Decrypt’s Art, Fashion, and Entertainment Hub.
This is how the decentralized world is supposed to act: when someone spots something worrisome in a startup’s open-source code, he or she sounds an alarm—and the company behind the code springs into action.
That seems to be what happened earlier today when a cautionary report about crypto lending protocol Compound.finance dropped.
That protocol, according to research by Spankchain’s Ameen Soleimani and cybersecurity researcher “samczsun,” features a central point of failure that, if exploited, would allow funds to be “trivially drained.”
The company behind the protocol, which claims to hold some $161.3 million dollars’ worth of users’ cryptocurrencies, makes use of several “smart contracts”—self-enforcing financial contracts operated using the Ethereum network—to store users’ funds.
But each of these contracts, Soleimani and samczsun found, is under the influence of a centralized “administrator” account currently controlled by Compound the company, which built and released the protocol.
Asked for comment, Compound directed us to an online statement. The company’s founder, Robert Leshner, generally agrees with Soleimani’s analysis and says that there is more fine-tuning to be done. “The best part of Ethereum is that everything is in the open, for the entire world to analyze, and it holds us to the highest standards possible,” Leshner tweeted.
“On smart contract security, we agree that it’s ‘legit’ but it’s still a constant focus for us, and we’re not going to rest. There are more audits coming, and we encourage the community to participate in ensuring the security of the protocol.”
Soleimani’s research comes at a time of impressive growth for Compound, with users depositing the cryptocurrency DAI earning upwards of ten percent interest on their investments. “As the CEO of SpankChain, it’s my job to manage the company reserves, which also includes nearly half a million DAI,” he wrote. “At 10% annual interest, that’s ~$4,000 per month that we’re leaving on the table by not moving our DAI into Compound. That’s quite the opportunity cost.”
“But the thing to remember when investing is that there is no free lunch,” he added. “All investments have their risks and lending on Compound is no exception.”
Compound offers users various "cTokens", which represent users’ deposited funds—cETH, for ether, cBTC for Bitcoin, for instance. These tokens give off interest, and are held in smart contracts. But as Solemani shows, all of these smart contractors are controlled by the same administrator, the address, "0x8B8592E9570E961663 36603a1b4bd1E8Db20fa20."
Each address is also governed by a “Comptroller,” itself governed by a “Unitroller” running on the administrator’s address—leaving one single point of failure from which dozens of vital administrative privileges can be accessed.
A successful hacker, Soleimani writes, would be able to steal funds, prevent transfers, prevent the issuance and redemption of new tokens, adjust Compound’s borrowing rate, and distort the price feed in order to fraudulently “borrow against that low price.”
Soleimani also notes that Compound’s “utilization rate” for DAI—the percentage of the cryptocurrency lent out to borrowers—is surprisingly high, at 70 percent. In the event of a run on Compound’s balances, only 30 percent of users would be able to recover their funds. And Compound’s only recourse would be to increase interest rates and encourage more users to stay.
Interestingly, the back and forth between Soleimani and Leshner was played out in public, and very much in keeping with the so-called “Hacker ethic.” The Spankchain founder published his critique on Medium, and Leshner responded via Twitter, apparently to Soleimani’s satisfaction. “Fixed!” Soleimani tweeted, in reply to Leshner’s apologia. And everyone lived happily ever after.