools. To help keep partitioned pools stable, a swap tax is applied when commodity tokens exit the partitioned pools into USTC. This process would be measured and regulated by the ABS keeper, which is a range of volatility guards and tax policies governed by the DAO.
However, some things are unclear in the proposal. Andersen did not explain exactly how a successful implementation of these would help USTC regain its peg, and more importantly maintain the peg. He only explained a way to appreciate the price of USTC with increased network activity on the blockchain. Unless there is a way to successfully prevent another death spiral, we would see $10 billion worth of USTC debt tear down any bull run with an avalanche of speculative mercenary capital.
Rebuilding the Project Ecosystem
In order to restore DApp and project support on the Luna Classic, Terra Rebels will restore inter-block communication (IBC) between Osmosis and Terra, re-enabling and unlocking the transfer of token and data between chains. Currently, more than 150 million USTC is stuck in Osmosis alone. Opening up the channel will allow users to transfer funds from Osmosis’ LUNC and USTC liquidity pools for use in other DApps.
Moreover, on June 24th 2022, Terra Rebels launched “Rogue-1” TestNet to test governance parameter proposals and ensure the tax burn code is working. It also has the necessary upgrades in Cosmos smart contracts and IBC to communicate with the rest of the Cosmos ecosystem. Based upon the Luna v2 core, other projects built on Luna v2 will not require additional development as it is compatible with both blockchains. The core implementation is expected to be completed in 2023.
Verdict on Luna Classic Comeback
For Luna Classic, there is a sense of justice that is unprecedented in the history of crypto. People around the world have literally lost their life savings because of the collapse. Similar to how volunteers help rebuild communities who were hit by natural disasters, we are seeing the crypto community and even crypto powerhouses step in to help revive a project with a failed reputation and fix a problem they did not create.
There is a reason why LUNC is still performing relatively well, ranking top 35 in market cap at the time of writing. Whereas LUNA is barely in the top 100, since it is more associated with Do Kwon and the TFL. This goes to show that the Classic chain is entirely governed and driven by the community, which is the essence of decentralization in the first place.
Despite the communities’ effort, there is no way to be sure that the comeback of Luna Classic is written in the stars. As of now, the proposed plans of the community solely focus on reducing the hyperinflated token supply and attracting new businesses to the blockchain. And even if Luna Classic does make a comeback, we cannot know for certain that their token price and network activity will remain stable long-term. But it is reasonable (or optimistic) to assume that the plans being debated and deployed now are just the first step to recovery.
Out of all blockchain attacks, cross-chain bridges are one of the most targetted ones. Just last week, Binance lost $570 million as a result of an exploit on Binance Smart Chain’s Token Hub Bridge. Even Binance, one of the world’s secure and reputable cryptocurrency platforms, fell victim to a cross-chain bridge hack. This brings us to an important question: why do cross-chain bridges keep getting hacked, and why do people still use them despite its security risk?
One of the biggest limitations of blockchains has been their inability to work together. Each blockchain has its own protocols or smart contracts that are not compatible with other blockchains on a programmable level. As a result, you cannot spend Bitcoin in the Ethereum network, for example. This is where cross-chain bridges come in to provide interoperability.
A cross-chain bridge connects two blockchains, enabling users to transfer data and liquidity from one chain to the other. It also allows users to access new protocols on other chains, making it so that developers from different blockchain communities can collaborate together. Moreover, with Lego-like composability of decentralized finance (DeFi) applications, cross-chain bridges can potentially open up a whole new world of efficient and creative financial services and products for users.
Without cross-chain bridges, the crypto industry would be bottlenecked by network congestions, since there is no bridge to off-load data and transaction executions.
Why are Cross-Chain Bridges Vulnerable?
When you bridge an asset to another blockchain, it is not exactly “sent.” Instead, through smart contract execution, the assets are first deposited, locked, or burned on one blockchain. Afterwards, they are then credited, unlocked, or minted on the other blockchain in the form of a wrapped token.
However, this asset conversion is not guaranteed. This is because cross-chain bridges are independent entities that do not belong to any blockchain. This means that no blockchain can verify that any asset is bridged, since they cannot access off-chain information. The bridging process mainly relies on two parties to ensure successful transfer:
Third-party oracles who interpret off-chain data for on-chain use.
Validators or custodians (DAO or smart contract) who safekeep the original asset and release the wrapped asset.
As you can see, there are several layers of trust, not just during the token swap but throughout the entire bridging process. Users must additionally continue to trust that they will be able to bridge the wrapped token back in the future on a 1:1 basis. Herein lies the vulnerability of cross-chain bridges: with multiple processes and third-party involvements, there is a brief window of time where hackers can target any one of these actions in isolation, not to mention possible bugs or flaws in the smart contract coding in which hackers can exploit.
How are Cross-Chain Bridges Hacked?
A successful cross-chain bridge hack typically ends up with tokens being minted on one blockchain without a corresponding deposit on the other. There are three types of exploits to achieve this:
Fake Deposits
During the bridging process, each deposit has to be validated before allowing a transfer to go through. If a hacker can create a fake deposit that validates as a real one, they can trick the system into minting free tokens without putting in any money.
This mostly happens due to a flaw in the logic of the smart contract coding, where both tokens share the same proof of event. This would allow the attacker to call the function to deposit one token with fake data that can generate proof to withdraw the other token on the other blockchain.
This is what happened to Binance when the attacker managed to forge proof messages of non-existent tokens that were then accepted by the BSC Token Hub bridge.
Signature Verification Bypass
A digital signature is a process to verify transactions, using the private key to sign the transaction and its corresponding public key to authorize the sender. However, if the smart contract uses an outdated function, it may not be able to verify the correctness of certain instructions. As a result, an attacker could create an input account with malicious data to spoof previously valid digital signatures. This would allow them to bypass the verification step and generate proof messages to mint free tokens.
The Wormhole hack is an example of this attack, where the hacker bypassed the verification step by injecting a spoofed SYSVAR account, enabling them to freely mint 120,000 wETH (worth $326 million at the time).
Validator Majority Attack
Some cross-chain bridges have validators that vote whether or not to approve certain transfers. Similar to a 51% attack, if an attacker controls a majority of the validators, they can approve any transaction, allowing them to withdraw free money. An infamous case of this is the Ronin Network hack, where the attacker took control five of the nine validator nodes and stole $620 million.
Based on principles of cryptography, decentralization and consensus, blockchain technology offers one of the strongest securities against traditional cyber attacks. However, it is not foolproof, even the strongest blockchains like Bitcoin and Ethereum have inherent vulnerabilities due to their infrastructure. In this article, we will look at the different types of attacks possible on a blockchain.
51% Attack
What is a 51% Attack?
A 51% attack, also known as a majority attack, is when a single person or a coordinated group controls over 50% of the hashing power on proof-of-work blockchains OR more than half of the validating power (staked cryptocurrencies) on proof-of-stake blockchains.
How does a 51% Attack work?
Since transactions on a blockchain are validated via consensus, owning 51% of the blockchain’s hashing power or staked crypto gives the attacker majority rule, effectively allowing them to take control of the network. In such a scenario, the attacker has the final say in the validation process, even if the other 49% are against it. This potentially causes network disruption in a number of ways:
The attacker could reverse their own transactions, leading to a double-spending problem.
They could rewrite parts of the blockchain protocol, deliberately modifying the ordering of certain transactions.
They can even prevent some or all transactions from being confirmed, denying other miners or validators from earning rewards, which results in a monopoly.
Limitations of a 51% Attack
On the other hand, a 51% attack does have its limits in the amount of disruption it can cause. While the attacker could reverse their own transaction, they cannot reverse other users’ transactions on the network. Moreover, given the immutable nature of the blockchain, the attacker cannot alter the functionality of block rewards nor create coins out of thin air (unless there is a bug in the smart-contract coding).
How likely will a 51% Attack happen?
While possible, a 51% attack is unlikely as it is extremely expensive to execute. Owning more than half of the network’s computing power or staked crypto could potentially cost millions or billions of dollars depending on the user population of the blockchain. This is why the bigger the network, the stronger the protection. A majority attack is virtually impossible to occur in leading blockchains such as Bitcoin, Ethereum and Binance Smart Chain.
But it is worth noting that the blockchain should be truly decentralized, on top of having a large userbase. This is because organizing a 51% attack would most likely be a coordinated effort. If several malicious actors collude and pool their resources together, then the network would be more centralized, which could potentially lead to a majority attack. This is more prevalent amongst smaller altcoin blockchains. Ethereum Classic (ETC), Bitcoin Gold (BTG), and Verge (XVG) were notable victims of the 51% attack.
Sybil Attack
What is a Sybil Attack?
A Sybil attack is when an attacker uses a single node to create and operate multiple fake accounts in order to gain disproportionate influence over decisions made in the network. It is a smaller variation of a 51% attack. The main difference is that a Sybil attack largely focuses on manipulating the number of accounts or nodes rather than already owning them. It also targets smaller areas in the blockchain, whereas a 51% attack is capable of taking over the entire network. However, in some cases, a successful large-scale Sybil attack can transition to a 51% attack.
The word “Sybil” derives from a case study about a woman named Sybil Dorsett, who was diagnosed with a Dissociative Identity Disorder, also known as Multiple Personality Disorder.
How does a Sybil Attack work?
A Sybil attack is quite difficult to detect and prevent, because most public blockchains do not have trusted nodes due to its decentralized nature. This means that the system perceives all nodes and accounts as real, even the fake ones. There are two scenarios of a Sybil attack:
By creating numerous fake identities (or Sybil identities), the attacker will have enough capacity to out-vote the honest nodes on the network, allowing them to perform unauthorized actions in the system.
The attacker can also control the flow of information in a network. If the attacker manages to obtain information about your IP address, they can create many fake nodes to surround you. They can then prevent you from receiving or transmitting blocks, effectively blocking you from using the network.
How to prevent Sybil Attacks?
Although a lot of time and research went into figuring out a way to detect and prevent Sybil attacks, there is still no guaranteed defense as of today. But there are some ways to help mitigate Sybil attacks:
Identity validation techniques such as phone number, credit card or IP address verification can help reveal the true identity of hostile entities. This is a secure way to suss out fake accounts or bots for most types of peer-to-peer networks. However, this relies on a central authority to perform these identity validations which sacrifices anonymity for accountability. Moreover, this means that the validation authority could become a target for attack.
Social trust graphs, on the other hand, can limit the extent of damage by a specific Sybil attacker, while maintaining anonymity. You can analyze connectivity data in social graphs like SybilGuard or SybilLimit to identify suspected Sybil clusters in distributed systems. But this technique is not perfect either, as small-scale Sybil attacks are more difficult to detect.
Blockchain Denial of Service Attack (BDoS)
Denial of Service Attack (DoS)
Before we go into Blockchain Denial of Service attacks (BDoS), let’s take a look at its predecessors.
Traditionally, a Denial of Service attack (DoS) or a Distributed Denial of Service attack (DDoS) when multiple computers are involved, is a malicious attempt to disrupt real users’ access to a website or network service by overloading its servers with a massive amount of traffic, causing the website or application to slow down its functionality or even crash entirely.
But for blockchains, a DoS or DDoS attack is difficult to execute, especially if the network’s userbase is large and decentralized. This is because a decentralized network distributes computing power worldwide, eliminating single points of failure such as servers or apps. Even if several nodes are down, the blockchain is able to continue operating and validating transactions, unless…
What is a Blockchain Denial of Service Attack (BDoS)?
With the rise of blockchain technology, a new type of DoS attack emerged — a Blockchain Denial of Service attack (BDoS). These attacks focus on the protocol layer of a blockchain, usually PoW blockchains, with the biggest threat being transaction flooding.
Since most blockchains have a fixed block size, there is a limit to how many transactions can fit into a block. Attackers can exploit this by spamming transactions to the blockchain, filling the blocks to prevent legitimate transactions from being added to the chain. The legitimate transactions remain in the public mempool waiting for the next block.
How to prevent a Blockchain Denial of Service Attack (BDoS)?
Penetration testing is a core security auditing process that helps identify potential vulnerabilities before the mainnet is deployed. By simulating in-dept attacks, penetration testing offers traffic analytics tools that can help blockchain developers spot some of the telltale signs of a DoS attack such as unusual traffic patterns from a single IP address or IP range.
The newly launched Ethereum Merge has rendered mining obsolete. So what will happen to all Ethereum mining pools and its miners as well as the millions of dollars worth of hardware in the ecosystem?
What is Ethereum Mining?
Before Ethereum’s Merge on 15th September 2022, the blockchain used proof-of-work, the same consensus protocol as Bitcoin, to validate and record transactions. But unlike Bitcoin which solely uses application-specific integrated circuit (ASIC) miners, you could use graphics processing unit (GPU) of gaming computers to mine ETH. As a result, it was generally easier to mine ETH than Bitcoin since GPUs are more accessible and widely applicable than ASICs.
There were two main ways to mine ETH – pool mining or solo mining:
Pool Mining (working together)
Work with others to mine and share rewards
Get paid per share, on a hourly or daily basis
Less random / dependent on luck
Pools take some fees (0.5-8% depending on pool)
Solo Mining
You mine the entire block reward (differs based on mining difficulty changes) – no pool fees
Random chance and probability – you can go days or months without rewards
Not viable if hashrate is low – single GPU might take years to mine a block
Ethereum mining pools were the go-to options for most miners as solo mining took a very long time to earn rewards. However, this work drew criticism for its impact on the environment and its excessive electricity consumption. It is a highly energy-intensive process as miners around the world pool together large amounts of resources and power to mine ETH. But all of that has changed with the arrival of the Merge on 15th September 2022.
How does the Merge affect Ethereum Mining?
On 15th September 2022, Ethereum switched its consensus protocol to proof-of-stake as part of an update known as the “Merge” that links Beacon Chain and the Ethereum Mainnet. The Beacon Chain is what allows users to stake ETH, which has been operational since the end of 2020. Many people have staked their ETH to support the transition as well as earn rewards on their stake. Here’s the kicker, after the Merge begins, mining difficulty will soar due to the “difficulty bomb”. It is a kind of self-destruct mechanism meant to make proof-of-work calculations almost impossible, incentivizing the move to an environmentally-friendly proof-of-stake model.
What will happen to Ethereum Mining Pools and Miners?
There is a divide in the Ethereum mining community between the organizations that have helped coordinate the resources of individual miners (mining pools) and the individual miners themselves.
Good for Ethereum Mining Pools
For mining pools, the transition does not affect them at all. Since these organizations never did the actual work of generating computing power themselves, they are not affected by the sunk cost of the eventual obsolete mining rigs. Instead, these pooling companies have human capital and infrastructure necessary to organize the pooling of resources, source new clients, and overall manage and maintain the operation and its security.
For this reason, leading Ethereum mining pools like Ethermine or f2pool can simply transition to staking pools. They do not rely on the actual mining itself. It is not a matter of product, only business model. These companies operate on a fee structure, charging individuals for participating in their pools, and it will be unaffected by the move from mining to staking. They only require business development, customer service, and communication with core developers, softwares, and client teams.
Bad for Individual Ethereum Miners
However, for the miners who make up these pools and other independent Ethereum miners, the transition could mean the end for them. People who have benefited from mining ETH, either by managing large mining farms or by contributing moderate amounts of GPU power to mining pools, may be left stranded. They have invested large amounts of money in expensive GPUs or specialized mining rigs that are useless in staking. Some will not even be able to recoup their initial investment as they hoped to profit from mining.
Although validating via proof-of-stake only requires a home PC with stable internet connection, it would require a minimum contribution of 32 ETH, which is a sum far greater than most people’s savings. Essentially, in order to fully cover the hole of lost mining revenues via staking, individual miners would have to establish and operate their own staking pools, which would be a considerably more difficult task than maintaining their own mining rigs.
Potential Solutions for Ethereum Miners
There is really no good option for ETH miners. They can still salvage their GPUs by selling them in the market as gaming computers are still popular products, but it is safe to say that there is certainly no demand for ASICs in the market. They could use them to mine other cryptocurrencies that are compatible with their processors such as Ethereum Classic, Ravencoin or Ergo, but they are also much less in demand than Ethereum. The profit margins are substantially lower.
However, there are certain staking pools that encourage bringing current miners into the fold. According to Bitfly, EtherMine’s parent company, their goal is to “onboard current miners from proof-of-work to proof-of-stake.” They also noted that most deposits to EtherMine’s new staking platform have come from existing miners. But whatever the case is, there is still no easy answer as to how Ethereum miners will ever again come close to generating the revenue produced by mining ETH.
A hard fork is a major change to the blockchain’s protocol that results in the splitting of the blockchain, creating a seperate blockchain that inherits all of its history with the original, but is on its own towards a new direction.
Hours after Ethereum’s successful merge on 15th September 2022, a group known as ETHW Core launched a proof-of-work hard fork of Ethereum known as ETHPoW or ETHW. The hard fork’s purpose is to preserve PoW and keep ETH mining alive beyond the Merge.
The Problems with ETHW
Although ETHW could be a safe haven for ETH miners, there is not a lot of optimism about its success. In fact, there are a lot of underlying issues that the core team has yet to address.
ETHW Post-Launch Network Error
ETHW is getting off to a bad start. Shortly after the ETHW mainnet debut, users began experiencing issues accessing the network. It became clear that the problem was that ETHW had chosen a chain ID already in use by a Bitcoin Cash testnet. If ETHW fails to change its network’s chain ID from the Ethereum mainnet, users could be susceptible to a replay attack — an exploit in which the attacker intercepts and then replicates a valid data transmission going through a network. Given the transparent nature of blockchains, this means that hackers can duplicate your transactions, allowing them to withdraw your funds.
No Backing for Forked Stablecoins
The two leading stablecoins USD Coin (USDC) and Tether (USDT) have officially confirmed to exclusively support Ethereum 2.0. This results in a smooth transition that is essential for the long-term growth of the decentralized finance (DeFi) ecosystem and its platforms.
However, that leaves ETHW high and dry as lack of stablecoin support means insufficient liquidity. This is because 1:1 backing will only exist for the officially recognized blockchains, thus USDC and USDT balances cannot be duplicated onto a new blockchain. This is further amplified by the fact that ETHW announced they would temporarily freeze tokens in certain liquidity pools to “protect user funds.” This did not go well with many as this move is done without their consent and the community did not vote on such change.
No Oracle Support
Apart from facilitating transactions, decentralized applications (DApps) also interact with external data which requires off-chain computing. This is where blockchain oracle technology like Chainlink comes into play. They enhance smart contracts by connecting them with real-world data, events and transactions.
On August 8, Chainlink has also officially confirmed to stay with Ethereum 2.0. This means that any DApps on ETHW can be negatively affected since oracle solutions are essential in retrieving and sharing data without jeopardizing the security of the blockchain.
Lack of Support from Leading DApps and Projects
On 16th August 2022, Aave, a leading decentralized lending protocol on Ethereum, proposed a governance vote to commit to using Ethereum 2.0, giving power to shut down any Aave deployments on any alternative Ethrereum forks. On their blog post, Aave advised developers and DApp teams on the Ethereum network to halt smart contract operations on forked Ethereum blockchains until they become stable.
The lack of support from projects means that any tokens or NFTs on the forked Ethereum chain will less likely be accepted in marketplaces or DeFi applications. In turn this would affect investors who are looking to profit from trading these assets.
As Ethereum is steadily approaching the transition to a Proof-of-Stake mechanism, one notable thing that has changed, aside from further protocol development, has been the change in terminology.
We have already covered Ethereum 2.0 extensively in one of our ongoing blogs where we go in-depth on everything you need to know about Ethereum’s transition to PoS:
Let’s take a closer look at the rebranding from Ethereum 2.0 to the Ethereum Merge, as well as go over the most recent developments in Ethereum’s roadmap as of May 2022.
Check out our latest video- Ethereum Merge: ALL you need to know (including ETHPOW)
Ethereum Merge: ALL you need to know (including ETHPOW)
The move away from using the former term “Eth2.0” that signified the final transition from PoW to PoS was a result of several different developments and considerations, both technical and cultural.
On the technical side, the use of Eth2.0 started to become an inaccurate representation of the PoS transition. Originally, the Ethereum 2.0 roadmap envisioned that both the Phase 0 (Beacon Chain) and Phase 1 (Sharding) would be completed before the final transition. (Clonazepam) But the Beacon Chain was developed faster than expected, making researchers realize that the final migration to a PoS mechanism would be delayed by years due to the focus on sharding. In addition, the ever-growing pressure from the masses about the environmental impact of PoW chains made the migration to PoS that much more pressing.
As the Beacon Chain was deployed, Ethereum L2 rollups started gaining popularity, demonstrating significant scalability potential even for a non-sharded Ethereum blockchain. This released some pressure on solving the scalability challenges that Ethereum’s L1 has faced for years, allowing the R&D team to focus on the remaining Ethereum’s upgrade plans both for the PoW chain, as well the Beacon Chain.
From a cultural perspective, the use of the old terminology would’ve further perpetuated confusion about the nature of Eth1.0 and Eth2.0, making it seem like once Eth2.0 is launched, Eth1.0 will be gone, which is not the case. In addition, scam prevention was another consideration that favoured the rebrand, as the distinction between Eth1.0 and Eth2.0 would’ve likely resulted in scammers trying to convince users to swap their ETH tokens for fictitious ETH2 tokens.
The result of all of this was a decision to move away from the confusing Eth1.0 and Eth2.0 terminology, and rather call the transition to the PoS mechanism on the mainnet The Merge. By choosing to name the process instead of the final outcome (which in reality remains, in essence, the same), a lot of headache and confusion has been avoided.
Progress Towards The Ethereum Merge: Current status
Public testnets being battle-tested
Deployed in late December 2021, the Kintsugi testnet was a public testnet meant to allow execution and consensus client developers and application developers to become familiar with the post-Merge environment. The testnet was bombarded with transactions, bad blocks, and chaotic inputs to battle test it and find bugs.
A new specification for the proceeding public testnet, called Kiln, was published after edge cases from Kintsugi had been discovered. It’s expected to be the last new public testnet to be created before the existing ones are upgraded. Continued extensive testing of the Kiln has been taking place since The Merge took place on it on March 15th 2022. The Ethereum community practised running their nodes, deployed contracts, tested infrastructure, and threw everything they had at it to see if it breaks.
Mainnet shadow forks
Although a lot had been learned since deploying and testing Kintsugi and Kiln testnets, they were still very young testnets with little activity, which prevented proper stress testing of assumptions regarding syncing and state growth. And this is where shadow forking came in. Shadow forking makes it possible to fork an existing testnet, such as Goerli, and the mainnet (with a lot more activity), and add merge related properties to its config, thus allowing the fork to inherit the state of the original testnet.
These shadow forks are short-lived, allowing for testing on them only for a few weeks until a new beacon chain has to be spun up.
Three Goerli testnet shadow forks took place in January and March, and the first mainnet shadow fork happened on April 11th 2022, with the second one following on 23rd April.
The results of the latest mainnet shadow fork have been described by Adrian Sutton from ConsenSys in his twitter thread. The team will continue stress testing main forks, and collaborate with client developers to make them even more robust against edge cases. From now on the main theme as we approach The Merge has been and will be – testing, testing, and even more testing.
Wen Merge? The Triple Halvening, And Price Predictions
As to when The Merge will happen is still somewhat up in the air. No one has, understandably, given any specific dates, but the general consensus is that late Q3 is the time when we are likely to see it finally happen. The dev team’s sole focus is on The Merge, with very little else discussed, as can be seen in the latest AllCoreDevs session update by Tim Beiko.
Price predictions are also under hot debate, as, once The Merge is complete, two factors will influence ETH’s price, one emotional, the other baked into the protocol. Realistic estimates of the fair price of ETH fluctuate around $5000.
The emotional aspect, as experienced by the market, will result from The Merge successfully completing, which will mark the end of the most significant change in the protocol in Ethereum’s history, and solidify the incredible technical competence of Ethereum core devs and researchers, further giving the market confidence in ETH as an asset and the ecosystem as a whole, driving up the price further.
The technical reason for why price is likely to pump is due to the Triple Halvening, which will reduce Ethereum’s annual inflation rate from 4.3% to 0.43%. Following last year’s EIP-1559 upgrade, Ethereum now burns about 70-80% of the fees, with the rest going to PoW miners. Post Merge, these fees will go to the PoS validators. This means that ETH stakers will see their rewards rise to about 8-10%. Staking will lock in significant amounts of ETH, as staked ETH cannot be moved or used in the markets, making enormous amounts of ETH illiquid, further driving up the price. EIP-1559 and The Merge combined are predicted to cause the equivalent of 3 bitcoin halvenings, reducing ETH sell pressure by up to 90%.
In addition, the move to an environmentally friendly PoS mechanism, which will reduce energy consumption by up to 99.95%, will make the asset much more appealing to institutional investors who might’ve been kept away from investing due to public’s pushback on Ethereum’s current energy consumption.
Great progress is being made by the Ethereum team, and the continued successful merges of mainnet forks clearly demonstrate the culmination of 6 years of back-breaking work, and give hope that The Merge truly is just around the corner. For those interested in the nitty-gritty of The Merge preparations, it’s worth checking out The Merge Mainnet Readiness Checklist which lists in detail all of the various tasks that need to be worked through to make The Merge ready for Mainnet release.
Why is the Ethereum Merge so important to crypto traders?
Many cryptocurrency and particularly Ethereum ($ETH) traders are eagerly anticipating the Ethereum Merge because afterward, the issuance of ETH is expected to be reduced by about 90%. This means there will be less ETH in circulation, and in turn, the lower the supply, the higher the demand- potentially resulting in Ethereum prices going up.
ETH Merge is a huge success!
On 15th September 2022 at 06:42:42 UTC at block 15537393, the Merge was completed.
And we finalized!
Happy merge all. This is a big moment for the Ethereum ecosystem. Everyone who helped make the merge happen should feel very proud today.
Missed our historical LIVE Merge party? Check it out here!
Ethereum Merge Party – Watch the Merge live!
How have Ethereum ($ETH) prices reacted to the Merge?
Ethereum ($ETH) prices showed a slight pump in the hours following the Merge. Prices hit a peak of over US$1,640 before coming back down to just under US$1,600. The next crucial point in terms of where ETH prices would go would depend on whether there is any hard fork.
