A study indicates that trust is an important factor in defining a token as decentralized. Only two BTC-pegged tokens are operational on DeFi systems.
Analysis indicates that Ethereum tokens, which are backed with Bitcoin, have a certain degree of centralization. In that sense, the study says that imBTC is one of the most centralized tokens to date.
The Defiant explains that moving Bitcoin into Decentralized Finance (DeFi) is something that could bring benefits to the ecosystem, in terms of liquidity. However, this represents a challenge as DeFi applications are mostly built on top of the Ethereum network. This has led to the creation of ERC-20 tokens, which are backed by the value of Bitcoin.
Several other projects of this type are under development, but wBTC and imBTC are the only tokens that are interoperable with DeFi. Both of them have custodial characteristics typical of centralized tokens. PBTC, renBTC, and tBTC are other tokens that have a 1:1 parity with Bitcoin. According to the analysis, they have less decentralized custody characteristics.
The study considers that trust is a way of measuring centralization within the systems of BTC-pegged tokens. For example, the trust in imBTC is directed towards Tokenlon, the company behind the token, since they are the custodians of the funds. Furthermore, even though an Ethereum smart contract manages the linking of inputs and outputs, Tokenlon is the one in control of the bridge between Bitcoin and Ethereum. Consequently, the control that Tokenlon exerts does not allow a price feed to exist.
imBTC after Attack on Lendf.Me
On the other hand, the study mentions pBTC, renBTC, and tBTC, which it considers decentralized projects. The main reason for this is a set of validators that must be coordinated to fulfill various functions of the system. For that reason, they must reach a consensus on their actions and approaches, resulting in trust assumptions.
Besides, they state that prices give information about the system, such as settlements, minting fees, token burning, and maintenance of guarantees. All these characteristics make projects fall onto a spectrum, which could be considered as decentralized.
Last April 19th, hackers conducted an attack on the Chinese platform Lendf.Me, which resulted in the theft of USD 25 million worth of cryptocurrencies. Unofficially, reports indicated that the theft was related to a vulnerability in Ethereum’s ERC-777 standard. Furthermore, the failure may have originated after Lendf.Me was integrated with imBTC, which allowed the hacker to conduct the illegal operation with the supply of imBTC.
Mindao Yang, CEO of the organization behind the Lendf.Me platform, dForce, said that the ERC-777 (imBTC) continuing callback mechanism allowed the hacker to repeatedly deliver and withdraw imBTC before updating the balance.
This event has caused the Lendf.Me platform to remain inactive, at the time of writing this article. Negotiations with the theft perpetrator(s) are currently underway, but the event shows that there are still vulnerabilities that endanger the ecosystem, although DeFi platforms have great potential.
By Alexander Salazar
