Gather round forkers, it’s time for Moonday Mornings, Hard Fork’s wrap-up of the weekend’s top cryptocurrency and blockchain headlines.
1. Police in the Philippines have arrested 277 Chinese nationals following a tip-off from the Chinese authorities. The suspects are thought to be connected to a cryptocurrency scam primarily targeting investors based in China, a local news outlet reports .
2. A 19-year-old hacker suspected of stealing music from award-winning artists to sell on for cryptocurrency has been apprehended. The teenager has been arrested on suspicion of copyright and computer misuse offenses, according to a City of London Police statement . The affected artists have not been named.
3. Deutsche Bank, one of the world’s top 20 banks by total assets, is set to join the JP Morgan-led blockchain network, the Financial Times reports . The German banking Goliath is the latest in a growing list, which now sits at some 320 banks from all over the world, vowing to use blockchain in an attempt to speed up cross border payments.
4. Despite continually being dragged across the coals, Facebook is still intent on launching its “cryptocurrency” Libra. The chief of the supposedly decentralized consortium of companies that will oversee the administration of the digital asset, the Libra Association, has said the Libra stablecoin will launch by the end of 2020, The Block reports.
5. Speaking of Libra, Central Bank officials are due to meet with Libra’s founders in Basel today, according to the FT . Don’t hold out much hope, though. Earlier this year, a US Congressional committee met with regulators in Switzerland to learn more about the “ cryptocurrency” but the meeting did little to curtail the committee’s concerns .
What’s next in blockchain ? Join Hard Fork Summit on October 15-17 to find out. With experts like Larry Sanger, co-founder of Wikipedia, on the lineup, it’s not one to miss.
PAX stablecoin has backdoor for freezing and seizing cryptocurrency
The Ethereum community has found some rather unnerving facts about a new stablecoin known as PAX. It turns out the cryptocurrency – backed by the US dollar – contains backdoors that give law enforcement (or anyone else, for that matter) a concerning amount of control over your funds.
PAX has a function – called “setLawEnforcementRole” – which creates a new Ethereum address with administrative permissions over the circulating PAX supply. This practically means anyone with these permissions can tamper with any wallet they please.
The stablecoin allows the new addresses powerful functions – particularly “freeze” and “wipeFrozenAddress” – that lets “authorities” freeze wallets (and addresses) at will, and even destroy any assets they possess.
The vulnerability in question was first spotted by blockchain developer John Backus. Hard Fork has reviewed the code to corroborate his findings. Note, the rather obvious language, specifically: “setLawEnforcementRole.”
PAX was issued as an ERC-20 token through Ethereum, which makes its code completely open for public review.
Below is code in question. The developer’s comments, punctuated by slashes, confirm what the functions were designed for.
A “stablecoin” is a cryptocurrency permanently tied to the value of another currency – typically fiat, but can be tied to anything , like gold, oil, or diamonds.
Remember: every PAX token is backed by one US dollar. For all intents and purposes, PAX suggests its tokens and US dollars should be treated as completely interchangeable.
PAX made waves when its parent company, Paxos, launched it last week . After all, it’s purportedly among the first cryptocurrency of its kind (stablecoins) to have such backing and be approved by Wall Street regulators.
I don’t think I need to highlight how monstrously insane it is for devs to hand so much power over a financial instrument (currency) to anyone – let alone government authorities. Come on, this is not Satoshi’s vision.
Despite my gripes with such centralized nonsense, cryptocurrency developers have long struggled with the existential problem of backdoors.
EOS is one smart contract-powered blockchain that market these backdoors as features to potential dApp developers. A decentralized app (dApp) startup recently used a backdoor to access user wallets , unauthorised, to retrieve tokens after it fudged its airdrop.
Bancor, another cryptocurrency platform which runs on Ethereum, pulled a similar trick recently. Despite Ethereum’s dogmatic approach to decentralization, Bancor programmed its own backdoor into its exchange smart contracts.
This allowed developers to retrieve $10 million in cryptocurrency stolen in a digital raid , which was only made possible due to vulnerabilities in its code.
For what it’s worth – backdoors like these exist in pretty much every internet service you use. In fact, German police are pretty proud to declare that they don’t even need backdoors to hack your phone .
Update 09:27 UTC, September 21: A Paxos spokesperson has since reached out to Hard Fork with a clarification. In particular, the company confirmed the backdoors were indeed built for law enforcement – mostly for regulatory reasons.
The spokesperson further noted PAX had been “approved based on stringent requirements” to “implement, monitor and update controls to prevent Paxos Standard from being used in connection with money laundering, terrorist financing or other illegal activities.”
This was also communicated in the initial approval announcement .
“The code is written because we are required to have the capability to freeze or seize tokens ourselves,” the spokesperson wrote. “This is something we don’t take lightly; it’s an action we will take only if required by law.”
In fact, it could only be approved by Wall Street regulators if it included the backdoors.
The spokesperson referred us to PAX’s legal documentation which also confirms the backdoor. “We may freeze, temporarily or permanently, your use of, and access to, PAX or the US dollars backing your PAX, with or without advance notice,” it reads, “if we are required to do so by law, including by court order or other legal process.”
Paxos also took a moment to explain that it only intends to use the backdoor when “required to do so by law.”
“We have no intention of ever giving unrestricted access to our code directly to law enforcement (or anyone else, for that matter),” the spokesperson said.
If you’re interested in everything blockchain, chances are you’ll love Hard Fork Decentralized. Our blockchain and cryptocurrency event is coming up soon – join us to hear from experts about the industry’s future. Check it out !
Europe’s largest port set to test its blockchain-powered energy trading platform
Europe’s largest ferry port is readying its blockchain-based energy trading application for deployment.
The Port of Rotterdam announced last week that its blockchain-based energy trading platform is “complete in principle” and it will begin testing it in the coming months.
The news comes about 18 months after the port and the Rotterdam municipality set up its blockchain development group , BlockLab. It first announced it was developing the blockchain-based energy trading platform shortly after in October 2017.
BlockLab has developed its energy trading platform in collaboration with energy and commodities information provider S&P Global Platts. According to the announcement, the platform will try to help “coordinate the supply and demand of energy,” between port organizations.
The new platform will allow companies based at the port to choose their energy supplier depending on the time of day, availability, and cost. BlockLab says smart contracts would be used to automate this process to increase efficiency.
Hard Fork has contacted the port for more details on what blockchain it’s using and when it will officially start testing and rollout the platform. We will update this piece as we learn more.
Blockchain isn’t the whole solution
BlockLab is aware that blockchain is only part of the puzzle in making the Port of Rotterdam more efficient. It’s also aware that blockchain might not be the best solution.
“Many solutions are, in principle, also possible without blockchain. But where do the solutions lie?” Aljosja Beije, BlockLab’s logistics lead said. “Blockchain is certainly not the solution to everything, but it can tackle the problem of trust that stands in the way of solutions.”
Indeed, it might not be the most glamorous of use cases. But shipping and logistics seems to be making real-world use of blockchain-based tech.
Last year, the Commonwealth Bank of Australia confirmed that it had successfully tracked a 17,000 kilogram shipment of almonds from Australia to Germany using trackers that interacted with a private Ethereum-based blockchain .
Earlier this year, Israel-based shipping firm, Zim, opened its electronic bills of lading (EBL) blockchain to clients following successful trials.
Did you know? Hard Fork has its own stage at TNW2019 , our tech conference in Amsterdam. Check it out .