HIP-17: Blacklist for malicious ONE Wallet Addresses

Summary : This proposal is to react and blacklist a wallet which was used for a rug pull on the network.

Background : Rug Pull are quite common in the crypto space and can only prevented by detailed reviewing of smart contracts from Devs. Often there are new projects and people trust those Devs because they have not the technical opportunity to review a smart contract in detail. Lately we also had on Harmony a project which cause a rug pull and withdraw all the ONE and transferred to Binance where it’s probably cashed out. In such a case we as Block validator could have the opportunity to Blacklist a ONE Wallet to prevent a further cash out and maybe apply pressure on the Dev to refund. But in this we must act all together and very fast, so it’s get blacklisted immediately and don’t even have the chance to cash out.

Motivation : This proposal should help to get Harmony a safer place for asset. This can also only happen in a healthy validator economy, so we need a trigger system to get the ONE Wallet address fast implemented in the Blacklist or if possible, directly distributed to the Validator Nodes. To show we are still a decentralised network we need transparency and communicate this blacklist in public and explain why those addresses are placed there. We need detailed rules to get without a voting the address directly placed without. May a future partnership with Lossless Cash could be also an option.

Specification : One Wallet address which acting malicious (i.e. take part in a rug pull or Wallet Hacks) to the network economy needs to be placed on the blacklist and if technical possible directly distribute to validator nodes to prevent a further move of stolen assets.

Suggested voting options : Use of the Blacklist or not

  • Yes
  • No

0 voters

5 Likes

Hi Ben,

Things I will say are not Harmony team view but my own viewpoint as node runner on Harmony.

I like the idea and would opt to use it if the opportunity arise. We’ll have to see how practical that would be.

Note, we will surely need 66.67% of the voting power for this to be active and I am not sure how practical that will be to engage some of the big validator for such changes (ie Binance, kucoin)

5 Likes

While this is a good idea, I’m not sure how practical it is. I think the biggest concern with something like this would be: Who decides what wallet goes onto the blacklist. If it’s an obvious rug, sure, it’s easy to say: blacklist this address that pulled liquidity.

However, if it’s a not so obvious “rug”, like what Lootswap did (no offense to FH, he’s a great guy) with their dev payout fund of 600K USD, do we also blacklist that? Technically, they drove the price down by 100%. Same with other projects. Point being is: where do we draw the line? Just hard rugs should be included on this blacklist? Or are we blurring the lines a bit. It’s a slippery slope. :slight_smile:

16 Likes

Implementing any kind of consensus would be incredibly difficult, especially with the speed required.

Good idea, but need to answer questions such as:

  • How will announcements be made?
  • What proof will be acceptable that a wallet is acting maliciously?
  • How is consensus reached on blacklisting an address?
  • How will disputes be settled?
5 Likes

Very good questions, I would ask the same!

It seems simple if we have undeniable proof of theft for example but there are so many gray areas to contemplate…

Maybe individual tokens can look at something like $LSS as a safety measure which already has processes in place…

Not sure but I am unconvinced by this proposal unless there can be something clearly defined as you outlined.

4 Likes

I understand that the idea comes from a good place but it hard to implement and be effective in any way. How can you prove for sure that a address is malicious in a fully unbiased way? Who will pull the switch saying x address is malicious?

Also, blacklisting wouldn’t be of any use because a smart scammer would use a bridge to BTC then do a atomic swap to Monero and he is gone.

The only way to mitigate these events is by education. I would much rather you simply created a portal that rewards newcomers for going through a full course about blockchain security explaining these and other risks and how to avoid them. People are often lazy but if you give them a badge at the end as a NFT they will be happy to do it for example.

8 Likes

I would say yes, but i share most of the concerns that have been expressed here. It is needed a consensus to implement addresses in the blacklist, and then, it is so easy to avoid the blacklist… By the time that there is a consensus, any person could move the funds to any other wallet, exchange or swap to any other crypto.

It is a good idea, but I think it is really really hard to apply in an effective way. So hard that I am afraid that the effort would not worth it.

4 Likes

I like this idea and I do think that having a wallet blacklist system in place is a great tool to have in the event that a situation arises where it is needed. At the same time, I can also see this potentially being abused, and/or becoming a source of “drama” in the community which could ruin this whole good vibe we have going on here. I feel that this feature should be implemented, however, I feel that we should be careful with it. I’m not sure how to vote on this one just yet. I feel like we need to have a more detailed and solid plan for a feature like this, to address the aforementioned potential issues, as well as any other possible issues that I may not be thinking about.

2 Likes

My first reaction to this proposal is YES! It’s only fair, right?

Well, I might be wrong here, but one of the premises of decentralized blockchains is that they are permisionless, meaning that everyone gets to use them, regardless of whether they are regular people or malicious actors. So, when you blacklist an address, you’re basically going against one of the principles of a permisionless and decentralized blockchain. This point is more philosophical than anything, but I think it’s a valid point.

Also, for this to be effective, the blacklisting would have to be immediate, otherwise it would be too late and the funds would be spread among hundreds of addresses. Besides, what happens if that malicious address decides to send transactions to community members, validators, etc? Would those people also get blacklisted?

My heart says yes to this proposal, but my mind says no. I agree with @Frelsi that, ultimately, education is the way to go.

10 Likes

@sophoah I was thinking about this. Glad my praticipation concept was working (with help from @Maffaz ) and we reached with HIP-14 of 68.05% and HIP-15 with 68.51%. May to reach the 66% it will take bit time but I think it’s now more realistic when seein the increased participation.

@0xsparkles So that’s why we should define in here what we call a rug or s hack :slight_smile:

@Maffaz Lossless is great that’s why I mentioned them in my HIP and hope you saw the recently news? https://twitter.com/losslessdefi/status/1456267916832247810

@Frelsi If a Wallet is Blacklisted he is not able to move any fund’s so no bridge of his stollen assets.

3 Likes

So to go forward, my suggestion would be that a Person or Group who have been hacked or rug pulled reach out fast to People DAO (may replace this with Community DAO or Validator DAO so far the People DAO is not set up?). The DAO needs to check several things like,

  • the person who has been opening the case can show a proof ownership of the wallet?
  • Are the ONE still on the Wallet or already gone to a CEX?
  • Is the case correct or just a blame over somebody?

If everthing can be confirmed the malicious address could be place by Validator DAO on a Blacklist on the GitHub and reach out to Validator to get his list over WGET and restart Harmony.
If 66% is reached the Address will be published on a specific channel here on Talk. The Person can reach out and try to explain or even give back stolen Funds.

2 Likes

To show a great example I will use this latest case from @RoboValidator

So if this is true that this was hacked and stolen the person know could say, the ONE are still on this address: Harmony Blockchain Explorer

Please help me and put it on Blacklist so he is not able to move the funds anywhere. In best case the hacker will realise this soon and hopefully reach out otherwise it will be stay blocked.

2 Likes

I missed that news, thanks for letting me know!

2 Likes

I think a “decentralized police” is inevitable at some point. But I don’t think it’s easily done by a blacklist where everyone must give consensus.

Before consensus is reached, the funds are gone and in the worst case a CEX wallet is blacklisted.

5 Likes

so some food for thought on this blacklist. Let’s assume the validator community manage to block the wallet address then what ? What would be the process to recover those fund ? at one point ? I thinking if the hacker never disclose himself then at worst those fund could be consider burnt eternally.

Also, i wouldn’t bother for very small amount, so in your process put some minimum ONE as well. it won’t be an easy task to have everyone update their node with the latest blacklist and restart.

2 Likes

oh and by the way, I just got word from @rongjian that this list needs to be only updated on the leader, so 4 nodes that are currently managed by Harmony. Sorry for the mis-information.

3 Likes

Okay so this means it could be done much faster.

great point @Severin and @sophoah
Yes we need someone investigative to prevent a wrong blacklisting. And a clear way what’s need to provided like proof of ownership. Let’s take the case from @RoboValidator in this case I heard the person reached out to the FBI, if so he can show this as proof and those ONE are quite a huge amount. Also I was thinking @Cryptowolf had several times people from hacked wallets like the faked staking dashboard. In this case the hacker could not take the funds out.

But yes how going forward? Will it be seen as burnt?
May we can use just those two cases. Those from Robo has been transfered, so probably as you say the hacker will problay not disclose and so they are like “burnt”. Those from hacks like the fake staking dashboard can be blocked for a specific time cause may the hacker will then when he see he can not transfer stop to try and we could to in a coordinated action release and transfer to a new wallet?

2 Likes

Regarding the 10M ONE wallet that got hacked, the owner of the wallet is offering the hacker a 2M ONE reward for returning his funds. So I think he would be okay with not having the hacker’s address added to the blacklist for now. He has also demonstrated ownership of the wallet as described below:

3 Likes

Would it be feasible to block all but transfers into a given wallet?

So for Robo’s example with a bounty, the account holder would only be able to transfer into a designated account with the promise the block is removed if the remaining funds are sent back.

1 Like

This breaks the the ethos of premissionless blockchain. This means that I don’t fully own my crypto. Some entity or group can come in and block my funds. This cannot be and I therefore fully disagree with this proposal.

14 Likes