Bybit Requests ParaSwap DAO to Return $100,000 in Fees Linked to North Korean Hackers
Bybit has formally requested that ParaSwap’s decentralized autonomous organization (DAO) return $100,000 in fees that were generated from transactions involving North Korean hackers. Some members of the ParaSwap DAO contend that complying with this request could undermine the protocol’s decentralization principles. This situation arose after North Korean hackers stole $1.4 billion from Bybit last month.
Unexpected Gains for ParaSwap Amid Laundering Scheme
Last month, ParaSwap, a decentralized exchange aggregator, experienced a significant surge in activity. The platform processed substantial token swaps worth $195 million, effectively doubling its typical daily transaction volume and earning $100,000 in fees. However, these transactions were linked to a laundering operation orchestrated by North Korean hackers attempting to disguise $1.4 billion in stolen cryptocurrency from Bybit. In light of this, Bybit is urging ParaSwap DAO to return the $100,000 as part of its ongoing efforts to recover the stolen assets. “While this was an automated process, it has inadvertently resulted in the DAO holding proceeds linked to a widely reported exploit,” Bybit stated in its proposal on the ParaSwap governance forum, where DAO members discuss and decide on governance matters.
Implications for Decentralization and Community Opinions
Even though the amount in question is relatively small compared to the total stolen, the outcome of this issue may significantly influence the ParaSwap DAO and the broader decentralized finance (DeFi) ecosystem. Conversations with five delegates revealed that none intended to support the DAO retaining the funds. Many members of the governance forum assert that complying with Bybit’s request would jeopardize the protocol’s commitment to decentralization. One participant, known as krinweb3, emphasized that agreeing to return the fee could harm ParaSwap’s reputation, stating, “The protocol has always been permissionless — there’s no in-between.”
The Broader Context of the Theft and Laundering
This dilemma arises amidst a larger context involving the $1.4 billion theft from Bybit by the Lazarus Group, a North Korean state-sponsored hacking organization. In the aftermath, Lazarus has utilized various DeFi protocols to launder the stolen funds, prompting some platforms to implement measures that could compromise their decentralization to prevent further misuse. While Bybit has managed to recover some portions of the stolen cryptocurrency, a significant amount remains unaccounted for.
The Ethical Considerations of DAO Governance
Decentralized autonomous organizations (DAOs) function as a governance model within DeFi protocols, operating without a traditional corporate structure and making decisions through token holder voting. This is not the first instance where ParaSwap DAO has had to confront the ethical implications of fees earned from illicit transactions. Earlier this year, the DAO debated whether to return fees earned from a hacker who laundered tokens stolen from a crypto casino. Currently, several delegates express their intention to vote in favor of returning the fees. Citizen42, a pseudonymous delegate, remarked, “ParaSwap DAO does not want to benefit from the stolen funds,” framing the decision as a moral one in line with the values of collaboration in the Web3 space. Another anonymous delegate expressed concern about the potential precedent this decision may set, although they hope such incidents will become increasingly rare.
Legal Risks and Compliance Concerns
However, retaining the funds could expose the DAO to legal ramifications. Gabriel Shapiro, a legal expert specializing in DeFi, indicated that the DAO could face accusations related to money laundering or complicity in illicit activities, as well as liability to Bybit under theories of conversion. He noted that even if the ParaSwap DAO or its members are not directly liable, the tokens involved may be subject to forfeiture.
Other Protocols Also Affected by Laundering Activities
It’s important to note that other protocols have also benefited from Lazarus’ laundering activities. Thorchain, a platform enabling users to swap assets across different blockchains, has been utilized by Lazarus to obscure the origins of stolen funds and facilitate exchanges into Bitcoin, which is more easily laundered. Since the Bybit hack, Lazarus-affiliated wallets have used Thorchain to exchange $812 million worth of tokens, incurring substantial fees along the way. While Bybit has not disclosed whether it will pursue fees from Thorchain, recovering those would be more complex, as fees on that platform are automatically distributed to numerous liquidity providers, in contrast to ParaSwap, where fees are directed to its DAO treasury for governance token holders to allocate.
Concerns Over Reputation and Precedents in DeFi
Some members of the ParaSwap DAO caution that returning the swap fees to Bybit could negatively affect the protocol’s reputation. DeFi platforms pride themselves on being permissionless and decentralized, setting themselves apart from traditional financial systems that often impose restrictions. The immutable nature of DeFi protocols means they do not discriminate against users, even if they are engaging in nefarious activities. A governance participant known as aypierre warned that returning the funds could create a troubling precedent, inviting claims from anyone who has previously lost funds through ParaSwap. Another member, enerow, argued, “It’s not Bybit’s funds; it is revenue for a service delivered from a trustless protocol executed on a decentralized blockchain.” Discussions surrounding the issue are ongoing within the ParaSwap governance forum, and a formal vote regarding the fate of the swap fees has yet to be scheduled.
