Hacks, Forks, and Hash Rate

Not-So-Private Keys

This week started with a pair of high-profile exploits – the first of which came in the form of a bridge hack, as interoperable bridging protocol Nomad was hacked for $200 million. Ironically, the vulnerability appeared to stem from a known bug highlighted in a previous audit. Despite this, the Nomad hack furthered widespread skepticism surrounding multichain bridge security.

To seemingly one-up Monday’s hacker, an entity on Tuesday began a smaller but arguably more sinister hack that manifested in funds being drained from individual “non-custodial” hot wallets native to the Solana network. This was a confounding exploit as the hack targeted individual users, not a protocol or treasury. It appeared on chain as though users were signing their transactions, thus validating transfers to the malicious actor.

The apparent novelty of this hack initially caused widespread panic since many reasonably believed this to be an issue specific to the Solana blockchain, potentially rendering all funds secured on Solana to be compromised. The uniqueness of the situation also resulted in an extended diagnosis period for the issue. While exploits are typically diagnosed minutes following their public reveal, this issue required more time for developers and consequently produced an extended period of confusion.

A few hours into the hack, a white hat hacker purposely spammed an RPC node on Solana to slow the network down, thus reducing the ability for the hacker to continue to drain funds. The downside of this strategy was a mass hysteria related to a rumor that the validators had collaborated to shut the network down. If this were true, we would have a much larger issue related to centralization and censorship to discuss.

As an aside, this ability to spam the network is a long-persisting issue with Solana that will supposedly be remediated with its pending update.

Ultimately, security researchers could trace the hack to Slope mobile wallet users. Slope is a mobile hot wallet that is compatible with dApps on Solana. Somehow (details still being investigated), the mnemonic seed phrases that generate private keys stored by Slope were leaked to a software service provider, Sentry.

The hacker seemingly accessed the Sentry servers where the seed phrase was stored and was subsequently able to drain user funds with the appearance of users approving each transaction. It is worth noting that several hot wallets from other service providers were compromised because they shared the exact seed phrases.

There are a couple of key takeaways from this:

1. While there are several risk factors to consider when investing in Solana (several of which we highlighted in our note a few weeks ago), this exploit is not one of them. The compromised element was within the software built on top of the Solana blockchain. This theoretically could have happened on any blockchain.
2. When we say, “not your keys, not your cheese,” this doesn’t mean that your funds are only at risk of seizure on centralized exchanges. This also means that your keys could be at risk if stored within a third-party closed-source software application like Slope. While it is reasonable to assume that funds are safe on more battle-tested non-custodial hot wallets, newer applications built by a private team carry an inherent risk. A safer rule of thumb is that anything connected to the internet is always at risk of a potential exploit.

Despite this bad press for Solana, we remain constructive on $SOL through the end of this year as it remains one of the better risk/reward opportunities among alt layer-1s. Some variables that would make us reconsider include a steep decline in network usage, subdued developer activity, or network-level security compromises.

Merge Momentum Intensifies

Those who follow our work are familiar with the Merge and understand its relative importance in the current crypto landscape. Well, it seems that Goldman Sachs is finally on board with the Merge and has released a research piece on the critical event.

This weekend marks the beginning of the final testnet Merge – the last critical dress rehearsal that will determine whether the Mainnet Merge goes forward as scheduled or must be delayed again. Should the final testnet Merge be completed without any significant issues, we are all systems go for the mid-September transition from PoW to PoS.

Hard Fork in the Road

We are also seeing an increase in Merge confidence in GPU secondary markets. Some Ethereum miners that use GPUs to mine blocks are seemingly starting to liquidate their hardware, which has already had quite the deflationary effect on GPU prices.

Some of that mining capacity has moved to Ethereum Classic ($ETC), a hard fork of the Ethereum blockchain that preserved the historical DAO hack on-chain. We can see below that following the preliminary announcement of the September 19^th Merge date, the hash rate on Ethereum Classic spiked, preempting an increase in ETC price as well.

As Ethereum’s transition from proof-of-work (PoW) to proof-of-stake (PoS) enters its final stages, some investors and traders in the space are discussing the prospects of a potential hard fork and the resulting implications. The desire for a hard fork largely stems from a cohort of PoW miners that will need to either find another network to mine or sell their GPUs on the secondary market.

A hard fork would result in the existence of three networks that share a common origin:

1. Post-Merge PoS Ethereum (the network that $USDC, $USDT, $WBTC, DeFi applications, and other smart contracts are built on)
2. Ethereum Classic ($ETC, the PoW blockchain hard-forked following the DAO hack in 2016)
3. PoW Ethereum (the hard-forked chain).

In the instance of a hard fork, ETH holders would be airdropped the new hard forked token, similar to how bitcoin fork tokens were deposited to user wallets during the block size wars several years ago.

To be clear, it is quite improbable that any applications or developers would elect to support the forked PoW chain, thus rendering any forked versions of collateralized assets such as USDC, USDT, and WBTC obsolete and making the forked chain practically unusable.

However, from a strategy perspective, this does present an interesting opportunity to farm airdropped tokens from desperate miners, a bonus incentive to be positioned long into the Merge.

Stablecoin Velocity Points to Increasing Activity in Ethereum Ecosystem

While we have previously highlighted trends regarding the increased activity in the spot and derivatives markets, there is growing evidence that the Merge tailwinds have manifested in increased demand on-chain.

Stablecoin usage is a good indication of how active a respective layer 1 economy is. As a reminder, stablecoins offer a relatable store of value within a blockchain ecosystem, allowing users to transact and participate in digital economies without the need to convert back to fiat currency in the non-digital financial system. Many refer to stablecoins as a key “on-ramp/off-ramp” tool from the fiat economy to the crypto economy. If the stablecoin balances on-chain increase and the transacting of these stablecoins increases, there is good reason to believe that there is some underlying demand for blockspace on that chain.

We can see that $USDC is the preferred stablecoin on Ethereum, currently comprising 42.8% of the total stablecoin balance.

While the overall USDC market cap has not substantially increased in recent weeks, it has seemingly started being used more.

Velocity, the rate at which a currency is transacted for goods and services in an economy, can be used to assess the relative activity on chain. We can see below that USDC velocity is trending higher towards levels witnessed during periods of more constructive price action.

This increase in stablecoin activity is corroborated by an overwhelming rise in transaction count, active addresses, and a more muted reversal of new addresses on chain. This pronounced increase in on-chain demand continues a trend reversal that started over a month ago.

Another on-chain indicator we would like to highlight this week is SOPR – which suggests increased investor confidence. At a high level, SOPR gives us an idea of the overall profitability of holders selling their ETH on any given day. If SOPR is below 1, investors are exiting positions at a loss, while a SOPR above 1 means the average holder is selling for a profit. 

Therefore, SOPR trending higher essentially indicates that investors are gaining confidence that prices will continue to increase and are holding for a more profitable exit.

We can see below that the 30-day moving average has been a generally reliable trend indicator over the past 12 months and currently, although still below 1, is moving conclusively higher.

Contrasting Bitcoin On-Chain Data

We think that on-chain data for bitcoin continues to support our thesis that BTC underperforms ETH and leading alts in the near term.

Looking at the same SOPR metric for bitcoin, we see that it is starting to move higher as investors exit positions at increasingly positive levels, which is a positive sign. However, this move higher is much less conclusive than Ethereum’s SOPR trajectory and sits at a comparatively less profitable level.

Fortunately, we are allowed more granular data on what specific cohorts might be driving this move in SOPR.

Below we chart the same trend as above for just long-term holders on chain. The 30-day moving average for long-term holders (entities known to hold their BTC for greater than 155 days) is seemingly starting to pull up, but it is not yet clear that this constitutes a decisive trend reversal. This demonstrates that long-term holders are fading rallies faster than those holding ETH.

Realized cap, or the overall cost basis of all holders in the Bitcoin network, is still trending downwards, which corroborates the behavior we see in the charts above. Realized cap can be best thought of as a proxy for the overall cost basis of the network. When realized cap is increasing, it means that more fiat is being exchanged for bitcoin at higher prices. Since this metric continues to slope downwards, despite prices rising over the past month, it is evident that holders with higher cost bases are exiting the market and selling to those with a lower cost basis.

Finally, perhaps the most important chart is the trend in hash rate. This shows a persistent downwards trend in capital being put to work to secure the network. This tells us that the current level of profitability is not conducive for new mining entrants and perhaps suggests that miners are still stressed, as we have intimated in previous notes. A push upward in both hash rate and realized cap would give us more confidence in bitcoin’s ability to perform in concert with ETH.

Strategy

We are long $BTC, $ETH, and $SOL into year-end and think that Merge-adjacent names, including $LDO, $RPL, $OP, and $MATIC, still present attractive opportunity for high-beta plays into the Merge. Long and medium-term investors should look to use any dips as buying opportunities. The recent rally, coupled with prevailing market narratives and miner dynamics, suggests it might be wise to be overweight large cap altcoins in the medium term.