Create account

R
2051d
Convincing evidence suggests that the 7,000 BTC Binance piracy mentioned earlier this morning may have been self-inflicted.

While this could have initially been a joke, a number of strange details appear and convincing signs indicate that it was not actually a theft, but a $40 million loophole.

The following results come from CryptoMedication on Twitter. Source Finder.com.au

A failed migration
By studying the TX ID planned for the alleged hacking on Binance, the conclusion is that the funds sent to bech32 addresses are no longer usable.

Shortened ID transaction: https://www.blockchain.com/btc/tx/e8b406091959700dbffcff30a60b190133721e5c39e89bb5fe23c5a554ab05ea

The vast majority of the funds allegedly stolen were transferred to Bech32 addresses.

SegWit Bitcoin portfolios are characterized by Bech32 addresses. SegWit is basically just an improved version of the Bitcoin infrastructure that is better and more user-friendly, while Bech32 addresses are the type of Bitcoin portfolio associated with SegWit.

You can immediately recognize Bech32 addresses because they start with the prefix "bc1". So, every time funds enter a Bitcoin address starting with "bc1", you know that someone is using SegWit.

Cryptocurrency exchanges want to switch to SegWit because it is faster, and because users generally request it for their own convenience, as well as for the good of Bitcoin as a whole. SegWit being more efficient, more people using it than older versions can help reduce Bitcoin transaction costs.

But to be able to upgrade, exchanges must migrate all their Bitcoins from the old addresses to the new Bech32 addresses. To do this, exchanges must literally send money from their portfolios to the new portfolios. They often move hundreds of millions of dollars. It is therefore a rather tense process and is usually done without warning to avoid creating problems.

Coinbase migrated in December 2018, triggering a slight panic, but Binance was one of the last major exchanges to migrate SegWit.

In fact, during a question and answer session following the announcement of the piracy, Binance's general manager, Changpeng CZ, Zhao answered a person who had asked when SegWit would arrive, saying that Binance was still working on it. So if this $40 million loss was really the result of an accident during SegWit's migration, CZ would probably have dodged the issue.

Why the funds are unusable
Each Bitcoin transaction contains information about the portfolios to which it is going and since, the reasons why you know it is a valid transaction, etc. Without the right information, Bitcoins cannot be spent.

One of the improvements of SegWit is that it reorganizes this information and compresses it more efficiently. Bech32 addresses are designed to read this information with the new and more efficient method used by SegWit.

So, when you send Bitcoin to a Bech32 address, you must make sure you send it from an address type type that knows how to compile the information correctly. Otherwise, it arrives at the Bech32 address without the necessary information being transferred again.

Approximately 7,000 Bitcoins worth $40 million are now blocked.

It is as if the Bitcoin of Binance had gone on holiday but had forgotten their passports. They are now stuck in an airport for eternity, because border control will not let them out without a passport.

How do we prove it's not a robbery?
What is the most likely? That a Binance technician makes this kind of mistake by carefully transferring $40 million, or that a computer hacker crazy about dopamine makes a fatal mistake by trying to escape with the loot?


CryptoMedication@ProofofResearchReplying

One particular transaction caught my attention:

The funds sent to the address: 1CQFNdCsDvZgB62eYLgS5q4eNZkZDuhUev as an illegal extraction, and at the same time they were returned to Binance. Completely abnormal procedure.

Although this is not conclusive evidence that someone at Binance made a mistake, it is a strong sign that it was unintentional work.

Indeed, when you send money to your Binance account, you send it to your personal Binance address. Once it is there, Binance systems automatically drag it into the same large portfolio, but keep track of who it belongs to.

But what has happened here is that some of the funds supposed to have been stolen have been sent directly to this large portfolio address. Presumably, the only people who would do this are Binance employees who want to invest funds directly in the portfolio. Moreover, there is no reason for a thief to do this.

Overall, the evidence is quite convincing. It is not 100% guaranteed and there may be other things to consider, but it is definitely something to consider.

It is not clear why Binance would claim it was a theft, which is even worse than admitting that it was simply a mistake.

On the bright side, 7,000 Bitcoins have just been burned. Theoretically, this means that the rest is a little more valuable....

#binance #hack #segwit #error #burn_address