On Wednesday (May 8, 06:29 UTC), just hours after digital asset exchange Binance had announced that it had been hacked and suffered a loss of around 7000 bitcoins, its CEO, Changpeng Zhao (aka "CZ") said that, after consultation with several prominent members of the crypto community, Binance had decided not to attempt a rollback on the Bitcoin network in order to recover the stolen bitcoins.
The attack on Binance was detected at 17:15:24 UTC on May 7 when a single Bitcoin transaction (representing BTC withdrawals from multiple user accounts) moved approximately 7,074 BTC out of the exchange.
Amazingly, just hours after Binance had announced it had been hacked, CZ went ahead with a Periscope Ask Me Anything (AMA) session that had been scheduled for 03:00 UTC on Wednesday (May 8). During this AMA session, CZ said:
"We've been working with other exchanges to block deposits from those hacked addresses."
Much more surprisngly, he also said:
"[On] the other topic of 'do we want to issue a rollback on the Bitcoin network'... Because right now, the 7,000 BTC is far higher than if we distribute that to miners. It would be far higher that what they got paid for the last few blocks. To be honest, we can actually do this probably within the next few days. But there are concerns if we do a rollback on Bitcoin network at that scale. It may have some negative consequences in terms of destroying credibility for Bitcoin. So, again, the team is still deciding that, and we're running through the numbers and checking everything."
This comment, understandably, shocked and angered the crypto community on Twitter. Here were just a few of the responses:
1/Even if a friendly blockchain reorg was possible to specifically target the stolen funds it would absolutely set a terrible precedent in #bitcoin. The perception of immutability and digital gold would be lost entirely.— Vortex (@theonevortex) May 8, 2019
No one is going to re-org the Bitcoin blockchain over this.— WhalePanda (@WhalePanda) May 8, 2019
1) no bailout should ever be done, this isn' Ethereum
2) 7000 btc isn't that much for Binance (if they were honest about how much they are making)
3) play stupid games, win stupid prizes.
1/ Back of the envelope math for doing a 58 block reorg (current confirmations for the tx that took money from binance):— Jimmy Song (송재준) (@jimmysong) May 8, 2019
Minimal cost: 58 * 12.5 btc = 725 BTC (assumes every miner would get roughly the same tx fees in the new chain and that 100% of miners go with this scheme)
One of the first people to suggest the idea of a rollback on the Bitcoin network was Jeremy Rubin, who had tweeted about this less than an hour after Binance's security breach announcement:
@cz_binance if you reveal your private keys for the hacked coins (or a subset of them) you can decentralized-ly at zero cost to you, coordinate a reorg to undo the theft.— Jeremy Rubin (@JeremyRubin) May 8, 2019
You can even sign batches of txns with the old utxos paying miners with different locktimes to make it a permanent reward to unwind this hack.— Jeremy Rubin (@JeremyRubin) May 8, 2019
Cheaper than losing all 7000
Well, to the huge relief of the crypto community, at 05:20 UTC on Wedneday (May 8), CZ tweeted that Binance had decided not to go ahead with the rollback idea, and talked about its pros and cons:
pros: 1 we could "revenge" the hackers by "moving" the fees to miners; 2 deter future hacking attempts in the process. 3. explore the possibility of how bitcoin network would deal with situations like these.— CZ Binance (@cz_binance) May 8, 2019
cons: 1 we may damage credibility of BTC, 2 we may cause a split in both the bitcoin network and community. Both of these damages seems to out-weight $40m revenge. 3 the hackers did demonstrate certain weak points in our design and user confusion, that was not obvious before.— CZ Binance (@cz_binance) May 8, 2019
cons: 4 While it is a very expensive lesson for us, it is nevertheless a lesson. it was our responsibility to safe guard user funds.— CZ Binance (@cz_binance) May 8, 2019
We should own up it. We will learn and improve.
As always, thank you for your support!
would be very hard to pull off anyway, not for $40m. Most miners will not "centralize" together just for that. But it was suggested by some great minds, we learned, considered, and decided not to pursue further.— CZ Binance (@cz_binance) May 8, 2019
To put this to bed, it's not possible, bitcoin ledger is the most immutable ledger on the planet. Done. https://t.co/rKLBCEZmgp— CZ Binance (@cz_binance) May 8, 2019
It is imporant to note that what CZ means by the most recent tweet shown above is that although it might be technically possible to do a rollback, practically, "it's not possible" since it would do immense harm to the credibility of Bitcoin, which has immutability as one of its key value propositions.