Alex Kroeger, data scientist at 0x (ZRX) Ethereum-based decentralized exchange, has unveiled a surprising feature in the Serum DEX (SRM) design. It looks like the point of centralization is found in the first Solana-based derivatives trading platform.
Too much power for one address
Mr. Kroeger admitted that the process of exploring Serum DEX, in general, was an exciting one, but its smart contract architecture poses certain risks. This Solana-based exchange has the function of depositing ERC-20 tokens, and it was here when the suspicious instrument was found.
For Mr. Kroeger, this address looks like a normal Ethereum (ETH) address. This fact makes Serum DEX vulnerable, as:
Whoever controls that address can drain the contract -- ~$6M in funds at this time.
This is only one smart contract included in Serum's DEX architecture, so the potential malefactor would not be able to touch all users' funds. However, some risks are involved due to this feature of the platform.
Finally, the researcher noted that this address must sign all transactions that withdraw tokens from the smart contract. Unless approved by the owner of the contract, no token will leave it. These two points provide the person behind the contract with "a great deal of power," Mr. Kroeger stressed.
Decentralization first?
Mr. Sam Bankman-Fried, founder of Serum DEX (SRM), promptly responded to the concerns of the 0x officer. He announced that the Serum team is tasked with the implementation of a multi-signature mechanism of authorization. Also, Wormhole, a unique Solana-Ethereum bridge, is coming soon.
Artem K., the core developer of the Yearn.Finance (YFI) protocol—well-known as @banteg—highlighted that Poa Network (POA) and Near Protocol (NEAR) had released much more advanced solutions than "multi-sig" to solve similar issues.
On the other hand, Armani Ferrante, software engineer at Alameda Research quantitative trading fund, insists that decentralization should be increased over time, so there is nothing to worry about. Otherwise, he claims, there is a risk of building a fully decentralized product that nobody will use.
As covered by CryptoComes, Serum DEX (SRM) is a pioneering trading ecosystem that brings derivatives trading to the Solana (SOL) high-performance blockchain. It was launched in August and is welcomed by the community as one of the most promising products of 2020.
