Chinese crypto exchange Binance suffered a major hack on Tuesday, which the company’s CEO responded to by proposing a rollback of the Bitcoin blockchain to rectify — a suggestion that riled up the community.
The company formally notified the public via an announcement on the evening of May 7, 2019, claiming that the hackers had employed a diverse range of tactics from outright viruses to social engineering techniques such as phishing scams. In addition to gaining access to other sensitive information, Binance also admitted that a single transaction sapped 7,000 bitcoins from Binance’s wallet, roughly 2 percent of the company’s entire BTC holdings.
“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that,” the announcement reads.
Binance will use reserves from its Secure Assets Fund for Users (SAFU fund) to compensate clients, noting “[n]o user funds will be affected.” Trading is continuing uninhibited, but Binance has suspended deposits and withdrawals for the time being.
Later that same evening, Binance CEO Changpeng Zhao insinuated that he was considering a scheme proposed by Bitcoin Core contributor Jeremey Rubin to reorganize the Bitcoin blockchain to rewrite the hack. Ultimately, he backpedaled from this idea after deliberating with or industry leaders like Bitmain’s Jihan Wu, saying that such a move “may damage credibility of BTC” and/or “cause a split in both the bitcoin network and community.”
After speaking with various parties, including @JeremyRubin, @_prestwich, @bcmakes, @hasufl, @JihanWu and others, we decided NOT to pursue the re-org approach. Considerations being:
— CZ Binance (@cz_binance) May 8, 2019
Such a rollback scheme would be an incredibly ambitious undertaking. The most feasible plan would entail Binance sending its own 7,000 BTC transaction from the hacked address to another one that it owns with a hefty fee. With a substantial enough fee, miners would be incentivized to let Binance spend the 7,000 BTC it does have, reorganizing the blockchain’s transaction history to include this transaction in the ledger (miners would need a large fee to justify nullifying the block rewards they received since the hack). In this double-spend scenario, miners would forge an alternate chain, though this chain split would resolve itself once the chain became longer than the old one and all nodes accepted it.
Nevertheless, such a plan could have serious repercussions for the crypto asset space. Such a reorganization could shake user confidence in bitcoin’s immutability, possibly having an adverse effect on the price and reducing miners’ incentive to participate in the scheme. Participating in the rollback, after all, also contains opportunity costs. Zhao went back onto Twitter on the morning of May 8 to reiterate that the idea had some possible applications but, overall, was not worth the risks and would not be considered any further. Other critics of the proposal mentioned that, alongside being potentially hazardous to the network's reputation, such a move is technically difficult and extremely unlikely.
a re-org is just not happening https://t.co/rTey7KU590, but if something like it did get started somehow in the future, many would support actions to reject it, UASF style. finality matters. I think cycles should be put into tested code to make ecosystem rejection of re-orgs easy
— Adam Back (@adam3us) May 8, 2019