[ad_1]
In recent months, several Decentralized Finance (DeFi) protocols running on the Binance Smart Chain (BSC) have become victims of major loopholes, as the industry will continue to grow substantially in 2021.
Since the launch of Binance’s own smart contract blockchain platform in September 2021, demand has surged due to its low fees and high throughput. This enables Binance Smart Chain to occupy a certain proportion of the DeFi market, as the platform is looking for an alternative to the high gas fee of Ethereum.
Although Ethereum still accounts for the largest share of DeFi network transaction volume due to the large number of major platforms running on its blockchain, BSC is an attractive alternative in its interoperability with the larger Binance ecosystem Real success was achieved under the impetus of sex.
Given that Binance is the world’s largest cryptocurrency exchange by trading volume, its ecosystem promotes a large number of cryptocurrency transactions and transactions. The nascent DeFi platform running on BSC attracts a large user base, but the unfortunate consequence is the prevalence of malicious individuals using smart contract flaws.
As a result, millions of dollars were exploited by these vulnerabilities. BurgerSwap saw various cryptocurrency tokens worth 7.2 million USD Withdrawn from its liquidity pool in MayThe attacker also managed to get into the network Profit of about 6 million U.S. dollars Passed the lightning loan attack on Belt Finance in May.Pancake Rabbit Saw Various tokens worth 200 million U.S. dollars were stolen Exploited another flash loan vulnerability in the same month.
In recent months, Cream Finance, bEarn, Bogged Finance, Uranium Finance, Meerkat Finance, SafeMoon, and Spartan Protocol have also been attacked by BSC, highlighting the scale of the entire ecosystem.
The recent extensive use of some important BSC-based DeFi platforms has prompted Binance to directly address Recent questions about the security of BSC.In addition, Binance moved to Security assistance from CipherTrace, a blockchain intelligence company Hope to reverse the situation.
Cointelegraph also contacted Binance to solicit more comments on the hack, but did not receive a response at the time of publication.
External and internal threats
The actual situation is judgment As the total value locked in the platform continues to increase, people seem to like to use the Binance Smart Chain. However, since it is a public blockchain, the decentralized, permissionless nature opens the door to exploits.
BSC is slightly different from other public blockchains because of Ethereum, because it uses a consensus algorithm for equity verification and relies on 21 major election validators to maintain the network. This also enables BSC to prevent a single verifier from gaining significant control and possibly making changes to transactions or the blockchain.
In this sense, the blockchain itself is safe, there is no risk of 51% attacks or exploits of this nature, and most networks are taken over and used. However, the platforms and smart contracts deployed on BSC may fall victim to the external threats described by Binance.
External threats may include any type of exploitation of technical or operational vulnerabilities in platforms and projects built or deployed on BSC. At the same time, insider threats will include carpet pulling, export fraud, and insider theft or hacking.
As Binance emphasized in its recent blog post on the exploitation of BSC-based DeFi platform vulnerabilities, auditing every DeFi project and decentralized application launched on BSC is a serious task, and it is actually impossible to On each project run:
“Not every project on BSC is open source. Even so, open source does not automatically mean security. Then there is the security of smart contracts, there is no zero-defect code, and since each project is developed by an independent team, So there is always the possibility of defects.”
Binance also pointed out that it did not enforce any “review process or centralized governance” to prevent malicious projects from launching on BSC. This has been described as “technically or logistically impossible,” and the exchange pointed out that this will also constitute a censorship system that fundamentally threatens the decentralization of its ecosystem.
Nevertheless, BSC does cooperate with several third-party companies that verify and audit various projects and tokens running on its blockchain. As Binance emphasized, this has its limitations: “These audits are not mandatory, and they rarely cover new or emerging DApps. When looking for real projects, it is recommended to avoid uncertified projects and always choose A project that has been reviewed many times by different companies.”
CipherTrace to the rescue
In order to address the increase in exploits of the DeFi platform running on BSC, Binance also used the service of CipherTrace. The support aims to identify high-risk financial transactions on BSC and more than 600 decentralized applications running on the platform.
Cointelegraph got in touch with CipherTrace to understand the scope of its analysis services for BSC and what this will bring. CipherTrace CEO Dave Jevans stated that the company’s monitoring services will provide BSC with similar insights that are provided to other customers, projects and platforms:
“Our compliance monitoring tools provide functions that can identify crypto-crime and carpet-pull proceeds for financial institutions, cryptocurrency companies, and law enforcement agencies. Monitoring all chains, including BSC, provides similar results-identification Illegal sources of funds to prevent bad actors from stealing their ill-gotten wealth.”
CipherTrace is extensively involved in cryptocurrency and blockchain analysis, tracking cryptocurrencies stolen from exchanges and transactions from darknet markets. Jevans expressed some insights on why BSC has become the biggest target of DeFi attacks in 2021. He believes that due to the high fees of Ethereum, “BSC is an attractive option.” However, he added: “The more DApps built on BSC, the more vulnerabilities we will see.”
Jevans also added that the prevalence of exploits for BSC-based DeFi platforms is a direct result of the novelty of BSC and the number of unaudited smart contracts deployed on the project:
“Bad actors are flocking to new projects that do not have sufficient smart contract audits. Especially in the current environment, hackers are checking every DeFi protocol to see what vulnerabilities they can find.”
Interestingly, Jevans also pointed out that compared with other blockchains (such as Ethereum and Bitcoin), the difference between blockchain analysis on Binance Smart Chain: “Ethereum and BSC are account-based zones. Blockchain, which makes it more difficult to track the flow of Ethereum or BSC-based on tokens. In contrast, Bitcoin and Zcash are based on UTXO, so you can use dollars with serial numbers to track the actual Bitcoin Or Zcash or something.”
Step by step?
While Binance Smart Chain continues its growth path-while resisting Severe network centralization — As far as the current situation is concerned, it may not have the necessary resources or tools to completely protect the DeFi platform from attacks when it runs on the BSC. However, the platform is at least taking meaningful steps to help solve this problem.
Due to its tracking and analysis tools, CipherTrace can become an important gear in the Binance ecosystem, which is likely to give users peace of mind when using the BSC-based DeFi platform. If more attacks occur, at least, the analytics company will keep track of the stolen funds and identify illegal transfers to and from the platform running on the BSC.
From now on, BSC can continue to look for possible ways to treat the disease, instead of solving the consequences.
[ad_2]
Source link

