Cryptocurrency Analyst
Summary: Decentralization is the key value proposition of crypto. It enables trust and services without intermediaries. However, there is no such thing as a free lunch, as decentralization comes with severe risks, stressed last week by the $320mn Wormhole exploit. This may reduce trust in decentralized applications and give incentive to further regulation.
In August, Certus One owned by leading market maker Jump Crypto, a subsidiary of Jump Trading, launched Wormhole, an interoperability protocol allowing users to transfer tokens and use applications across various cryptocurrencies such as Ethereum, Solana, and Terra. Such an application is also known as a bridge. The most used Wormhole bridge is from Ethereum to Solana. This particular bride was targeted last week in what evolved into one of the largest decentralized finance protocol exploits in crypto.
Wormhole exploited for 120,000 Ether
On Wednesday, a hacker managed to exploit the Wormhole bridge between Ethereum and Solana for 120,000 Ether, worth around $320mn at the time. In brief, the hacker was able to mislead the protocol into assuming that the person in question deposited Ether into the contract to issue an equal amount in wETH, which is tokenized Ether on Solana collateralized with actual Ether through Wormhole. With the wETH at hand on Solana, the hacker returned to Wormhole to redeem the majority to actual Ether on Ethereum. The problem, though, as the hackers wETH was not collateralized, it was Ether collateralizing others wETH. The hacker traded the remaining wETH into other assets on decentralized exchanges on Solana to quickly get rid of the undercollateralized wETH.
Wormhole quickly offered the hacker a $10mn bug bounty if returning the funds. However, the hacker did not seem interested since Jump Crypto promptly funded Wormhole with an equivalent 120,000 Ether from their own book, saying on Twitter: “Jump Crypto believes in a multichain future and that Wormhole is essential infrastructure. That’s why we replaced 120k ETH to make community members whole and support Wormhole now as it continues to develop.” The hacker has not moved the stolen Ether yet, and to cash out such an amount will be severely challenging, as the few exchanges, brokers, and OTC desks able to liquidate such an amount will freeze it instantly if it suddenly hits their Ethereum wallet, as they know the source of the funds.
The Wormhole exploit stresses the risk of decentralization
In 2021, $1.3bn was lost in decentralized application exploits, which was more than double the amount of 2020 upon an increasing value locked in decentralized applications. Hence, the Wormhole exploit is surely not the first and most critically, it is presumably not the last exploit. The latter stresses that decentralized applications are fragile and that they will likely continue to be that for years to come. This is further enhanced upon the fact that Wormhole was not developed by a teenager living in his or her parents’ basement. It was virtually developed by Jump Trading, one of the largest market makers within equities, options, futures, and cryptocurrencies. If a protocol developed by a corporation of that size can be exploited, imagine how challenging it is for a minor start-up to develop safeguarded decentralized applications. Moreover, imagine if an exploit in fact happens for a minor start-up, it is immediately game over as they cannot in this case fund the protocol with over $300mn worth in Ether in under 24 hours. This ultimately limits innovation within crypto as fewer want to risk their start-up and reputation in the space.
Here, decentralization enters the equation. While decentralization is the key value proposition of crypto because it empowers services normally facilitated by various intermediaries such as international transfers and decentralized trading of non-fungible tokens (NFTs), it is also a notable shortcoming of crypto. This is the case with decentralized exploits, as developers and users cannot recover funds when exploits occur, compared to a centralized system where the company behind can often reverse the transaction. This means that exploits and cyberattacks can have proportionally much worse consequences when dealing decentralized.
Does crypto learn from it?
Whenever an exploit takes place, the community often makes a u-turn and presents it as somewhat positive with the main argument being that the protocol in question alongside other protocols learn from the particular exploit to develop future-proof protocols. The learning view is likely true, however, imagine in how many ways various decentralized applications can be exploited, so to potentially develop safeguarded decentralized applications through a learning phase will not be a quick fix.
One might argue that decentralized applications will experience the same learning phase and development as e.g., crypto wallets. In the early days of Bitcoin, there were no great wallets, which meant that many Bitcoins were lost forever in the first years of its lifetime. At the time, it was likely hard to imagine that institutions would ever trust crypto companies to custody billions worth of value. This is not unimaginable anymore. Quite the contrary, it is the case today. As Søren Kierkegaard said: “Life can only be understood backwards, but it must be lived forwards”.
It is important to remember that the first decentralized applications launched in 2018, so it is somewhat of a new phenomenon. This means the industry is still quite early in its learning phase. Furthermore, over the past years, several consultancies have launched making audits in the code of decentralized applications, such as OpenZeppelin, which further enhances security. Besides doing audits, OpenZeppelin has released a framework of battle-tested smart contracts intended to be used by new decentralized applications. This effectively means that as the industry matures there will perchance be various frameworks and infrastructure to be leveraged in making applications more secure.
On the other hand, even if the industry can present a near-zero exploit risk in the future, the question is whether everyday people will trust decentralized applications with their history of exploits. Not to mention that the potential consequences of exploits are rapidly intensified upon increasing usage and value locked in decentralized applications. This may enforce tough regulation by regulators before the industry proves that it is safe to interact with.
Bond. Long Bond(s)
With real rates being too positive, we see three scenarios: Opportunity to lock in rates at cycle high, government overreach to keep the economy afloat or a complete reset of the economy.
Steen Jakobsen,
Chief Investment Officer
Is a bond bull market ahead? Inflation still poses a risk for investors, but the moment for increasing duration to your portfolio may be approaching towards the end of the year, when central banks might be forced to cut interest rates.
Althea Spinozzi,
Senior Fixed Income Strategist
The furious rate hike cycle has brought gains in the US dollar, but with stagflation risks in Europe and the UK and weakness in the Chinese economy, USD may have more room to run. But a strong dollar could also have repercussions for US growth, emerging markets and commodity prices.
Charu Chanana,
Market Strategist
With the cost of capital rising painfully, stagflation fears are back, illuminating the fragile state of the green transformation, while giving a tailwind to nuclear power, and threatening the growth of AI-related stocks.
Peter Garnry,
Head of Equity Strategy
With supply tightness not only in energy but all commodities, the momentum in commodity prices may continue, pressuring central banks to lower real rates. That could be a good setup for precious metals, including gold, silver and potentially platinum as well.
Ole S. Hansen,
Head of Commodity Strategy
As the pandemic showed, even the US Treasury can experience seismic shifts. With the government increasing the pace of issuing bonds to support fiscal spending, the complex Treasury market and regulatory constraints could spark a liquidity event.
Redmond Wong,
Market Strategist
The tide has turned for bonds. Given the current yields, bonds have become an attractive investment, with added benefits including lower risk than stocks, increased diversification and a steady stream of income unaffected by economic changes.
Peter Siks,
Investment Coach