84 comments

[ 4.7 ms ] story [ 512 ms ] thread
> Mixin Network confirmd on Monday that it has "temporarily suspended" all deposit and withdrawal services after hackers broke into a database and stole about $200 million in funds from the Hong-Kong based cryptocurrency firm.

> Mixin, which is a decentralized exchange,

These 2 statements seem to contradict each other. If they are a decentralized exchange, how were funds stolen by hacking into a database?

"Decentralized" isn't a magic word. They're still an exchange, and there needs to be a way to extract funds.

The database doesn't need to contain account balances or funds so long as it contains credentials necessary to access them.

If they are storing credentials to access funds in a centralized database, they are by definition not "decentralized".

For example, Curve.fi meets the common definition of "decentralized exchange", and as such does not store credentials, etc in a centralized database. Their code is deployed to Ethereum and runs on Ethereum, so users are able to make trades against it, deposit funds into trading pools, etc, all without having a central actor hold credentials.

That said, Curve.fi can still cause users to lose funds if they have bugs in their code, but they do not have the risk of someone stealing passwords from their server and walking away with the money.

> they do not have the risk of someone stealing passwords from their server and walking away with the money

So if they get hacked and the credentials to upload code get stolen, what happens? Wouldn’t the hackers be able to deploy code that steals users crypto?

Probably requires some sort of consensus to accept newly uploaded code.
Why? Why do you speculate? The answer is easily accessible information. Smart contracts can be made immutable.
So are they? Not everybody here is an expert in smart contracts.
The purpose of Hacker News is insightful discussion; it is not a place to pipe your stream of consciousness into the comment box. Refrain from speculating about things to which we know the answer. Just look it up and post the answer, instead.

This is easily accessible information. Google it or ask an LLM. Don't just spew speculation into the void. You don't need to be a "smart contract expert" to use Google.

Yet you're the one not contributing to the discussion while someone else provided a much more interesting response to my speculation.
In my very first reply to you, I wrote the answer: "smart contracts can be made immutable."
(comment deleted)
Please stop spreading misinformation. This does not answer the question that was presented, and the implication here is misleading.

Just because smart contracts can be made immutable, doesn't mean contracts are commonly deployed that way, and even when they are, developers need a way to get people to use newer versions of immutable code (like uniswap v1 to v2).

It depends on the blockchain and on the implementation whether a smart contract is immutable. Technically, all smart contracts running on EVM (the most popular smart contract virtual machine) are immutable. However, it is possible to call smart contract methods from a different smart contract while operating on the same state. Some smart contracts use this as a hack to get around immutability, by changing which smart contract is called by a proxy smart contract.

Generally immutability is better for security reasons, but proxy contracts are useful if someone is testing in production. There have been cases of immutable contracts with bugs that locked millions of dollars of cryptocurrency with no recovery possible.

It depends. More reputable contracts such as Uniswap and Compound use immutable contracts. This is how Ethereum was designed to be used. Unfortunately, many others use the "proxy pattern" which is a weird hack allowing the code to be replaced by an admin account. This makes sense for development, because it allows code to be deployed iteratively, but IMO it needs to stop.
Ethereum contracts are generally immutable so there is no facility to "upload code".
Except that almost all of them seem to be using an update mechanism anyway...

Here's USDC on Ethereum, for example: https://etherscan.io/address/0xa0b86991c6218b36c1d19d4a2e9eb... – you can clearly see the upgrade mechanism that will allow anyone that knows the admin key to swap out the contract for anything they like.

The cryptocurrency ecosystem's idea of decentralization in a nutshell.

Of course USDC is upgradeable; it's run by an entity that is attempting to comply with the laws and regulations of many different jurisdictions. No power-hungry regulator would allow them to deploy USDC without the capability to arbitrarily intervene, freeze, and blacklist.
In a sibling thread you keep condescendingly repeating immutable this, immutable that...
Sorry, I should've added more context.

The standard decentralized setup is this:

1. Developers write a smart contract that does something. For example, a token exchange to trade tokens, or a derivatives exchange to trade exposure to tokens/real world assets/etc.

2. Developers publish the source code for this smart contract, deploy it to the chain, and, with the leverage of basic cryptography, make it impossible to change the code --- make it immutable.

3. Anyone who now comes along to use their smart contract does not have to trust the developers because they can 1) read through the open source code and 2) verify that the open source code they are reading is the same as the code deployed on chain. Of course this does not eliminate the risk of unforeseen bugs in the smart contract, which is known as "protocol risk."

If you say you are building a decentralized exchange, that is what you're doing. Otherwise, you're arguably committing fraud.

Many companies want to build financial primitives like decentralized exchanges, hopefully because they think that's where the future will lead and ultimately because there is a lot of money to be made. However, companies must comply with the rules and regulations of the jurisdictions in which they operate. These regulators nearly always insist on the ability to intervene. This creates a slightly different setup:

1. Same as above

2. Same as above, but strikeout the "make immutable" part and leave in an "upgrade authority" backdoor, which allows the code of the smart contract to be replaced (avoiding semantics). This upgrade authority can be gated by a multi-sig, requiring m of n keypairs to sign for new code to be deployed.

3. Often the code is still published, but there are many cases where the code remains closed-source.

The original commenter said this, in paraphrase:

> If you get access to the deploy keys to a decentralized exchange, can't you just deploy new code and take all the funds?

The answer is "no" because a decentralized exchange is immutable. If it were not immutable, then it would not be a decentralized exchange.

If, however, the exchange was not actually decentralized, but fraudulently claimed to be, then yes, you can do exactly as the original commenter speculates.

I'm generally opposed to these types of upgrade backdoors, but USDC might be the one project where it is acceptable. You are already trusting them to hold the actual dollars in a bank account.
bisq.network[1] seems to be doing it fine, and non-fiat decentralized exchanges have existed longer. They just don't get the hype.

[1] https://bisq.network

Can't spell decentralized without central
> how were funds stolen by hacking into a database?

Sometimes "decentralized" really means "running on a theoretically distributed network, but practically we host all the nodes/have emergency root keys/exclusively provide the software running on them and the clients used to access them – only for now, we promise!"

This particular project also seems to heavily lean on Intel SGX, according to its most recent public whitepaper from 2018 [1] and also seems to offer wallet recovery using only a user's mobile phone number and a 6-digit PIN [2] – combine that with not too many actually administratively distributed nodes, and it's not too hard to imagine what could have gone wrong...

Edit: Actually the entire proposal sounds ridiculous, unless I'm missing something: The protocol claims to offer secure, yet recoverable device-local keys, but it all seems to boil down to a trusted and independent set of signer nodes (see above for problems), as well as users being able to store a "per-device ephemeral secret" securely and locally, with backup considerations basically left as an exercise to the reader, and the reference implementation seems to just upload that backup to a central API... [3]?!

[1] https://mixin.one/assets/Mixin-Draft-2018-07-01.pdf

[2] https://tip.id/

[3] https://github.com/MixinNetwork/ios-app/blob/9e11dd02953297f...

That white paper reads like the blockchain equivalent of a The Onion article.
Only few projects (like uniswap) are truly decentralized. Most projects are not, and only claim they'll eventually become decentralized once "they finish development".
It's a spectrum, and storing credentials in a database is much closer to centralized than decentralized.
Yes it’s a spectrum. Devil is in the details. Still though.

If funds can be stolen by accessing a database hosted by a cloud provider, then what’s the point of decentralizing any part of the project at all?

Because most decentralised exchanges are "fake".

Realistically, a decentralised exchange can only operate within a single blockchain, only trading tokens on that blockchain. Works fine for trading between (for example) eth and its various tokens, but you can't do proper eth to bitcoin trades. [1]

The single-blockchain decentralised exchanges are typically real [2], but every multi-blockchain "decentralised" exchange platform cheats.

Some are literally just centralised exchanges that pretend to be decentralised with a slick software interface. The more common technique is to run their own blockchain and have valid decentralised trading on that. But you are only actually trading tokens that represent real coins. They then run a centralised holding entity that holds the real coins and implements deposits and withdrawals just like a decentralised exchange.

There are so many flaws with this scheme.

The holding company could literally run away with your funds. Bugs and exploits (and even normal blockchain behaviour like re0orgs) can result in the three seperate sources of truth (the real blockchains, the holding entity's internal database and the trading blockchain) ending up out of sync.

And just because the trading blockchain is a blockchain doesn't mean the company that controls it doesn't have the keys and power to rollback trades and otherwise change the contents.

[1] Yes, atomic swaps are a thing. But they are resource intensive and slow. I'm not aware of much decentralised trading that uses them.

[2] Though, the topic of wrapped coins complicates things.

There are non-custodial bridge schemes that have been proposed (but afaik not yet proven). The idea being that the holding company you mention is replaced by an L1 escrow contract. This trust minimized approach is not trivial to implement but at least I think I see how it could work.
The idea of non-custodial bridges runs straight into the oracle problem.

How does the smart contract on one blockchain know the state of the smart contract on the other blockchain.

One common workaround is to make the miners/validators of the trading blockchain cross-validate transaction on the other blockchains. But that's inherently one-way, the smart contracts on the other blockchains have no true visibility into the trading blockchain.

It's still impossible to get 100% right. You still have a massive surface area for bugs and exploits. And even if it's free of exploits, people forget that blockchains are only "eventually consistent". Just because escrow validated that the two blockchains were constant at the time of the cross-chain swap doesn't guarantee both blockchains have reached their final consistent state. This will eventually result in the two blockchains getting out of sync. I've seen smaller blockchains do re-orgs over a week worth of blocks.

Finally, many popular blockchains don't even have powerful enough smart contracts to even implement a bridge contract (bitcoin certainly doesn't).

You’re correct about most of the existing cross chain apps, but there’s a wide variety of operational cross chain communication protocols that are decentralized. Chainlink CCIP & Cosmos IBC are the first that come to mind.
These are 99 times out of 100 an inside job.
Probably more like 70-30. Most exchanges are a security trash fire.
(comment deleted)
"government-backed cryptocurrency thieves"

Pirates in the original sense.

If they are government-backed bandits who ply their trade on the high seas, protected by a letter of marquee, they would be privateers.
(comment deleted)
> on the social media platform formerly known as Twitter

Do they not like the new name? I don't either, though. I've seen a lot of "on X (formerly Twitter)" around and that's why I don't like the new name. If it were a good and memorable name we wouldn't need to qualify it like that.

More like there's many who don't even know about the name change.
"X" is overloaded, so you can't really use it without an additional specifier such as "formerly Twitter" and be certain people know which X you're talking about. It's one of the reasons why X is a really stupid name.

Personally, I just skip the whole issue and call it Twitter. Everyone knows what that is.

It's still hosted at twitter.com; x.com even redirects to twitter.com -- so even twitter is gently reminding us that the rebrand is halfassed at best.

But I agree, the name itself is a huge part of the problem. If they called it EdgeLordsManor (or whatever) we'd all go along, with a brief "formerly known as" period to notify non-users of the change.

I like the "X, [the platform] formerly known as X" its evolution. Latest in the wild sighting was "X, formerly Twitter".

What I like about it is that it lifts the skirt on the superficial divides. Good soldiers of the information regime all toe the line here and dutifully help Elon with his illadvised brand name destruction. I mean, I go to geopolitical websites run by people who like Putin, for example, and even there, the resistance blogger/propagandists dutifully remind us the "X, formerly Twitter" just in case we forget or haven't heard the news. We know things are bad if even North Korean output is using the "formerly Twitter" insert. Anyone checked?

Not many global brands with multibillion dollar IP willfully rebrand.

Funny enough though, not only did Twitter do it with X recently, but Facebook rebranded recently to Meta and it’s still common Meta is referred to as “Meta formerly Facebook”, even in the wiki article that is included in opening sentence.

I don’t think it’s so much a reflection on the new brands it mor a reflection on the value of the old brands which still carry a lot of value for SEO purposes which is likely was articles/blogs probably tend to include the former brands.

Facebook's parent company rebranded to meta. The site Facebook is still Facebook. The Meta rebrand was mostly for the benefit of investors. Google did a similar thing.

It is easier to rebrand for the benefit of investors. There are only hundreds of thousands of investors who matter to a company the size of facebook, or Google, and all the investors who matter spend a lot of time reading financial news, so the rebrand will not cost you too much in terms of name recognition.

But rebranding a large commercial website is a different story. There you have hundreds of millions of end users that do not have time to think too much about you neither do they care much. The fact that twitter got itself lodged in the brains of hundreds of millions of humans is a great achievement. Throwing it away is kind of dumb.

Every time I see these stories I'm glad I keep all my cash in a regulated bank with regulator backed compensation rather than some startup powered by gargling bong water and hoping the fuck they don't get hacked.
Every time I see these stories I'm glad I keep all my bitcoin in my own self-custodial wallet. Not your keys not your bitcoin.

You keep fiat currency in a bank? HFSP

Enough to eat for a couple of years. I keep my fiat currency in property.
Only property? Don't keep all eggs in the same basket. I keep my net worth in both property and bitcoin.
I can't live inside bitcoins.
That seems like a poor use of capital.
What would you do with it?
Invest.
I might be wrong, but I believe when people say "in property" it means they do invest. In real estate.
Oh, I interpreted "in my property" as like, "under my mattress", not literally invested in the property. My bad.
That makes sense now :)
That's not what "fiat currency" means.
I know. I said exactly what I meant to say.
You keep stacks of 100 dollar bills inside your physical property?
The dude who's been hunting for his hard drive with his wallet keys on a dumpster yard would like to speak a word with you. Or those who had their disks seized by the government and the coins auctioned off. Or those where someone placed malware on their PCs or phones and exfiltrated keys.
Your bank account can sure ve seized by the government and even not auctioned off.
That's far less likely in most Western countries. Whether or not bitcoin is safer than a bank depends on where you live. But in the West it definitely isn't.

If you live in the third world, sure.

Tell that to all those Russian oligarchs that got their assets frozen
To be fair to the parent commenter, they specifically said "the West", which is exactly the opposite of Russia.

That said, I do think freedom to transact is an essential human right yet to be enshrined.

The freezing happened in the west
The Western world is who froze their assets :/
>That said, I do think freedom to transact is an essential human right yet to be enshrined.

You literally cannot create a "freedom to transact" without violating other people's freedom of association. You have no right to other people's anything.

Can you explain more? I don't get how transacting affects third parties.
I agreed until the Canadian trucker protestors had their bank accounts frozen.
how would bitcoin have helped them?, presumably their wallets if made public to request donations would also have been flagged at all exchanges so no way to cash out.
You can also be put in jail for contempt until you cough up your bitcoins

If those in power want something, they tend to get it

Knowledge is power. If they do not know about it they can't ask for it
Wuhu good that I'm not a shitty person and the risk of loosing a wallet is 100x more realistic than your scenario
probably never had an offsite backup
I alwasy find it amusing that people on HN hate governments, big corps and banks so much... but when it comes to real money they trust these institutions full-heartedly (and downvote any alternative).
It turns out that way more than one person is on HN and they don’t always agree on every topic.
Yes, and I believe upvoting/downvoting reflects how HN people collectively think to some extent. I might be wrong and the upvoting/downvoting can be all artificial, of course.
Hahaha cute.

Love your self management. Just have the balls later when you loose access :-)

> and hoping the fuck they don't get hacked.

Or some of the people operating it don't decide it's time to cash out with a fake hack.