Binance Considered Pushing for Bitcoin 'Rollback' Following $40 Million Hack

UPDATE: After this article was published, Changpeng Zhao, CEO of Binance, said in a follow-up tweet that after speaking with various parties, the exchange decided not to pursue the rollback approach.

In the wake of a multimillion-dollar hack Tuesday, Changpeng Zhao, the CEO of cryptocurrency exchange startup Binance publicly discussed whether the company might seek to encourage bitcoin miners and node operators to "rollback" the bitcoin blockchain, reversing transactions confirmed by the network to return the funds.

The comments were made as Zhao hosted an Ask-Me-Anything session at 3:00 UTC on Wednesday to address various questions about the hack, which saw assailant steal some 7,000 bitcoin from the exchange.

Answering questions on whether the firm would consider attempting to convince network stakeholders to roll back bitcoin network transactions, which would require pushing for consensus from major miners and mining pools to gather over 51 percent of the network's total hashing power, Zhao said:

The unprecedented step – which would have found a private business appealing to the distributed network of individuals who contribute to the operation of the cryptocurrency – was met with heavy criticism.

To try and roll back the network without an agreement between the entire industry and community would most likely be seen by many as effectively an attack on the bitcoin network, which is intended to be immutable.

However, the idea is not without context, as it has been brought up in the wake of exchange hacks in years past, and, on at least one smaller blockchain network, actually executed. Further, the conversation was initiated in part by Jeremy Rubin, a developer who has in the past contributed to bitcoin's open-source code.

(Note: To be clear, that does not imply Rubin should be seen as an authority figure in this situation, as node operators and miners would have to reverse any transactions. However, his association with the project appears to have contributed to Zhao's impression this was suggested by the network's developers.)

Indeed, Zhao noted the possible backlash against the idea, adding that he has also seen a lot of people objecting to rollbacks since there are the "ethical and reputational considerations for the bitcoin network."

"The team is still deciding that, and we are running through the numbers and checking everything," he said. "It's interesting that it's a tech solution [suggested] to us by the community, including some of the core members of the bitcoin development team. We will consider that very, very carefully, with the feedback we are receiving."

Zhao added the company is now focusing on rebuilding and recovering its exchange system and has hence suspended all withdrawals and deposits, which he said is estimated to "take about a week" to resume.

So far, Binance has not found any other of its hot wallet addresses that are compromised. Zhao said the hackers used sophisticated methods to gain access to users' accounts and orchestrated the hack patiently, in the sense that "they don't move as soon as they have one account but have waited until they have a large number of high net worth accounts."

Elsewhere in his session, Zhao said Binance has enough resources from its Secure Asset Fund for Users (SAFU fund) for recovering the loss of $40 million for users, though "it does hurt very much."

Binance started allocating 10 percent of its trading fees every month since July last year to the SAFU fund. The firm hasn't responded to a CoinDesk inquiry regarding how much exactly the fund has.

Based on the amount of the Binance BNB tokens burnt using 20 percent of its quarterly profits, Binance generated about $210 million in profits from July last year to March.

Editor's note: This article has been updated to clarify how decision-making works on the bitcoin network and to make clear Binance cannot unilaterally reverse transactions on the bitcoin blockchain.

Binance image via Shutterstock