Mitigating Crypto Hacks/Exploits Using 'Reversible Transactions'
"In a bid to curb the rising cases of crypto theft, blockchain researchers at Stanford University have proposed a new token standard for Ethereum that would support reversible transactions" [Trajcevski, M. Researchers Propose Reversible Ethereum (ETH) Transactions To Curb Crypto Theft. (Accessed September 27, 2022)].
"Kaili Wang, a Stanford University blockchain researcher, shared an explanation of the Ethereum-based reversible token idea in a tweet on Sept. 25, noting that it is not a finished concept, but rather a 'proposal to provoke discussion and even better solutions from the blockchain community.' saying: 'The major hacks we’ve seen are undeniably thefts with strong evidence. If there was a way to reverse those thefts under such circumstances, our ecosystem would be much safer. Our proposal allows reversals only if approved by a decentralized quorum of judges" [Mahmudah, J. Stanford Researchers Propose a Prototype for “Reversible Ethereum Transactions” to Mitigate Crypto Theft. (Accessed September 27, 2022)].
.png)
"The proposal was put together by blockchain researchers from Stanford, including Wang, Dan Boneh and Qinchen Wang, and it outlines “opt-in token standards that are siblings to ERC-20 and ERC-721” dubbed ERC-20R and ERC-721R" [Quarmby, B. Reversible transactions could mitigate crypto theft — Researchers. (Accessed September 27, 2022)
To provide more specifics on this process a compressed copy of the tweeted information follows:
Step 1: Upon realizing theft, victim requests to freeze the stolen funds. To freeze means to disallow the funds to leave the account they currently are in.
Step 2: The decentralized court of judges quickly vote to either accept or reject the freeze, based on preliminary evidence.
Step 3: If accepted, freeze is executed. The process differs based on whether it's an ERC-20R or an ERC-721R; for 20R, see paper for algorithm to trace the funds.
Step 4: Trial. Judges vote to revert or unfreeze the funds, given evidence submitted from either side.
Step 5 (last step): If reversal was agreed upon, the frozen funds are sent back to the victim. Justice is restored.
(See green in example transaction graph below)
[Wang, K. Tweet. (Accessed September 27, 2022)].
The underlying work product for this exists in a paper which may be found here. The paper does provide us with a rather simple overview of this reversal process which is provided herein for clarity:
.png)
"There is the argument that reversible transactions defeat the purpose of a blockchain but the proposed standards are not meant to replace ERC-20 tokens or make Ethereum transactions reversible, Wang stated. They “simply allow short time windows post-transaction for thefts to be contested and possibly restored,” she confirmed. Reversible tokens could be swapped, however swapping them for non-reversible tokens would only be finalized after the time window for transaction reversing has closed, making them irreversible again" [Young, M. Stanford Researchers Propose Reversible Ethereum Transactions. (Accessed September 27, 2022)].
And we all know that the nefarious perpetrators of these cyber crimes usually run to mixers or to various multiple accounts in an attempt to secret away the ill-gotten funds. The paper addresses this as follows:
By the time the freeze is executed, the funds may have been dispersed across many downstream accounts, some honest and some dishonest. In Section 2 we present an example algorithm that assigns fractional responsibility to each of the downstream accounts that received a portion of the stolen funds. The partial freeze is then applied to these accounts. Implementing this freeze strategy requires the ERC-20 contract to maintain a transaction log during the dispute window so that the freeze function can trace the funds when it is called by the governance contract. If the judges decide that a theft took place, the ERC-20R contract moves the frozen tokens from the obligated accounts to the pre-theft account.
[Wang K., Wang Q., and Boneh, D. ERC-20R and ERC-721R: Reversible Transactions on Ethereum. (Accessed September 27, 2022)].
[If the reader is interested the paper goes on to discuss information which is beyond the scope of this article. The paper discusses in technical terms the algorithms proposed to carry out the 'freeze' process as well as issues concerning governance surrounding the process and the issues involving the system judges].
While this process at first blush appears to be beneficial, it does have it's critics. "Prominent Ether (ETH) bull and podcaster Anthony Sassano wasn’t a fan of the proposal, tweeting to his 224,300 followers that 'I’m all for people coming up with new ideas and putting them out into the ether but I'm not here for TradFi 2.0. Thanks but no thanks'. Discussing the idea further with people in the comments, Sassano explained that he thinks that reversal control and consumer protections should be placed on the “higher layers” such as exchanges, and companies rather than the base layer (blockchain or tokens), adding: 'Doing it at the ERC20/721 level would basically be doing it at the ’base layer’ which I don't think is right. End-user protections can be put in place at higher levels such as the front-ends” [Quarmby, supra.].
Nonetheless, it is interesting to note that in a 2018 Tweet by Vitalik Buterin, he stated: "Someone should come along and issue an ERC20 called 'Reversible Ether' that is 1:1 backed by ether but has a DAO that can revert transfers within N days" [Buterin, V. Tweet. (Accessed September 27, 2022)].
Posted Using LeoFinance Beta