"Scammy abilities" such as token destruction found in Bitfinex's LEO token

07 Jul, 2019 | Updated: 07 Jul, 2019
by Will Heasman
Analysis
Scammy abilities such as token destruction found in Bitfinex's LEO token

A smart contract audit undertaken by crypto research and analytics firm, Cointelligence, has revealed a few, quote “scammy abilities” within Bitfinex’s incipient LEO token, (or Unus Sed LEO to give it its full name) including the function to destroy tokens bellowing to any address holder…

Using the Ropsten test net researchers were able to delve into the ins and outs of the LEO token and see what it was really made of.

Playing god

One of the most comprising findings within the audit was the fact that the “controller contract” which controls the LEO smart contracts can effectively play god with LEO, including being able to generate tokens at will. The controller can do so through the aptly named function “generateTokens,” essentially enabling the ability to mint an unlimited amount of LEO tokens.

In order to prove this, the researches sent 1,000,000,000,000,000,000,000,000,000,000,000,000 LEO (that’s around one undecillion - aka one trillion trillion trillion) to an address on the Ropsten testnet:

However, the biggest revelation of this audit by far, was the uncovering of the “destroyTokens” function, a function which allows the contract controller to, (you’ve guessed it) destroy LEO tokens.

However, this isn’t confined to tokens within the controller address but instead any token address containing LEO.

“The function “destroyTokens” on 477 enables the LEO controller wallet to burn anyone’s LEO tokens including but not limited to the ones present in a centralized or decentralized exchange, a hardware or software wallet, hot or cold storage, and/or a paper or brain wallet. It doesn’t matter where your coins are, they can delete your coins if they want to. As simple as that,” reads the audit.

In order to prove this, researchers burned ten billion of the previously generated LEO from an address they had just sent it to.

For “security” reasons...

In response to this, Paolo Ardoino CEO of Bitfinex responded stating that the functions were in place for reasons pertaining to “security” and future-proofing:

“For security and future proof reasons we left the ability also to upgrade the Token Contract. That's really a key feature for a contract that might live lot of years. Minting more tokens would just not make sense for Finex... like shooting our foot.”

What do you think? Is LEO too centralized for you liking? Or do you think that the functions are necessary for future upgrades?

Follow Chepicap now on Twitter, YouTubeTelegram and Facebook!

2 BITCOIN moves to watch now! ALTSEASON not happening yet.. Here's WHY!Subscribe to the Chepicap YouTube Channel for more videos!

Read more about: Bitfinex Altcoins

Poll

Are you concerned about these LEO smart contract functions?

(7 votes)

Add a comment

Check out the latest news

You will be logged out and redirected to the homepage