Exchange hackings and cryptocurrency thefts have seen a dramatic surge in the first part of 2018. A recent report by Reuters shows that total of $761 million has already been stolen from exchanges this year, compared to around $266 million for the whole of 2017.
These staggering numbers, while likely a sign that more needs to be done in the way of exchange security and further decentralization efforts, have left many to rush to conclusions and assume the worst whenever irregularities occur.
This has certainly been the case with the latest incident involving Syscoin (SYS) and Binance, where the Syscoin team prompted the exchange to suspended trading as a temporary measure to protect investor assets after they noticed aberrant transactions on both the Syscoin network and Binance trading platform.
On June 3 at 20:18:00 UTC, a series of irregular transactions occurred that culminated in the purchase of 11 SYS in exchange for 96 BTC ($630,000) when one SYS was valued at around $0.20 at that time.
— CryptoTutor⚡️ (@CryptoTutor) July 3, 2018
In what has turned out to be a completely unrelated series of events, Syscoin mining blocks were being processed in an irregular manner, masternodes were expiring, and network difficulty was dropping as large ASIC-based miners stopped mining at around the same time as the Binance activity.
According to detailed information provided to us by the Syscoin team, the issues stemmed from a recent upgrade the 3.0.6 version of the project’s Qt wallet, which worked to implement a mandatory fix to a governance superblock fee calculation bug. As a result, any node that was not running 3.0.6 by the next superblock payout following the upgrade deadline was immediately halted.
Adding to the confusion, several large Bitcoin-Syscoin merge mining pools that upgraded to 3.0.6 had set fee policies above the default rate for Syscoin. This caused only transactions that specified these higher fees to be accepted, and other transactions to “back up” in the mempool.
Therefore, when miners with a lower fee rate won a block, transactions held in the mempool were mined in batches, resulting in the appearance of larger than normal amounts of Syscoin to be transacted in a single block. The Syscoin team has noted that this is expected behavior, stating that they have urged miners to set their fee policies to the default to further alleviate delays in transaction processing.
These delays ultimately led to irregularities on the Syscoin block explorer that showed large block output values of 544 million SYS and 1.2 billion SYS, which initially flagged the Syscoin team to investigate further.
Additionally, a major account with 45 million SYS (likely an exchange) was initiating withdrawals in a chained manner which initially triggered Syscoin to notify exchanges to halt trading in case of an attack. This activity turns out to be again unrelated, as the account was simply a user moving the coins multiple times within the same block.
Users also reported that their bitcoin balances on Binance were negatively affected during the price elevation and that 7,000 bitcoin was moved off of Binance at around the same time, however, these reports have not been confirmed to be related to the current series of events.
The obscure block outputs combined with many transaction processing issues and Binance’s SYS price surge led many to conclude that Syscoin’s blockchain’s had been compromised.
What happened next comes at no surprise, with many throwing around sensational headlines to spur hysteria. However, after investigating, the Syscoin team concluded the irregularities were the result of users not updating their nodes and select mining pool fee policies, not a security issue.
We have identified that transactions were not being mined simply because of miner policy and miners not having upgraded to 3.0.6. The transactions were going through just were taking a little longer (1 hour, instead of 1 minute).
Early reports also indicate that the events that occurred on the Binance trading platform were the result of an exploit of the exchange’s API which reportedly effects all coins on Binance, not just Syscoin.
In response to the incident, Binance worked quickly to suspend trading and APIs, rollback irregular trades, offer free transactions and set up a cold wallet fund for any investor affected by the event.
Starting from 2018/07/14, we will allocate 10% of all trading fees received into SAFU to offer protection to our users and their funds in extreme cases. This fund will be stored in a separate cold wallet.
Other exchanges, including Bittrex and Poloniex, also took immediate action to suspend trading at the request of Syscoin.
Syscoin kept communication channels open and in a statement released following the investigation, Syscoin team member Keyare assured worried investors no hacking event had taken place on the Syscoin network.
There was no exploitation of the Syscoin blockchain. There was no minting of coins. The blockchain shows this. It was a series of events that coincided with extremely odd movements in Binance. We will have an official report later today.
— Binance (@binance) July 4, 2018
Since that time, Binance has reset API keys and resumed trading, as did all other exchanges, as it became evident that exchanges were not under attack. There is no word regarding the potential exchange-wide API compromises, but it does not seem to be a real issue at the current time.
In an official statement provided to SludgeFeed, the Syscoin team put it simply, “The Syscoin chain was not attacked and is fully operational as per design.”
Disclaimer: This article’s author has cryptocurrency holdings that can be tracked here. This article is for informational purposes only and should not be taken as investment advice. Always conduct your own due diligence before making investments.