Exploitable: 0xBitcoin ERC20 Token — The next chapter of the protocol

infernal_toast
3 min readJun 29, 2022

--

In June of 2022, evidence was provided that proved that it is possible for a rogue actor to submit two 0xBTC mint() transactions in the same block in such a way that the mining sequence would be halted forever. This is an unintentional flaw within the design of the solidity contract and is so obscure that it took over 4 years to identify.

The 0xBitcoin Contract

The original 0xb6… smart contract has no owner, cannot be upgraded, and cannot be changed. Therefore it is evident that in the near future, the mining sequence will halt and there will be nothing left for all of the token miners to mine; until a solution is deployed. There are four different types of solutions as far as a spiritual successor; a new contract that will be deployed and which will continue the mining sequence.

Four different types of solutions

  1. A strictly new mineable token could be deployed which inherits none of the supply of 0xBTC but which is mineable in a similar way. This would offer no value or incentive to existing 0xBTC users to adopt.
  2. A hard migration mineable token could be deployed which allows users to permanently burn 0xBTC in order to acquire this new token and it would still be mineable in a similar way; to mine the rest of the 21m coin supply. This is not ideal because most users would be very reluctant to destroy their 0xBTC for a brand new token with no prestige.
  3. A soft migration mineable token could be deployed which allows for users to temporarily deposit 0xBTC in order to acquire this new token and it would still be mineable in a similar way; to mine the rest of the 21m coin supply. This is not ideal because when the prices of v1 and v2 are different, arbitrage bots will deposit and withdraw between the two tokens and can cause a ‘bank run’ as there would never be enough v1 tokens to back all of the v2 tokens.
    Furthermore, even if a mapping were created which only allowed users to withdraw v1 tokens if they deposited v1 tokens, users or bots could purposefully buy v1 tokens, deposit them for v2 tokens, sell the v2 tokens, and now they have ‘loaded up their mapping’ in such a way as to be similar to a put option on v2 tokens. At any time, they would be able to buy v2 tokens, swap them for v1 tokens and sell them. A smart contract could be easily written to tokenize these options which would devolve into unintended economic activity and, most likely, the amount of 0xBTC deposited in the contract will hover near 0 instead of near 10 million.
  4. Finally, the most promising of all, a trustless-airdrop-initialized mineable token could be deployed which would still be mineable in a similar way to mine to remaining of the 21m coins. A snapshot of all 0xBTC balances (including those stakes) can be computed using the wonderfully rich historical blockchain data in order to allow 0xBTC holders to claim 1 new token for each 1 0xBTC they held during the block of the halt. This ensures mass participation unlike the other options and does not jeopardize the holdings of any 0xBTC users.

It is possible that multiples of these types of solutions are deployed and naturally the community consensus will begin to revolve around one in particular. One will become the top hashrate mineable token. At this time, airdrop snapshot tooling using merkle proofs is being researched in order to help the 0xBTC and mineable tokens technology on Ethereum Mainnet move forward as smoothly as possible given these turbulent circumstances. ⛏️

--

--