Users losing funds due to malicious activity is hardly unknown on Ethereum. In fact, it is the very reason researchers recently developed a proposal to introduce a type of token that is reversible in the event of a hack or other unsavory behaviors. Specifically, the suggestion would see the creation of an ERC-20R and ERC-721R, which would be modified versions of the standards that govern both regular Ethereum tokens and nonfungible tokens (NFTs). The premise goes like this: this new standard would allow users to make a “freeze request” on recent transactions that would lock those funds until a “decentralized judiciary system” determined the validity of the transaction. Both parties would be allowed to present their evidence, and the judges would be chosen at random from a decentralized pool to minimize collusion. At the end of the process, a verdict would be reached and either the funds would be returned or they would stay where they are. This decision would then be final and subject to no further contention. This would open up a practical avenue for victims of hacks and other malicious activity to get their assets back in a direct and community-driven manner. Unfortunately, this may well be an unnecessary and ultimately harmful proposition. One of the cornerstones of the decentralized philosophy is that transactions only go in one direction. They can’t be undone under virtually any circumstances. This new protocol change would undermine that fundamental precept and in order to fix what isn’t broken.
Stephen Lloyd Webber’s opinion hits the nail on the head with Web3 hack attacks happening at breakneck speed in 2022. OODA has been compiling a comprehensive Web3 incident database based on our research to categorize what compromises are taking place as well as document the root causes that plague Cryptos, DeFi, NFTs, and Web3 in general. Tracking root causes provides comprehensive insights into how innovators can create robust cyber risk management approaches and reduce the potential for consequential attacks. You can access the OODA comprehensive Crypto Incident tracker here.