‘Member when Binance Smart Chain was a credible threat to Ethereum? Nowadays the only chain it’s threatening is BSC itself.
The number of hacks hitting DeFi sites on the protocol is bordering on the absurd. The beleaguered Rekt team can’t pursue their Oscar dreams when they’re otherwise occupied writing savage post-mortems on a near hourly basis.
The BSC team has claimed these hacks are being perpetrated by a group of well-organized hackers and urges some cosmetic measures, like hiring auditors.
Calling the hackers “well organized” is funny. At least some of the hacks are speculated to be inside jobs. If so, then “well-organized” is an understatement!
We don’t have the bandwidth to cover all the hacks in detail. Even if we tried, at best we would only be mimicking the work of the great @FrankResearcher, but no doubt getting key details wrong in the process. Instead we’ll just link the original so we can focus on what we do best, rampant unsubstantiated speculation:
Rampant Speculation #1: Why does BSC keep getting hacked?
The popular wisdom likes to blame the copy pasta projects abundant on BSC.
At the very least, some developers like to point out that the decentralized apps they build are labors of love, many of which evolve into hundreds of complex and interdependent contracts. One can copy the code, but one cannot copy the thoroughly nuanced understanding of every line of code and how it contributes to the broader ecosystem.
On the other hand, maybe some hackers understand the code all too well.
Rampant Speculation #2: Is BSC Dead?
We’re going to guess BSC is not dead. For starters, despite the volume of hacks, we note that TVL on BSC is down roughly on the same order of magnitude as Ethereum.
It seems as if several good projects are still building on BSC, so a controlled burn of the scams should only improve the overall health of the ecosystem.
Within the Ethereum ecosystem, when hackers strike they tend to rely on extant and secure projects to exit funds, commonly dumping funds through Curve. Similarly on BSC, hackers have found Curve fork Ellipsis to be a convenient route to move funds on their way to BSC bridges off the chain.
As a result, Ellipsis is proving quite antifragile, only growing stronger while the rest of BSC burns.
You read that right, staked $EPS was earning a whopping 394% BUSD rewards APY equivalent due to the sheer volume of funds passing through the system. Speculators on BSC are betting on $EPS to be the safest port in the storm.
We’re not wise enough to say where you can safely park your money, but we can breathe a sigh of karmic relief if the result of this mischief is that bad projects go belly up and good projects end up getting rewarded.
Standard Disclaimer: For more info, check our live market data at https://curvemarketcap.com/ or our subscribe to our daily newsletter at https://curve.substack.com/. Nothing in our newsletter can be construed as financial advice. Author is a $CRV maximalist and has a position in $EPS.
Bonus Disclaimers!
At the Curve Market Cap newsletter, our only interest in trying to learn in public about the fast and ever evolving DeFi space. We never have and never will take the time to investigate the morality of anybody who provides information. If we excluded degenerates from our newsletter we couldn’t possibly discuss DeFi. DYOR.
Also, nothing we ever write is ever the official position of Curve. Curve only speaks through official channels. This newsletter is just a fanzine we write for fun each morning before tackling our real work. Some time back we even considered rebranding so people didn’t get confused, but readers overwhelmingly preferred we keep the Curve Market Cap name so we left it as it is. So feel free to trash me all you like. But if you start to blur the lines and cause trouble for the legendary Curve crew, then you’ll be stuck with a much hated rebrand.
One thing you might have commented on the screen shot of EPS: the blue chip of BSC still displays an ICE token reward on their front page even though the rewards stopped accruing two weeks ago, because they'll fix it on the next UI version.