KuCoin Hacker Exposes Decentralization Theater Among DeFi Projects
The KuCoin hack is helping the DeFi community separate projects serious about decentralization from those who use the term as a buzzword.
- The KuCoin hacker stole $150 million in customer funds, pushing some projects to freeze stolen tokens.
- Tether's decision to freeze funds came as no surprise, but projects that claimed to be decentralized have done the same.
- Ocean Protocol took the Ethereum approach of hard forking the protocol from a block before the hack while Ampleforth straight up censored the address from its smart contract.
- On a brighter note, this event is helping DeFi investors filter the wheat from the chaff.
Share this article
In a bid to stop the KuCoin hacker from cashing in on their loot, crypto projects like Tether, Ocean Protocol, and Ampleforth pushed measures to lock the hacker’s funds. In so doing, however, each project revealed just how centralized they truly are.
KuCoin Hack Reveals False Decentralization
In the last few weeks, stablecoin operator Tether announced they would help users retrieve lost funds if they were provably locked in a smart contract and inaccessible forever. While this was a first, it was certainly not a surprise. Tether is a centralized token, and it doesn’t shy away from being labeled as such.
When KuCoin was hacked for $150 million of user funds this week, Tether once again stepped up to the plate by freezing the hacker’s stash of USDT. This was the expected course of action for the company.
This time, however, Tether was joined by a few so-called decentralized projects in their bid to block the hacker’s loot.
Ampleforth and Ocean Protocol are two of the projects that took decisive action to stop KuCoin’s exploiter. Ocean Protocol took the same approach Ethereum did after the DAO hack. The team performed a hard fork from a few blocks before the hack, and this new fork would operate as the main chain.
Ampleforth, on the other hand, upgraded their smart contract to specifically block the hacker’s address from moving their AMPL.
Ocean’s approach is less controversial because it didn’t compromise the integrity of their smart contract.
They forked the protocol and said the new smart contract would be the one they work on moving forward, automatically pushing majority consensus to the newly deployed contract. The stolen tokens were moved to an address and will be allocated to those affected by the hack.
But Ampleforth’s approach was less meticulous, effectively opening the door to censorship.
With Ocean, the community could’ve chosen to remain on the old contract if the protocol was fully developed. Following the developer’s lead on forking the protocol doesn’t set a precedent that censorship will always be tolerated.
Meanwhile, Ampleforth didn’t give its community a choice.
The contract was upgraded at the discretion of the team. While it’s a known fact that the team owns the admin keys and can make these decisions, this sets a bad precedent for the future of the project.
AMPL’s end goal of becoming censorship-resistant base money is now near impossible because the contract inherently censors an address.
Ampleforth and Ocean aren’t alone in this mess. Kardiachain, Orion Protocol, and Aleph all executed similar actions.
The Bright Side
Still, there is indeed a silver lining.
The events of this week have, on the one hand, exposed the decentralization theater of projects which claim to be free from censorship with immutable smart contracts. But it’s also shown the market which the real DeFi OGs are.
The hacker also stole Synthetix (SNX), Kyber Network (KNC), Maker (MKR), and Chainlink (LINK), but none of these projects forked their contracts or froze certain wallets.
The use of DAOs and distributing decision making power beyond a group of 10 or 20 people has proven to be useful in preserving the integrity of a protocol.
Kain Warwick, the founder of Synthetix, addressed the situation on Twitter, saying:
“It (the stolen SNX) was less than half a percent of the supply. So my immediate response was there is literally zero chance we are getting a SIP to pass to try to fork the protocol or something equally dumb. And that was basically the end of it for me. Someone else could write a SIP to freeze the tokens through a fork but I would have voted against it.”
In this context, the reason behind Ampleforth’s decision starts to become a little clearer.
Ten percent of the token’s supply was on KuCoin and could’ve led to a potential death spiral for AMPL’s price if it was all dumped on Uniswap. Nevertheless, this event still renders AMPL as censorable.
The KuCoin hacker seems to have done DeFi a favor over the long-term by showing the market which projects and communities are serious about decentralization.