Another (5th Largest) Hack, ETH Fork Rumors, & CFTC Gaining Momentum

[CoinSnacks] August 3, 2022 | Issue #230 Sponsored By: [Coin Snacks]( MUST READS --------------------------------------------------------------- Rumors: Another ETH Fork Approaching? Here's What You Need To Know [The Merge]( is closer than ever, but not everyone is happy about it. Well-known crypto miner Chandler Guo has [started a campaign]( to fork Ethereum and create a proof-of-work version that will compete with the soon-to-be proof-of-stake (PoS) Mainnet. This idea has started a debate on what would happen if EthPoW, as it is being called, actually did happen. Chandler’s Motivations Before discussing any of the implications of an EthPoW, we have to talk about why Chandler would want to fork Ethereum in the first place. Those of you who have been around crypto for a while might recognize Chandler as one of the [leaders behind the Ethereum Classic fork](. However, this situation is entirely different. There is minimal controversy behind The Merge, and it is widely agreed The Merge is good for Ethereum. So, why then is Chandler pushing for EthPow? The answer is simple: he financially benefits from an EthPoW. Chandler is a miner. The Merge would move Ethereum to PoS, making mining irrelevant. Not only would miners no longer be able to make money, but their expensive mining equipment would become useless. Understandably, that is an outcome Chandler and other miners want to avoid. Problems With EthPoW Even if EthPoW were to happen, it’s by no means guaranteed to be a success. Mining is profitable because ETH is valuable, and ETH is valuable because the Ethereum blockchain is valuable. EthPoW would be an entirely different blockchain from Ethereum and thus would inherit none of its value. It would basically be starting from scratch. Would EthPoW gain enough traction competing against the new PoS Ethereum and the proof-of-work Ethereum Classic to make mining profitable? Who knows, but it appears to be unlikely. And judging off the [recent record-high volume in ETH derivatives]( it doesn’t look like large traders are losing sleep over EthPoW. An Uncomfortable Hypothetical However, not everyone is sold that EthPoW isn’t a threat. Crypto hedge fund Galois Capital recently caused a stir on Twitter with their [thoughts]( on a proof-of-work fork. Galois argues that there is a non-trivial chance that: - The Merge fails because of unforeseen technical issues. - EthPoW is created. - Because of their ties with the Asian mining community, Tether sticks with EthPoW instead of migrating to the new PoS ETH. It goes without saying that this would not be an ideal scenario for the new PoS Ethereum. Tether is the largest stablecoin issuer in the world. To lose them would be a big hit that is hard to replace. Although these hypotheticals have a low probability of happening ([2-5% according to Galois]( they show that even though The Merge appears to be very bullish for Ethereum, there are still scenarios in which it fails. It’s important to always consider the full range of outcomes before investing in anything, especially in something as volatile as crypto. At CoinSnacks, we will keep ensuring that you hear both sides of every story so that you can make the best decisions for yourself. Related: [Ethereum After EIP-1559]( | [Ether Flips Bitcoin in Options Market for the First Time]( SPONSORED --------------------------------------------------------------- It's Sorta Like Stock IPOs... But Better [Coin Snacks]( Let's face it, the markets are unpredictable and we're all exploring ways to diversify our money. Where else can you look? Commercial real estate is your answer. That’s why we're excited about [LEX](. Truth is, the best deals in real estate are hard to find, unless you’re accredited and have access. Even then, you’ve got scarce deals, crowdfunding, or REITs to choose from. Until [LEX](. LEX IPOs buildings so you can get in the game. By taking buildings public, LEX has created [a way for you to invest in marquee commercial real estate](. Build a portfolio by picking the buildings you want to invest in. Each building gets a ticker and trades like your other stocks. As a shareholder, you can get paid dividends flowing from the rent paid by the tenants. You can also earn tax advantaged passive income and trade without lockups. [Get started]( today and explore LEX’s live assets in New York City and upcoming IPO in New Hampshire. [Sign up for free here and get a $50 bonus when you deposit at least $500](. DEEP DIVES --------------------------------------------------------------- The 5th Largest Hack In History Cross-chain bridges were dealt another damaging blow Monday, as [Nomad]( was exploited for $190 million, making it the [fifth largest hack]( in crypto history. The hack brings the total amount [drained from cross-chain bridges]( in the last 12 months to [$1.3 billion](. This is a truly unbelievable amount that has many, including Ethereum founder Vitalik Buterin, [questioning]( whether bridges have a future in decentralized finance. What Is Nomad? Nomad [describes itself]( as “an optimistic interoperability protocol that enables secure cross-chain communication.” Don’t worry; it sounds more complex than it is. In plain English, Nomad allows users to transport tokens from one chain to another. For example, suppose I had $ETH on Ethereum but wanted it on Avalanche instead. In that case, I could use Nomad to send my $ETH from Ethereum to Avalanche. Under the hood, Nomad is secured by an [optimistic verification mechanism](. This means that Nomad assumes every transaction submitted on the bridge is valid. However, each transaction must undergo a waiting period before being confirmed. During this waiting period, [Watchers]( check the validity of the transaction. If it is found that the transaction is fraudulent, then the transaction is not confirmed. It was the optimistic verification mechanism that went awry during the hack. The Hack On Monday, Nomad made a routine upgrade to the bridge. Unfortunately, as explained by Paradigm researcher [@samczsun]( they made a crucial mistake. The team inadvertently made it so that transactions could be spoofed and did not have to be verified. This was a death sentence for a bridge that relied on optimistic verifications. What makes this hack so unique and chaotic is who the hackers were. Usually, hacks are undertaken by coding geniuses who execute an intricate plan, like master thieves robbing a bank. This hack had none of that. Instead, it was more akin to looters stealing from a luxury store during a riot. After the initial hacker found the exploit, other people discovered that they could do the same thing by simply copying a transaction that worked and changing the address with their own. News of this spread like wildfire, [as people who]( wished to make a quick buck and white-hat hackers seeking to preserve Nomad’s funds rushed in. A few hours later, Nomad was completely empty. The Future of Bridges Just because the Nomad hack is the latest in a long string of bridge hacks doesn’t make it any less painful. Many people lost a lot of money through no fault of their own. To add insult to injury, Nomad had just closed a [$22.4 million seed round]( in which they described themselves as “the gold standard for trust-minimized cross-chain communication.” Ouch. Although bridges allow people to dream of a future of cross-chain applications and unified liquidity, it is clear that in their current state, they are just too dangerous. It’s tough to trust them when one mistake in a routine upgrade leads to the disappearance of $190 million. Maybe [Vitalik is correct]( and bridges have inherent limitations that can’t be fixed. Perhaps he’s wrong, and there will be a truly secure bridge in the future. In any case, until that secure bridges come along, it is probably best to treat bridges with caution. UnSOLved Mysteries The crypto hacks just keep coming. Pandemonium hit Solana last night when users reported that their internet-connected "hot" wallets had been drained. Over [8,000 wallets]( have been affected so far, resulting in [almost $5 million]( in losses. Making matters worse is the fact that we're not out of the woods yet. The cause of the hack is still not identified, meaning those numbers continue to rise. The Hack News of the attack first came in last night around [8:00 PM EST]( when users reported that both their mobile and desktop hot wallets, including popular options Phantom and Slope, had been mysteriously and suddenly drained. The attack itself is straightforward. Somehow the attackers gained access to people's [private keys](. This means that the attackers have the power to sign and approve transactions on their behalf. At that point, all they need to do is transfer funds out of the hacked wallet and into their own. Investigators still have no idea how the private keys were compromised. Right now, it doesn't look like this was an issue with Solana itself, but instead with the wallets. Some possible explanations being thrown out there include a browser extension leak, mobile malware, or, as Solana co-founder Anatoly Yakovenko speculates, an [iOS supply chain attack](. Until the investigation is complete and the hack is patched, it is probably a good idea to take any funds out of Solana hot wallets (especially Phantom and Slope) and into either Centralized Exchanges or a cold wallet. Wallet Safety Reminders Regardless of what investigators eventually find, this hack is a harsh reminder of the dangers of keeping funds in a hot wallet. What hot wallets gain in speed and convenience over their cold wallet counterparts, they lose in security. Being constantly connected to the internet means that they are in constant danger. Sometimes, like in the current Solana hack, exploits happen due to conditions entirely out of your control. For maximal safety: (1) Only keep funds you are willing to lose in a hot wallet... (2) keep the rest in a cold wallet (Ledger, Trezor, etc.)... and (3), never, ever, tell anybody your seed phrase. SPONSORED --------------------------------------------------------------- [Insert your company’s name here] Your company’s name and logo would look pretty good in [this space]( don’t you think? We’re sure our 65,000 engaged crypto enthusiasts would think so too. If your business is looking to reach an audience that represents the future of finance, there’s no better place to showcase your brand than [this spot]( in our weekly newsletter. Interested? [Get in touch](. REGULATORY FRONT --------------------------------------------------------------- A Busy Week In Regulation... Regulators continue to be all over crypto, with this week being of no exception. Since we last published CoinSnacks, there have been a host of regulatory stories: SEC Charges Individuals In $300 Million Crypto Pyramid Scheme On Monday, the SEC said it [charged 11 people]( for their roles in creating and promoting a fraudulent Ponzi scheme known as Forsage. Regulators claim that Forsage had raised more than $300 million from millions of retail investors worldwide. Robinhood's Crypto Division Slapped With $30 Million Fine The New York State Department of Financial Services (NYDFS) has [fined Robinhood (HOOD) $30 million]( for failing to comply with anti-money-laundering regulations and for improperly implementing cybersecurity programs in its crypto division. In other news, the company cut [23% of its workforce]( after releasing second quarter earnings. SEC vs. Coinbase Saga Continues As we [reported last week]( the SEC has its sights set on Coinbase, accusing the company of listing securities. This week, in an [op-ed in the WSJ]( J.W. Verret, a former member of the SECs Investor Advisory Commitee, put into words why the SEC is so behind the curve in crypto and why it is putting undue burden on crypto companies. "The SEC's position–that most tokens are securities and must register or face enforcement–is obtuse. It's also an approach that works to the benefit of the scammers and hucksters who have abused the crypto space." "Innovations require a rethinking of federal securities law. The SEC was 10 years late to the game on delivering financial statements electronically. It was similarly behind the curve in allowing CEOs to share company informations over social media. It shouldn't make the same mistake with crypto." A Growing Consensus For CFTC Regulation Given how messed up the ongoing relationship is between domestic crypto companies and the SEC (as briefly discussed above and in previous issues), all industry heads are turning to the Commodity Futures Trading Commission (CFTC) for help. Two months ago, for example, there was [The Responsible Financial Innovation Act]( where it was proposed that most digital assets would be considered commodities (instead of securities), and that they would be overseen by the CFTC (instead of the SEC). This month, we now have the [The Digital Commodities Consumer Protection Act]( which was proposed by leaders of a Senate committee earlier today. In brief, the bill would call for mandatory CFTC registration & supervision of "digital commodity platforms." Furthermore, at least [according]( to CoinCenter's Peter Van Valkenburgh: "Such a regime would accomplish many objectives, including (1) simplifying the patchwork of state money transmission regulations for registered businesses, (2) ensuring uniform consumer protections for customers of CFTC-supervised exchanges irrespective of their state of residence, and (3) lessening pressure on the SEC to act to regulate exchanges trading non-securities." So far, it seems that everyone is on board with the new bipartisan proposal, with many industry leaders voicing their [support]( and [appreciation](. But, as always when it comes to policy initiatives, there are still some reservations. According to CoinCenter's latest writeup ([TL;DR here]( and despite their gratitude for getting policies moving in the right direction, there are still several concerns posing risks to both software developers and individual crypto users. TWEET OF THE WEEK --------------------------------------------------------------- [Coin Snacks]( SPONSORED --------------------------------------------------------------- Wanna Start Your Own NFT Collection? [Techera Solutions]( bring your project to life. Keep complete creative control of your NFT collection while Techera works on the backend development including art design, NFT generation, smart contract creation, website design & development, integrating minting dApps, and more. Your NFT Launch (and the profits that come with it) can be just around the corner. [Schedule a call with one of our project managers to learn more]( We're proud to provide unlimited revisions, 24/7 VIP support, ongoing royalties, and further assistance from our experienced & talented team. Also, when you're on our website check out our [innovative, low-supply, high-utility collections](... Survive “The Arena” LIVE: a limited edition 222-piece NFT collection. The longer you stay alive... the more you win… Techera SYNDICATE: A 99-piece NFT collection where holders earn development rights to create, produce, and share in profits from a collective NFT project. [Click Here To Learn More]( Other Content You Might Enjoy --------------------------------------------------------------- - [Vitalik]( Metaverse ‘Is Going to Happen’ but Meta’s ‘Will Misfire’ - Lex Fridman [Interviews]( Coinbase CEO, Brian Armstrong - Messari [Acquires]( Dove Metrics - Paradigm [LP Letter]( Excerpt - Charles Schwab Files [Prospectus]( for Crypto-Themed ETF - MicroStrategy founder Michael Saylor [steps down as CEO]( after company reports $900 million in crypto losses - Coinbase to add [ETH staking option]( for US institutional clients - [Redeem-and-retain NFTs]( are the future of luxury goods - Tiffany & Co Launch [CryptoPunk Pendants]( - Web3 darling Helium has bragged about Lime being a client for years. [Lime says it isn't true](. - MakerDAO just approved a proposal to allow [two financial institutions]( to set up vaults & borrow DAI - How [Crypto and Esports]( Are Fueling Each Other’s Growth --------------------------------------------------------------- [Sponsor With Us]( Copyright (C) 2022 CoinSnacks All rights reserved. You are receiving this email because you opted in via our website. Our mailing address is: CoinSnacks 5500 Military Trail Suite 22-250 Jupiter, Florida 33458 USA No more crypto news? [Unsub]( here. | [Forward]( this email to a friend. | [Update your profile](