A combination of irregular trades from API users on Binance and a set of Syscoin chained unconfirmed transactions led to media speculation that Binance had been hacked for $45 million. Binance has not been hacked, the irregular trades have been rolled back, and the Syscoin blockchain has not been compromised.
Syscoin Was Not HackedIn a blog post, the Syscoin team confirmed that Syscoin was not hacked, the chain was not attacked and is fully operational. They identified several issues that led to the speculation that it had been hacked. The main issue appeared to be chained unconfirmed transactions.
Syscoin allows for up to 25 chained unconfirmed transactions to exist, which is the same as Bitcoin. On July 4, the top address of 46 million Syscoin, which is presumably an exchange, was sending withdrawals. The blog post said that a chained transaction of 46 million Syscoins could quickly add up to a large amount and explains why it appeared that 1.2 billion coins had been created.
Considering that 1.2 billion coins are higher than the existing supply of 888 million, blockchain experts argued that this implied a fault in the chain. However, it was a case of the coins being counted multiple times. The blocks actually contained only the normal 34.65 newly generated coins.
The Syscoin team also highlighted three interrelated issues involving new blocks, not including transactions regularly, masternodes expiring, and the mining difficulty dropping. This was due to a superblock being created which caused some minor nodes to stop because they hadn’t upgraded. Mining pools that had upgraded had high default fees which meant some transactions were not being confirmed.
When a miner that had a lower rate mined a block, it would process the transactions that had lower fees set all at once. This led to larger than normal blocks being produced. The team has asked miners to change their fee policies to the default settings to spread transactions out across blocks.
Irregular Trades on BinanceThe main issue which coincides with the Syscoin mining issue were irregular trades on Binance from API users. APIs are trading bots that make automated trades. Previous API issues have resulted from users giving out their passwords on fake exchange websites allowing hackers to log in and change their API settings. In this case, APIs were used to sell Syscoin at higher prices, up to 96 BTC.
Binance said, in a statement: “At 2018/07/03 20:18:00 (UTC), irregular trades were detected from a number of API users, triggering our internal risk management system. As such, Binance made a timely decision to suspend trading, withdrawals and other account functions.”
"To protect the future interests of all users, Binance will create a Secure Asset Fund for Users (SAFU)."
Well played @cz_binance, well played.