Cybersecurity & Tech

Disrupting Cryptocurrencies 2: Lessons From the Poly 'Hack'

Nicholas Weaver
Wednesday, August 25, 2021, 10:05 AM

The $600 million hack of the “decentralized” Poly Network should alert regulators due not to the size of the theft but, rather, to what the stakeholders did after the incident.

A photographer's depiction of bitcoin as green blocks that look like cash (Flickr/Tiger Pixel,https://flic.kr/p/miWN4g; CC BY NC ND 2.0, https://creativecommons.org/licenses/by-nc-nd/2.0/

Published by The Lawfare Institute
in Cooperation With
Brookings

On Aug. 10, the Poly Network was hacked for a record-setting $600 million theft. While the hack itself was substantial, the events and remedial efforts that followed were far more impactful than the financial harm. The cryptocurrency community’s reaction to the theft should alert regulators to the centralized reality of this ecosystem. Despite the decentralized claims, there are a few entities that can (and should) be brought to heel, including “decentralized” exchanges, those funding decentralized exchanges, cryptocurrency miners, and prominent stablecoins like Tether. In particular, these entities must be forced to implement effective anti-money-laundering controls.

And since the current ransomware epidemic depends on the wider cryptocurrency ecology, anything that can disrupt the ecology by forcing it to obey the law needs to be considered.

The number of cryptocurrency “assets” is vastly proliferating. In the old days, to create a new asset like Dogecoin one needed to create a significant software infrastructure to run a new blockchain—a ledger that keeps track of balances. Once this was done, people could effectively gamble on whether Dogecoin would go up or down in value by exchanging the tokens on a centralized cryptocurrency exchange such as Coinbase.

Now, to create an asset like Shiba Inu (SHIB) tokens one simply deploys a piece of code on top of an existing cryptocurrency like Ethereum. Ethereum acts as the shared ledger, and the SHIB tokens run on top. Ethereum also includes “decentralized” exchanges so that you can exchange SHIB tokens for other cryptocurrencies without needing a third-party exchange service.

As there are many such cryptocurrencies that can support these tradeable tokens, it is common for someone who creates a token to create a version on top of multiple cryptocurrencies, creating a world in which there are Ethereum SHIB tokens and Huobi Eco SHIB tokens. Gamblers may want to move their SHIB from the Ethereum (ETH) blockchain to the Huobi Eco (HECO) blockchain as part of one particular gambling scheme.

These days almost all newly created cryptocurrencies are actually tokens on top of another blockchain, so a mechanism was needed for information and value to be passed between different blockchain networks.

That is where the Poly Network comes in as a “cross chain” tool. Poly is implemented as a series of “smart contracts” running on multiple blockchains. The Poly Network maintains a pool of assets on the various blockchains, allowing someone to transfer from one chain to another by effectively substituting assets.

So to transfer some SHIB from ETH to HECO, a gambler transfers the Ethereum version of SHIB and an additional fee in ETH to the Ethereum version of Poly. The Huobi Eco version of Poly then transfers the Huobi Eco version of an equal amount of SHIB back to the gambler. To do this, the Poly Network smart contract needs to control a lot of assets, both the underlying cryptocurrencies and the higher-level tokens, meaning that anyone who can compromise Poly can take these substantial assets.

Now a smart contract means one of two things. In the eyes of the cryptocurrency community, it is the encapsulation of the notion that “code is law”: The program represents a contract between parties and executes it on the parties’ behalf. Of course, if you can tell a smart contract to “give me all your money” and it does, is it even theft? After all, it is clearly in the “text” of the contract since the contract didn’t do anything it wasn’t specified as being allowed to do.

The reality is more prosaic. A smart contract is simply a program that operates on money, just one that is public rather than private. So unlike the programs running your bank account, the smart contract is public and anyone can interact with it, sending it requests to be processed. Furthermore, since the underlying cryptocurrencies are irreversible, any problem with the code will be catastrophic because there is no way to go “oops, undo” when something goes wrong. This is very different from traditional contracts, where, in the event of ambiguity or error, the court system exists to resolve problems.

The natural consequence of this rigidiness is that smart contracts are inevitable targets for exploitation. In 2016, the DAO, or Decentralized Autonomous Organization, attempted to create the first big smart contract entity where code would run a decentralized organization. The DAO was able to collect roughly 10 percent of all Ethereum during its funding period, but this success was limited as the DAO was hacked for large amounts of cryptocurrency. Afterward, the Ethereum developers (who happened to be heavily invested in the DAO) violated the “code is law” principle by reversing the transaction to effectively steal the Ethereum back from the hacker. The litany of subsequent smart contract hacks is long and amusing.

And, in an event that should have surprised nobody, someone managed to exploit the smart contract powering Poly by convincing the contract that the exploiter was authorized to transfer all the underlying funds, stealing some $600M in various cryptocurrencies that Poly needed to keep on hand to implement its chain swapping. At this point it is amusing, but why should regulators care? Because of what happened next.

The people behind Poly started by first requesting that all exchanges and miners block the hacker’s wallet before pleading with the hacker, begging the hacker to return his code-is-lawfully stolen goods. Then the chief technology officer behind the Tether stablecoin blocked the transfer of some $33 million worth of Tether acquired by the hacker, freezing those assets. Finally, the hacker started giving the assets back to Poly, probably due to the difficulties in laundering the vast sums involved.

Regulators need to pay attention because this series of events shows specific features of “decentralized” finance projects like Poly and stablecoins like Tether that bear scrutiny.

The first observation is that for all of its claims of decentralization, Poly is a centralized money transmitter that is proud to have transferred more than $10 billion in value between different blockchains in less than a year. The only claim to decentralization is that the code itself runs on its own on various computers not controlled by the Poly Network, but the code itself was developed and is controlled and maintained by Poly, and the code provides financial revenue to the Poly Network project. The amount of know-your-customer and anti-money-laundering controls is effectively zero. Just connect your cryptocurrency wallet, and start transacting.

In fact, most so-called decentralized finance projects are really just decentralized in name only. Whichever entity or entities can update the code are the central authorities and points of regulation. These entities also tend not to attempt to implement geographic control, making the services available to people in every state and nation.

Even the truly decentralized Uniswap, a project that allows trading between different tokens on the same underlying blockchain, isn’t quite so decentralized where it counts. Although the underlying code is now fully community distributed, requiring an explicit vote of the Uniswap token owners to update, it is composed of a large number of individual “liquidity providers” who provide the funds as market makers to individual trading pools.

It is worth considering whether these providers themselves have liability for ensuring that the pool they provide liquidity for properly enforces the legal requirements imposed on brokers and money transmitters. Because one can bet that of the $300 billion in value transferred through Uniswap, including $1 billion in fees paid to the liquidity providers, almost all of it has not been properly reported for tax purposes nor tracked for money-laundering concerns.

The second is a reminder that the cryptocurrency miners are money transmitters because they can and do enforce rules on what transactions they actually accept. This is effectively a cryptocurrency organization calling on these “decentralized” miners to act in concert to block known bad transactions. If the miners can do that for a theft, they can do that for any wallet that doesn’t pass anti-money-laundering checks.

The final observation is the nature of Tether. Tether promises a “stablecoin” backed one-to-one by dollars and is a key enabler of the numerous unregulated cryptocurrency exchanges. I have previously called out Tether as bearing a striking similarity to Liberty Reserve, a money-laundering money transferer shut down and prosecuted in 2013.

One could argue that Tether, by hosting its tokens on a blockchain, was somehow less culpable than Liberty Reserve, which maintained a central database. After all, Tether the company claims to enforce anti-money-laundering policies, but for some reason a huge number of Tether tokens circulate entirely between the digital equivalent of Swiss numbered accounts.

By clearly demonstrating that Tether the company can control arbitrary instances of Tether the token, Tether the company showed that any blockchain claims can be ignored. If individual addresses can be blocked or limited, Tether could block or limit any address that does not provide suitable know-your-customer information.

Tether the company may claim that its customers are only the exchanges and other direct buyers of Tether the token, but the ability to block the movement of Tether on such a fine granularity clearly shows this to be false. Tether could implement anti-money-laundering and know-your-customer controls; it has shown its current system can, but it affirmatively chose not to. The same behavior resulted in the founder of Liberty Reserve receiving a 20-year prison sentence.

So apart from the comedy gold, the Poly hack serves as a useful reminder for regulators. There are groups, like Poly and Tether, and individuals, such as Uniswap liquidity providers or miners, that have shirked their legal obligations under cries of “decentralization”—cries that have shown themselves as false when these entities’ money is on the line.


Nicholas Weaver is a senior staff researcher focusing on computer security at the International Computer Science Institute in Berkeley, California, and Chief Mad Scientist/CEO/Janitor of Skerry Technologies, a developer of low cost autonomous drones. All opinions are his own.

Subscribe to Lawfare