Binance Hack: The Advantages of the Rollback

ROKKEX
May 8 · 5 min read

What will you choose: accept lost funds or betray your ideals?

Binance Hack 2019

Today the crypto world was shaken with dramatic news — Binance hot wallet was hacked losing ~$41 mln.

According to the company, malicious attackers used a variety of attack techniques, including phishing and computer viruses, to carry out the intrusion and were able to breach a single BTC hot wallet (a cryptocurrency wallet that’s connected to the Internet), which contained about 2% or more of the company’s total BTC holdings, and withdraw stolen Bitcoins in a single transaction.

During the live stream, Binance CEO, Changpeng Zhao (CZ), suggested that he might also ask miners to rollback chain in order to recover the stolen funds. As expected, that didn’t go well with the Bitcoin community that has been opposing mining centralization for a long time.

We at ROKKEX decided to dive deeper and analyze the way the crypto exchange industry can recover from the hack, what is 51% attack (a rollback), and why network fork (reorganization) is considered a huge slap in the face to BTC core ideals and makes everyone question its security and decentralization.

Forks as the Way to Recover after the Hack

Soft Fork

Soft Fork — a backward compatible method of upgrading a blockchain, an improvement of one of the existing consensus rules. If a new rule is decided to be changed, mining nodes have to upgrade because otherwise the new blocks they create will be rejected. Verifying and validating nodes should not be changed as the software remains the same. BTC network does some soft forks from time to time to improve the blockchain, as for instance, Pay to Script Hash (P2SH): A soft fork that resulted in multi-signature addresses on the Bitcoin network.

Summing up: soft forks cannot perform the rollback of the blockchain. This is an option to improve the blockchain from further hacks (if the issue was in the blockchain itself), but not the solution to eradicate the consequences.

Hard Fork

Hard Fork — a permanent divergence from the previous version of a blockchain; a whole new set of consensus rules introduced into the network that is not compatible with the older network. All network participants are required to upgrade to the new version of the software. If there is still mining support for the minority chain, then two blockchains can continue to exist simultaneously (and that’s how ETC (Ethereum Classic) was born from ETH and BCH (Bitcoin Cash) from BTC).

Planned hard forks can be considered as an upgrade to the protocol while there are also contentious forks which appear when there is disagreement between the stakeholders (as happened with BCH).

What is 51% attack

51% attack or double-spending attack is basically a hard fork too but in a malevolent and shadowy way.

Miners with > 50% of the network hashing power take advantage of this power and send funds to two chains: the main one and a forked copy of the blockchain that they are silently mining (obviously, with more hashing power than the main chain).

This malicious node later releases the shadow blocks, and other nodes accept them as this chain is longer. As a result, the original chain disappears, and nodes recognize the funds as being sent to the address from the new chain instead.

Hard Fork looks like this

A year ago this nightmare scenario happened to Bitcoin Gold where $18 Million was stolen.

The difference between a hard fork and 51% attack is that the later is performed secretly with the hash power advantage in that way ‘killing’ the original chain.

51% attack — the violation of immutability

A hack always remains a hack — an unfair way to achieve the goal with no regards what noble goal was pursued. There are at least 2 pillars of blockchain industry that could have been violated if the decision to perform the rollback had been confirmed:

  • Things that happen on the blockchain are immutable and they should never change regardless of what the outcome is.
  • Dumping the value of coin down the line (the true blockchain enthusiasts are likely to sell the coin; the lower the demand — the lower the price).

Interestingly, the price of an hour of 51% attack is rather high and the time spent on performing the attack might not be paid off. $424,384 and the sum doesn’t include the block rewards that the miner will receive for mining (thanks to Crypto51 for the info).

Definitely, each of the cons against rollback can be debated. For instance, something like “humans should have the final say through social consensus/ We can let the hacker profit from the exploit/ etc”. However, the ideology of blockchain technology is clear ‘Immutability’. The hacks make us, crypto exchanges, stronger and cleverer, Binance could not have taken the wiser decision.

Restore Funds

By saying “fork is the way to recover after hacks”, we misled you a bit as there is always an alternative. Binance started allocating 10 percent of its trading fees every month since July last year to the SAFU fund. They understood that being a market leader supposes huge responsibility. A step ahead so to say.

By paying off the stolen funds, the crypto exchange will maintain its users and, what is more important, reputation. We at ROKKEX fully support the decision and believe this should become the industry standard.

Notre-Dame de Paris

When the cathedral got on fire this April, the world community was devastated. The next day it appeared that the damage was not so massive as it was expected.

It’s not that we’re comparing the crypto exchange with the grand monument. We just agree with @ToolFreeCrypto.

You may also Like

Must-Have Encryption Software to Protect Your Data in Case of a Device Loss or Theft

Where to Keep Crypto: Types of Crypto Wallets

PoS, PoW, and 12 Other Blockchain Protocols You Didn’t Know About

At ROKKEX, we take security extremely seriously and our crypto exchange is built on ‘Security First’ principle. We want to share our expertise with the broader public for the world to become happy, safe, and wise :)

If you have any ideas and suggestions, contact us at

Website . LinkedIn . Facebook . Twitter . Telegram . Reddit . Instagram .

128

128 claps

Written by

Security First! ROKKEX is a crypto exchange built by cybersecurity and fintech professionals. Try our demo https://exchange.demo.rokkex.com

Official Blog of Rokkex — Crypto Exchange by Cybersecurity Specialists