TechScape: How a cryptocurrency project lost $180 million to a get-rich-quick scheme | Cryptocurrencies
Here is a very illegal and totally ineffective get-rich-quick scheme:
1. Borrow a billion dollars for a day.
2. Buy 51% of the shares of a small bank.
3. Organize a vote among the shareholders of the bank to send you all the money in the vaults of the bank, which you win, because you own 51% of the shares of the bank.
4. Sell your shares to the bank.
5. Pay off your billion dollar loan.
The scheme is illegal because, well, almost all of the individual steps are themselves illegal. A board vote cannot simply transfer corporate assets to a majority shareholder, that would be embezzlement, a crime; a bank cannot transfer assets into its vault as it sees fit, because it would then not meet the required reserves, a crime.
And it’s inefficient, too: it would be hard for you to borrow a billion dollars, buy out all your bank shares, and organize a vote among the bank’s shareholders to take the bank’s reserves before the bank customers find out about your scheme and rush to be the first to withdraw their assets.
Here is a possibly legal, certainly effective get-rich-quick scheme:
1. Do the same, but in crypto.
From our story:
Beanstalk cryptocurrency was stripped of reserves valued at over $180m (£138m) in seconds, after an attacker used borrowed money to gain enough voting rights to transfer the money.
An as yet unidentified attacker had borrowed $80 million in cryptocurrency and deposited it into the project’s silo, gaining enough voting rights in exchange to be able to instantly pass any proposal. With this power, they voted to transfer the contents of the treasury to themselves, then returned the voting rights, withdrew their money and repaid the loan – all in seconds.
Beanstalk was – technically is, although the writing is on the wall – a stablecoin project, which aimed to create a cryptocurrency, Beans, that would be permanently worth $1. But the name is confusing: stablecoins are best thought of as the equivalent of banks in the crypto world. You hand over the assets of a project and they promise you that they will be kept until you claim them. A bank tracks your deposits with them by giving you an account number and balance; a stablecoin does the same by giving you, well, stablecoins.
Most stablecoins tout their large reserves as a reason to trust them; the larger ones, such as Tether and USDC, once very simply promised that every coin they issued was backed one by one by a dollar in their reserves (these claims have been watered down in recent years and one of the disputes in course in the crypto space is whether they were ever true in the first place). Smaller stablecoins, like Beanstalk, tend to combine the banking aspect with what is sometimes called an “honest Ponzi”: a promise to pay wild interest rates, clearly and openly funded by new inflows of capital.
All this to say that Beanstalk held hundreds of millions of dollars worth of digital assets as reserves to back a stablecoin that was supposed to be permanently worth $1. Until it doesn’t.
Over the weekend, an attacker took advantage of a “flash loan” to take control of Beanstalk for a few seconds. Flash loans are only possible in the crypto space: a loan that is repaid the same instant it is made. What’s the benefit? Well, let’s say you found a way to buy a digital asset for $5 and sell it for $6 – then you can, in one seamless transaction, borrow $5 million, execute the trade to earn $6 million dollars, return $5 million, and profit from $1 M. The lender takes no risk — because the loan literally cannot go unpaid — and charges a small fee for the practice.
In the case of Beanstalk, the trade was not such a clean arbitrage. It was, in fact, the get-rich-quick scheme I described. The attacker used the loan to buy back voting rights in the “decentralized autonomous organization” (you’ll remember those from January) that controls Beanstalk. He then passed an emergency resolution to take all the money held by Beanstalk, with enough votes – over two-thirds – for it to take effect immediately. She sold the rights, repaid the loan and began the process of laundering the proceeds.
To be fair to Beanstalk, the attack wasn’t as overt – and stupid – as the get-rich-quick scheme. There was a subterfuge: proposals had to be submitted 24 hours in advance, so the actual proposal was not as simple as “give me all your money”; At first glance, it looks more like a proposal to donate $250,000 to Ukraine, with a single line serving to trigger a flurry of additional contracts that emptied the coffers.
But nevertheless, according to the rules of the crypto world, it is not entirely clear what wrongdoing has been committed. The attacker acquired voting rights in a way explicitly allowed by the project code, voted for a proposal explicitly allowed by the project code, and took money in a way explicitly allowed by the project code. project. Any of these things could have been changed: you could try writing a stablecoin, as many have done, that prevents even the DAO that backs it from interfering with reserves; you could prevent flash loans from being used to acquire voting rights; you can prevent voting on resolutions until they have been explicitly checked and approved. Beanstalk… no.
By real-world rules, there’s almost certainly a crime here, though it’s not easy to pinpoint which one. Maybe a fraud? You probably can’t hand someone a computer code that says in fairly plain English that it’s a proposal to donate $250,000 to Ukraine, but actually gives you a $180 million donation, then when they execute it, say “haha suckers” and don’t get into any kind of legal trouble. But the deeper you get into the crypto industry, the less real-world rules apply. In the real world, you also can’t start a wild bank that mints its own currency to pay double-digit interest rates on customer funds.
Over the past day, the founders of Beanstalk laid out a four-point plan to recover from the heist, detailing their goals to raise more reserves, bring whole those who were invested in the project before the attack and “to ensure the lasting success of Beanstalk’s business model”. Good luck to them, but I think their initial response on the day of the attack might be truer: “Honestly, I don’t know what We’re fucked… It’s highly unlikely that there’s any sort of bailout coming.
If you want to read the full version of the newsletter, sign up to get TechScape delivered to your inbox every Wednesday.