A decentralized exchange owned by Israeli-Swiss company, Bancor, became a victim of waves of coordinated cyber attacks on worldwide exchanges. The attackers were able to prey on the exchange through a compromised wallet, walking away with millions worth of cryptocurrency. This sad news is trending in the wake of a similar cyber intrusion. In June, a South Korean exchange took a huge loss after a massive attack.
Actual Losses Incurred
The cyber criminals absconded with $23.5M worth of three cryptocurrencies. Those three were ether, Bancor Network Token (BNT), the native token of the exchange, and Pundi X. This attack, noticed last Monday, sparked online debates. Many people were left questioning if the exchange was truly decentralized. A breakdown of the loss is as follows: 24,984 ETH (roughly $12.5M), 3.2M BNT (or $10M worth of BNT) and 229,356,645 NPXS ($1M worth of Pundi X).
Working Mechanism Of The Exchange
In a statement, the exchange notes that no user’s wallet succumbed to compromise during the hack. Bancor maintains that a wallet they use for upgrading its smart contracts was the victim of exploit. Explaining further, the statement says that BNT has a price discovery mechanism built into its smart contracts. To acquire BNT, a user will send some ETH. The system will then issue the sender some BNT, while ETH is automatically put into a connected balance storage.
The exchange also added that it has a self-defense algorithm to ensure the attack was the barest minimum. This works by freezing tokens built into the Bancor Protocol, which enables the exchange to stop a thief from transferring the tokens acquired illegally in times of security breach. The statement further explained that when Bancor DEX realized it was cyber theft, it froze $10 million worth of BNT to forestall further attacks.
Decentralized For Real?
The explanation given by the exchange has, however, sparked an online debate. Charlie Lee, the brain behind Litecoin, argued that Bancor cannot say it is decentralized if it can lose and freeze customers’ funds.
Despite a barrage of criticisms that greeted the exchange’s press release, Bancor thanked enthusiasts for what it termed “a healthy debate on decentralization and security.” Later, they disclosed that they were in touch with other exchanges around the world to ensure that the cyber thieves find it difficult to spend the stolen tokens.
To set the record straight, a decentralized exchange (DEX) does not have access to its users’ funds. So, it merely connects traders while the traders pay some commission to the exchange.