CRYPTO world on razor edge after a series of devastating hacks. More than $2 billion in digital currency has been stolen this year.

Tracking the movement of stolen crypto is fairly straightforward. Transactions are recorded on public ledgers called blockchains, which anyone can analyze to find patterns. But it's harder to regain access to lost funds.

The hacks have prompted many DeFi start-ups to explore preventive measures, recruiting auditors to examine their code for vulnerabilities. Even as other types of crypto firms cut costs during the downturn, security and auditing companies have reported a huge surge in business.

''This year was a good year for attackers,'' said Goncalo Sa, a founder of ConsenSys Diligence, which carries out audits of code. ''That has definitely ingrained in the minds of people that security is something that they should take seriously.''

Not long after dropping out of college to pursue a career in cryptocurrencies, Ben Weintraub woke to some bad news.

Mr.Weintraub and two classmates from the University of Chicago had spent the previous few months working on a software platform called Beanstalk, which offered a stablecoin, a typeof cryptocurrency with a fixed value of $1.

To their surprise, Beanstalk became an overnight sensation, attracting crypto speculators who regarded it as an exciting contribution to the experimental field of decentralised finance, or DeFi.

Then it collapsed. In April this year, a hacker exploited a flaw in Beanstalk's design to steal more than $180 million from users, one of a series of thefts this year from DeFi ventures.

The morning of the hack. Mr. Weintraub, 24, was home for Passover in Montclair,N.J.He walked into his parents bedroom.

''Wake up,'' he said. ''Beanstalk is dead.''

Hackers have terrorized the crypto industry for years, stealing Bitcoins from online wallets, and raiding the exchanges where investors buy and sell digital currencies.

But the rapid proliferation of DeFi start-ups like Beanstalk has led to the emergence of a new type of threat.

These loosely regulated ventures allow people to borrow, lend and conduct other transactions without banks or brokers, relying instead on a system governed by code.

Using DeFi software, investors can take out loans without revealing their identities or even undergoing credit checks. As the market surged last year, the emerging sector was hailed as the future of finance, a democratic alternative to Wall Street that would provide amateur traders access to more capital.

Crypto users entrusted roughly $100 billion in virtual currency to hundreds of DeFi projects.

But some of the software was built using faulty code. This year, $2.2 billion in cryptocurrency has been stolen from DeFi projects, according to the crypto tracking firm Chainalysis, putting the overall industry on track for its worst year of hacking losses.

Many of the thefts have stemmed from flaws in the computer programs - known as ''smart contracts'' -that power DeFi.

The programs are often built hastily. And because smart contracts use open-source code, which provided a publicly viewable map of the software, hackers have been able to orchestrate attacks on the digital infrastructure itself, rather than simply infiltrating someone's account.

It's the difference between robbing an individual and emptying an entire bank vault.    

''DeFi has introduced a whole other level for hackers to be able to access a platform,'' said Erin Plante,  vice president of investigations at Chainalysis. ''It's putting a lot of pressure on the space and restricting the innovation that's possible.''

The breaches have shaken faith in DeFi during a grim period for the crypto industry. An epic crash this spring erased nearly $1 trillion and forced several high-profile companies into bankruptcy.

Last month, thieves exploited a coding issue to drain $190 million from a company called Nomad. Last week, the crypto firm Wintermute said its Defi division had been hacked, leading to losses of $160 million.

From crypto's inception, companies have struggled with security. In 2014, the first major Bitcoin exchange, Mt. Gox, was breached in a dangerous attack that eventually led to the company's bankruptcy and loss of billions of dollars in digital currency.

At the time, the industry was relatively small, and uncomplicated. Now hackers can attack a wider ecosystem, including an experimental economy of crypto-based video-games, decentralized lending projects and newfangled coins.

Last year, a hacker stole $600 million from the DeFi platform Poly Network; the thief returned the money following negotiations with the project's leaders.

The Research Essay continues. The World Students Society thanks author David Yaffe-Bellany and researcher Kitty Bennett.


Post a Comment

Grace A Comment!