Stanford University researchers have created a prototype for “reversible transactions” on Ethereum, arguing that it could be a solution to reduce the impact of crypto theft.
On a September 25 tweetStanford University blockchain researcher Kaili Wang shared a summary of the Ethereum-based reversible token idea, noting that at this stage it is not a finished concept, but rather a “proposal to spark debate and even better solutions from the blockchain community.” observing:
“The top hacks we’ve seen are certainly thefts with strong evidence. If there was a way to reverse these thefts under these circumstances, our ecosystem would be much safer. Our proposal only allows revocations if approved by a quorum decentralized of judges”.
The proposal was drafted by Stanford blockchain researchers, including Wang, Dan Boneh, Qinchen Wang, and describes “activation token standards that are siblings of ERC-20 and ERC-721” called ERC-20R and ERC- 721R.
Billions in stolen crypto. If we can’t stop theft, can we reduce its harmful effects?
Over the past few months, a couple more @Stanford researchers and I designed and prototyped ERC-20R/721R to support reversible transactions in #Ethereum.
See post and: https://t.co/38Hs0F9goU
— kaili.eth (@kaili_jenner) September 24, 2022
However, Wang clarified that the prototype was not supposed to replace ERC-20 tokens or make Ethereum reversible, explaining that it is an acceptance standard that “simply allows a short window of time after the transaction for thefts to be contested and possibly restored.”
Under the proposed witness standards, if someone’s funds are stolen, they can submit an asset freeze request to a government contract. Then a decentralized panel of judges that must vote quickly “within a day or two at most” to approve or reject the application.
Both parties to the transaction could also provide evidence to the judges so that they would have enough information, in theory, to make a fair decision.
For NFTs, the process would be relatively simple, as judges only need to see “who currently owns the NFT and freeze that account.”
However, the proposal admits that freezing fungible tokens is much more complicated, as the thief can split the funds between dozens of accounts, run them through an anonymity mixer or exchange them for other digital assets.
To counter this, researchers have created an algorithm that provides a “default freeze process to track and block stolen funds.”
It notes that it guarantees that enough funds will be frozen in the thief’s account to cover the stolen amount, and the funds will only be frozen if “there is a direct flow of transactions from the theft.”
We will address a number of other comments:
– If you think this is an incomplete solution, you are absolutely right. Our paper provides some pieces of the puzzle (it focuses on the mechanics), but we mention many open questions about decentralized government. This space needs work.— kaili.eth (@kaili_jenner) September 25, 2022
Wang’s post on Twitter generated a lot of discussion, with a mixed group of people asking more questions, supporting the idea, refuting it, or coming up with ideas of their own.
Related: UK government unveils bill aimed at empowering authorities to ‘seize, freeze and recover’ crypto
Prominent Ether (ETH) bull and podcaster Anthony Sassano wasn’t a fan of the proposal, tweeting to his 224,300 followers that “I’m all for people coming up with new ideas and putting them on the air, but I’m not here. for TradFi 2.0. Thanks but no thanks”
I’m all for people getting new ideas and putting them out there, but I’m not here for TradFi 2.0
Thanks but no thanks https://t.co/pdSIB5Ib05
— sassal.eth (@sassal0x) September 25, 2022
Discussing the idea further with people in the comments, Sassano explained that he thinks investment oversight and consumer protections should be placed at the “upper layers,” such as exchanges and companies, instead of the base layer (blockchain or tokens), and added:
“Doing it at the ERC20/721 level would basically be doing it at the “base layer”, which I don’t think is right. End-user protections can be implemented at higher levels, such as front-ends.”
