Web3 protocol The Blast network has won more than $400 million in total value locked (TVL) in the four days since its launch, according to data from blockchain analytics platform DeBank. But in a social media thread on November 23, Polygon Labs developer relations engineer Jarrod Watts claimed that the new network poses significant security risks due to centralization.
Team Blast responded to criticism from its own X (formerly Twitter) account, but without directly referencing Watts’ thread. In its own thread, Blast claimed that the network is as decentralized as other Layer 2s, including Optimism, Arbitrum, and Polygon.
On multisig security.
Read this thread to understand the security model of Blast as well as other L2s like Arbitrum, Optimism, and Polygon.
– Blast (@Blast_L2) November 24, 2023
The Blast network claims to be “the only Ethereum L2 with native yield for ETH and stablecoins,” according to marketing materials on its official website. The website also states that Blast allows a user’s balance to be “autocompounded” and that stablecoins sent to it are converted to “USDB”, a stablecoin that autocompounds via the T-Bill protocol from MakerDAO. The Blast team has not released technical documents explaining how the protocol works, but says they will be released during the January airdrop.
Watts’ original post indicated that Blast may be less secure or decentralized than users think, affirming this Blast “is only a 3/5 multisig”. If an attacker takes control of three of the team members’ five keys, he can steal all the cryptocurrencies deposited in his contracts, he claimed.
“Blast is just a 3/5 multisig…”
I’ve spent the last few days diving into the source code to see if this statement is actually true.
Here’s everything I learned:
– Jarrod Watts (@jarrodWattsDev) November 23, 2023
According to Watts, Blast contracts can be upgraded via a Safe (formerly Gnosis Safe) multisignature wallet account. The account requires three out of five signatures to authorize any transaction. But if the private keys that produce these signatures are compromised, the contracts can be upgraded to produce the code the attacker wants. This means that a successful attacker could transfer the entire $400 million TVL to their own account.
Additionally, Watts claimed that Blast “is not Layer 2”, although its development team claims it is. Instead, he said Blast “simply accepts user funds” and “puts user funds into protocols like LIDO” without any bridges or testnets being used to make these transactions. Additionally, it does not have a withdrawal function. To be able to opt out in the future, users must trust that developers will implement the opt out feature at some point in the future, Watts asserted.
Additionally, Watts claimed that Blast contains an “enableTransition” function that can be used to set any smart contract as “mainnetBridge”, meaning an attacker could steal users’ entire funds without needing to to upgrade the contract.
Despite these attack vectors, Watts said he does not believe Blast will lose its funds. “Personally, if I had to guess, I don’t think the funds will be stolen,” he said. But he also warned that “I personally think it’s risky to send funds to Blast in their current state.”
In a thread from their own X account, the Blast team declared that its protocol is just as secure as other Layer 2s. “Security exists on a broad spectrum (nothing is 100% secure”),” the team asserted, “and it is nuanced by many dimensions.” It may seem that a non-scalable contract is more secure than a scalable contract, but this view may be wrong. If a contract can’t be upgraded but has bugs, “you’re dead in the water,” the thread says.
Related: Uniswap DAO Debate Shows Developers Still Struggling to Secure Cross-Chain Bridges
The Blast team claims that the protocol uses scalable contracts for this very reason. However, the Safe account keys are “in cold storage, managed by an independent party and geographically separated.” In the team’s opinion, this is a “very effective” way to protect user funds, which is why “L2s like Arbitrum, Optimism (and) Polygon” also use this method.
Blast is not the only protocol criticized for its scalable contracts. In January, Summa founder James Prestwich claimed that the Stargate Bridge had the same problem. In December 2022, the Ankr protocol was leveraged when its smart contract was upgraded to enable the creation of 20 trillion Ankr Reward Bearing Staked BNB (aBNBc) out of thin air. In Ankr’s case, the upgrade was carried out by a former employee who hacked into the developer’s database to obtain its deployment key.