BSC Passes Ethereum by Nearly 600% in Transaction Volume, Attracting Hackers
Image courtesy of Unsplash.

BSC Passes Ethereum by Nearly 600% in Transaction Volume, Attracting Hackers

In the wild west of onboarding DeFi developers, with great popularity comes great opportunity for hacks.
Neither the author, Tim Fries, nor this website, The Tokenist, provide financial advice. Please consult our website policy prior to making financial decisions.

In a decade, we may look back and wonder how awkward the financial world was without blockchain making decentralized finance possible. Until that time comes, we must remind ourselves that DeFi is still in the experimental phase. As its demand outpaces the quality of its coding practices, it remains a space fertile with malicious exploits.

Smart Contracts Remain Relatively Fragile

In hindsight, there is wisdom in Cardano’s belated implementation of smart contracts. Founded by Charles Hoskinson, who also co-founded Ethereum, Cardano blockchain is headed to implement its Alonzo hard fork upgrade before summer, four years after it launched as a direct competitor to Ethereum. This upgrade aims to provide more comprehensive security features when it comes to smart contract vulnerability.

It’s safe to assume that, if it had implemented smart contract capability earlier, it would have been Cardano—not Binance Smart Chain (BSC)—to receive the exodus from Ethereum’s debilitatingly high transaction fees. After all, BSC’s PancakeSwap alone matched and overshot Ethereum’s transaction count by over 28% this year.

However, given that Ethereum’s dApps have incurred $284 million worth of damages in hacks, Cardano’s missed opportunity may be worth it in the long run.  

In the meantime, as BSC continues to rake in the traffic from Ethereum’s transition, its hosted dApps are far from impervious to hacks.

Binance Smart Chain Attracts Hacks Alongside Popularity

It seems the old adage holds true – the more something is popular the more vulnerable it becomes. Over the years, we have seen this phenomenon repeat itself with web browsers. Many have been deemed more secure than others, only for this illusion to dissipate once its user base had widened.

The same is happening with BSC, not a year after its launch last September. With a miniscule number of validators compared to Ethereum, BSC makes no effort to hide its centralized network, nor do most people care at this stage of the DeFi evolution.

To give you an idea of how big BSC has gotten, Uniswap, the DeFi protocol that pioneered Automated Market Makers (AMMs) and yield farming, holds $9.54 billion in TVL (total value locked). Moreover, all DeFi apps hosted on Ethereum account for $88.4 billion TVL (total value locked).

Yet, BSC overshadows these numbers both in user count and trading volume across its own DeFi apps. BSC’s PancakeSwap alone surpasses Uniswap in user count (unique active wallets) by 723%.  

Top 7 DeFi protocols on BSC (image credit: dappradar.com).

With such a massive surge in yield-farmers come exploits. The most recent one happened last week, on May 2nd, with hackers using a classic flash loan attack to get away with $30 million from Spartan Protocol. This figure is quite close to the one from last October when Harvest Finance suffered a $34 million loss, also from a flash loan attack.

Interestingly, Binance itself has a large section on flash loan attacks, yet this knowledge failed to act as a prophylactic for the dApps hosted on its blockchain. Overall, BSC is closing in on Ethereum in damages caused by such exploits, currently at $112.3 million BSC vs. $284 million ETH. Since 2019, some of the more damaging exploits include:

  • Meerkat Finance – $31 million.
  • Uranium Finance #2 – $50 million.
  • Uranium Finance #1 – $1.3 million.
  • Spartan Protocol – $30 million.

With that said, BSC did substantially surpass Ethereum in daily transactions, peaking at 9.7 million on May 9th, while Ethereum peaked at only 1.7 million on the same day. With nearly six times the volume, BSC dApps are holding well, all things considered.

As far as the latest flash loan attack on Spartan Protocol, history continues to repeat itself. When Uranium Finance was hit the first time for $1.3 million, it transitioned to its v2 upgrade. Likewise, Spartan Protocol is doing the same.

Are DeFi Hacks Preventable?

At its current pace, BSC should outcompete Ethereum in less popular metrics – the quantity and value of exploits on DeFi protocols it hosts. As mentioned previously, BSC is far more centralized with only 21 validators compared to Ethereum’s at about 80k. This makes BSC more vulnerable because it is easier to commit an exploit with fewer risk dampeners.

More importantly, it is not a good idea to experiment anew within such a delicate, experimental space as DeFi. BSC approves hundreds of projects to developers who have not yet established smart contract best practices, which only comes with experience, i.e., time. Which brings us to Cardano.

Cardano’s Plutus – a development framework specifically built for smart contracts – aims to up the ante when it comes to both security and coding practice thanks to its unambiguous interface. If successful, this could make Cardano a programmable blockchain that is the most decentralized, the most secure, and the fastest.

Time will tell if Cardano is the only blockchain to first lay the foundation for smart contracts, while others built it on the fly. In the meantime, the programmable blockchain space will continue to expand. For example, in the upcoming months, Ebay, the e-commerce platform serving over 182 million users, is going to implement NFT sales.

We’ll see what comes of that, and which blockchain will eventually be leveraged to securely handle such transactions.

Join our Telegram group and stay connected to all things crypto, DeFi, and finance.

If you had to place a bet on who would win in the smart contract wars, would it be Ethereum, Cardano, BSC, or another chain altogether? Let us know in the comments below.

Cookies & Privacy

The Tokenist uses cookies to provide you with a great experience and enables you to enjoy all the functionality of the site.