An Instructive DeFi Hack
Last week, Qubit Finance, a defi (decentralized finance) project operating on the Binance Smart Chain, was hacked to the tune of $80 million — haplessly offering the anonymous hacker a $2 million reward to “do the right thing” and return the funds. (He hasn’t done so yet.) The funds can be traced on the Binance Coin blockchain, which like the bitcoin blockchain is a public ledger, but the hacker(s) have not been identified.
This hack was more interesting to us than a straightforward hack of an exchange in which credentials were compromised and digital tokens were stolen. This hack occurred due to flaws in a “smart contract” — the kind of automated, decentralized financial technology that is currently allowing crypto lending, and over the next decade, will probably take over a host of financial contracts and processes — not to mention credentialling, escrow services, recording of titles, fiat currency loans, auctions, betting, and the like. Eventually, there will be a lot of value locked in smart contracts — currently the total is about $80 billion according to tracking website DeFi Pulse. It’s critical that developers get it right. Those who do not will not survive. Those projects which take a cavalier approach may benefit from brief pops in public interest in digital assets, but they will not be the ones who build the backbone of the networks which will carry a new digital financial ecosystem.
The problem that led to the Qubit hack was a code error — developers neglected to update the code to reflect a newly available function, leaving legacy code open to a malicious exploit. This demonstrates inadequate code auditing and change management, and illustrates the seriousness with which the historically freewheeling crypto community must begin to take code integrity. The Cardano project, for example, and its parent, IOHK, take an extremely rigorous approach to code verification; they’ve hired senior computer science academics and industry veterans who have previously consulted in mission-critical industrial applications such as commercial airliners and nuclear power-plants.
As with companies, when evaluating digital asset platforms and programs, it is a key part of due diligence to understand the culture of the project and the credentials, qualifications, and attitude of the leadership.
India’s Central Bank Digital Currency and Crypto Tax Are A Backhanded Acknowledgment That Crypto Is Here To Stay
India, in unveiling a 25-year visionary push to reach technological, social, and economic milestones for their 2047 100th anniversary of independence, announced the launch of a digital rupee as early as this year.
Digital currencies and big investments in broadband connectivity make enormous sense in India, as part of the ongoing effort to open the formal economy and the formal financial system to India’s poor and unbanked. These new services can benefit the poor, and blockchain technologies in particular have a big contribution to make to economies mired in inefficiency and corruption. Unfalsifiable digital records are anathema to disorganized and corrupt officials; India is a country where inadequate title systems can turn otherwise simple property transfers into decades-long legal nightmares worthy of a Kafka novel, and benefit distribution is hindered by endemic graft.
A central bank digital currency — even if it has some features baked into it that favor the plans of government above the interests of its free citizens — will help to restrain that granular, bottom-level corruption. (We are not so sure about the coming U.S. central bank digital currency — though recent announcements from the Fed suggest that it is still quite some years away, and will not be implemented without buy-in and oversight by the executive and legislative branches of the Federal government.)
India’s new budget proposes stringent new taxes for crypto gains — 30% with no breaks for inheritance and no loss provisions. Still, most Indian crypto advocates are happy to see regulation and not an attempt at an outright ban (which we believe is simply not possible to implement in a liberal democracy at this point). High taxes for crypto, as for cannabis in the U.S., indicate a tacit acknowledgement by government that the thing being taxed is here to stay.