Search
Have hackers just robbed your precious Bored Ape NFT? There might be a new token standard for that.
Standford researchers Kaili Wang, Qinchen Wang, and Dan Boneh recently drew up a fresh proposal for two new Ethereum token standards: ERC20R and ERC721R.
A token standard is an interface (or set of rules) that a smart contract must respect to be compatible with different decentralized applications.
The new token standards proposed are extensions of the existing ERC20 and ERC721 and would now include the ability to reverse malicious transactions.
“The major hacks we've seen are undeniably thefts with strong evidence,” said Wang.“If there were a way to reverse those thefts under such circumstances.”
2/ The major hacks we've seen are undeniably thefts with strong evidence. If there was a way to reverse those thefts under such circumstances, our ecosystem would be much safer.
Our proposal allows reversals only if approved by a decentralized quorum of judges. The steps:
— kaili.eth (@kaili_jenner) September 24, 2022
Decrypt has reached out to Kaili Wang for comments.
In simple terms, ERC20R and ERC721R combine a token contract and a governance contract.
According to the proposal, the governance smart contract is controlled by a “decentralized judiciary system” where a decentralized quorum of judges votes to freeze and reverse malicious transactions.
A victim whose funds got stolen or hacked, for instance, could make a freeze request to the governance smart contract with appropriate evidence.
While making such a freeze request, the victim must fund the judiciary process to reward the decentralized judges. Priority fees, which can be added to a case to speed up the time for its review, can also be added by the victim, per the proposal.
If the majority of decentralized judges vote in favor of the victim, the funds can be frozen, and a trial is initiated.
During the trial, both parties (the victim and the hacker) can submit their evidence to the decentralized judges, who will again vote on the outcome. Based on the final vote results, the funds are then either returned to the victim or the request is rejected.
Though the idea could help mitigate damages, many in the crypto space have criticized the researchers’ proposal.
The proposal has been widely criticized on Twitter by many in the industry, who claim that such tokens go against the founding principles of blockchain technology.
“This is a terrible idea that won’t work and is against the entire point of cryptocurrency,” tweeted Kieran Daniels of DeFi project Streams.
Argent, the popular mobile-first crypto wallet, also said that other mechanisms like multi-signature wallets and social recovery can help fix this problem while remaining “truly permissionless.”
it's an interesting idea but can be solved through other means that keep crypto truly permissionless: native account abstraction and the mass adoption of smart contract wallets
we can do things like:
– fraud monitoring
– multisig for everyone
– social recovery
— Argent (@argentHQ) September 25, 2022
Besides clashing crypto’s ethos, adding a reversibility feature to ERC20 token contracts could make it challenging to integrate with decentralized applications.
“The ‘pressure’ you mention is something that would work against you; no contracts would accept these tokens in the first place due to the complexity of handling chains of reversals,” said ZKLabs CEO Matthew Di Ferrante, CEO of ZkLabs.
Roman Semenov, the founder of sanctioned privacy product Tornado Cash, has also raised similar concerns surrounding transaction reversibility and interoperability with decentralized applications.
So how does this work when an attacker steals ERC-20R and cashes out to ETH via a DEX in the same transaction? Or ERC-20R will be incompatible with the current DeFi ecosystem? https://t.co/n5pN82ZBBe
— Roman Semenov 🌪️ (@semenov_roman_) September 25, 2022
Thus, while hacks have become commonplace in the crypto industry, it may be a while before such events are truly rectified. And if they ever are, it appears that it may not be through a reversible Ethereum token.
