There’s an issue I would like to bring up here. This issue was brought to light by the team behind Futereum, who have found a major bug with the Binance token (BNB) that should have been fixed already.
If you head over to Etherscan and look up the Binance token, you’ll be able to see that it reads [ERC-20], meaning it should obey the ERC-20 standard released by the Open Zeppelin team, available here.
Of course, no standard is bug-free – no matter how great a team is. Just last year, it was reported there were 130 ERC-20 tokens affected by an issue where transfer functions of token contracts did not return anything when called upon. In essence, as explained by Lukas Cremer, the problem was:
“The calling contract sends an external call to the [BadToken], which processes the call, makes the transfer, and does not return a Boolean return value. The calling contract now looks up the return value in the memory, but since the token did not write a return value, it will take whatever it finds in this memory position as the return value of the external call. This is already pretty bad: taking some data that happens to be in a memory slot as a return value is not a good idea.”
What’s the risk?
As described above, the biggest risk is that a smart contract that is expecting an ERC-20 interface will not be able to interact with the older token’s contract (if compiled with Solidity version ≥ 0.4.22). This could mean that tokens that are sent to such a contract will get stuck there forever, even if the contract has a function to transfer ERC-20 tokens.
The problem seems to be much bigger for Binance simply because it’s building its own decentralised exchange (DEX) and blockchain ecosystem. I can think of two problematic situations:
- BNB tokens cannot be sent to a decentralised exchange that compiled a contract with Solidity version ≥ 0.4.22.
- If Binance uses the same smart contract logic to build the Binance DEX, no ERC-20 token would work there. Of course, this is purely speculation, as the development quality of the BNB token does not dictate the quality of Binance.
Interestingly enough, Binance wants ERC-20 tokens to migrate over to its own blockchain, the Binance Chain, which seems a bit far-fetched to me. Strictly speaking, I don’t see a good reason why a team wouldn’t go with a much safer protocol like Ethereum or Stellar. The only advantage I see is that projects might be able to save a few (million) bucks on listing fees, plus they’ll maybe have a say on the blockchain consensus, as it will be DPoS based.
In a recent interview, Binance’s founder Changpeng ‘CZ’ Zhao said:
“The Binance Coin will migrate to the Binance Chain as a native coin. We are also encouraging other ERC-20 tokens to migrate to Binance Chain. There are many benefits for doing that. Binance Chain is a faster chain; it’s super easy to create a token on Binance Chain. There’s no smart contracts to program, it’s more secure, there’s less room for bugs […]”
If the goal of blockchain technology is to increase decentralisation, this seems the wrong way of promoting it. Still, as CZ reminded us during an interview on Ivan on Tech, Binance is a privately owned company whose goal is to make money (and I bet as much as possible).
Should we just leave the future of cryptocurrencies in the hands of another privately owned company?
Binance has created a meaningful product that connects millions of users every day. I myself have been a regular user of Binance since its inception, and I can safely say it has one of the best user interfaces out there.
I’m hopeful Binance DEX will prove me wrong and that the entire ecosystem will be truly decentralised.