Уязвимости децентрализованных блокчейнов: 16 сетей с функцией заморозки активов и общественное недовольство Translation: Vulnerabilities of decentralized blockchains: 16 networks with asset freezing functions and public discontent

The BNB Chain, Aptos, Sui, and 13 other major networks contain code that gives them the ability to freeze or restrict users’ fund movements. This conclusion was reached by analysts from the Lazarus Security Lab division of Bybit exchange.

Among other blockchains with asset freezing capabilities are:

The function can be rapidly activated in networks such as Arbitrum, Cosmos, Axelar, Babylon, Celestia, dYdX, Dymension, DymEVM, Evmos, Initia, Kava, Terra, Mantra, Nillion, OKB Chain, THORChain, Sei, SRCT, and XION.

In total, analysts reviewed 166 blockchains. Their study identified three categories of intervention:

As examples of these mechanisms in action, several cases were noted. One instance is the hack of the decentralized exchange Cetus on Sui, amounting to approximately $220 million. The network swiftly froze $162 million, which was later returned to the liquidity pool of the platform.

«The blockchain was built on the principles of decentralization, but our research indicates that many networks are developing pragmatic security mechanisms for quick threat response,» remarked Bybit’s Chief Risk Officer David Zung.

Experts have urged projects to adhere to transparency principles and disclose any potential for emergency interventions.

Users expressed their outrage over the news regarding blockchain’s capacity to freeze their funds.

«Everyone talks about ‘decentralization’, but few understand how few blockchains actually embody it. If someone else can block your money, it’s not really yours,» wrote one user.

Some community members described the built-in freezing feature as «Web2 in a shiny new wrapper», while others labeled it as a «serious red flag undermining fundamental trust in DeFi.»

«You expect decentralization, but what you get is a smart contract with parental controls and a ‘freeze all’ button in the code,» wrote another user.

Conversely, the team at ACY Securities characterized Bybit’s statements as «fear tactics.» They argued that the «hidden code» represents a publicly verifiable management function necessary for essential updates, rather than part of a sinister plot to steal funds.

It is worth noting that in May, independent developers rollup» for Ethereum R1 without its own token or centralized control.