Public blockchains are said to be immutable, because it is difficult, almost impossible, to retroactively edit a transaction once it’s been published on the blockchain. The people (called miners) who enter transactions on the blockchain are economically motivated not to work against the main record of data.
Blockchain has also been given the adjective “trustless,” meaning that in order to transact, you don’t have to trust any other party, because of this economic motivation to work towards one record of truth. This “secure and trustless” classification passes to smart contracts, which operate on top of the blockchain and which are very commonly used to govern tokens.
This sounds nice, but is it true in reality? How are so many projects being hacked if blockchain is secure?
The introduction of smart contracts, which give developers the opportunity to create more complex applications on a blockchain, inadvertently opened the possibility for a higher number of possible vulnerabilities. In one example: if not written securely, a hacker can look up a smart contract on Etherscan and simply change the parameters to create, delete, or transfer tokens.
Indeed, smart contracts have been the facilitators and recipients of the majority of the high amount of hacks diverting tokens and funds from projects, without the permission of the companies. In 2017, the amount of funds stolen from projects represented 10 percent of all funds raised, or $400 million USD.
This article covers one example of a vulnerability, what happened, why it happened, and how blockchain companies can prevent it in the future. The purpose of rearview mirrors are not to call out any company in particular, but rather use our experiences as a blockchain community to learn and grow in the future.
The company is a blockchain platform and payment system for supply chain management that provides two-minute transactions, real time updates on tracked goods, and lower transaction fees than traditional options. It uses smart contracts to automate work contracts and store documents, and uses an Ethereum-based token for its payment system.
The company launched an ICO in spring 2018; the token was an ERC20 token priced at $0.45 and was purchased by investors with ETH. The company raised $5.5 million in the presale with a discount of up to 12 percent.
In June 2018, a hacker gained access to the ownership function in the Ethereum token smart contract and was able to mint unlimited tokens, increasing the supply and plummeting the price.
Why It Happened
Smart contracts function on top of the Ethereum blockchain, which is a public blockchain, thus making all their code open source. Once a smart contract is published to the mainnet, anyone can go on Etherscan and look at the code (really, go Google one and try it).
Smart contracts are also immutable, so once they are published, the only way to fix any vulnerabilities that exist is by writing and deploying a new contract. This process can be time-consuming and have consequences in the meantime.
In the case of this particular company, a hacker found a vulnerability in the smart contract during the ICO that allowed them to create tokens. You can imagine what happened next.
Before the hack, the price of the token was slowly declining, but at the time of the hack, the price dropped dramatically (remember principles of supply and demand from Econ 101?). Many investors buy into ICOs because they expect the value of the token will increase, so this was not ideal, to say the least.
The company solved the price deflation and supply inflation that was wreaking havoc on their economy by halting trading of the coin and writing a new smart contract which would deploy a new token; this process is called a “token swap.” The company was able to stop trading on all exchanges except for HitBTC.
The company made whole all token holders who owned before the hack; token holders were given new tokens on a one-to-one basis.
This technical error had high economic consequences for the company, although they were able to quickly rectify the situation.
Because smart contracts published on Ethereum are open source, bugs are a hazard for every smart contract, and according to a recent study, one in four smart contracts have critical bugs. Bugs can be defined as the difference between what a company expects to happen and what actually happens, and until the program is actually implemented, it can be difficult to discover them. For this reason, it’s extremely important to hire skilled developers who understand the desired function and effects of the code, and before publishing, hiring credible smart contract auditors like Hosho Group.
There are several ways to create a token: you can find code off of OpenZeppelin on GitHub, a code repo of audited templates for smart contracts where you enter custom parameters; or write your own. It is not recommended, unless desired functions of the contract are uniquely, to write your own smart contract. Rather, using a template that is certifiably free from vulnerabilities can save time and major headaches in the future.