It is not only possible to freeze assets held in an external wallet, but it is also relatively common. You might be surprised to find this out.
If you don’t own the keys to your crypto, then you don’t really own cryptocurrency according to many users and investors in this space.
Although censorship shouldn’t be an issue if you control your own private keys, recent events have shown that this isn’t always the circumstance.
While it might come as a surprise, freezing assets in an external wallet is not only possible, but also happens more often than one would think. However, unless you’re committing major crimes, the likelihood of this happening to you is still low.
Though this is not a widely-known fact, it is still wise to educate yourself on the matter. cryptocurrencies can, in fact, be frozen on-chain.
New to the crypto world? Don’t worry, we’ll explain everything you need to know before discussing how developers are able to freeze assets within a wallet.
ERC-20 tokens aren’t how they might feel when interacting with them. They are a reference to a database that manages which address holds what units of said token. The token contract is responsible for managing this database and transferring the tokens from one person to another while maintaining the supply constant.
This contract typically has the only authority to change the token holder database, so it could be used to prevent access to assets, seize tokens or eliminate them completely.
An address that is blacklisted by the smart contract will be unable to buy or sell the token. The only person who can update the smart contract with a blacklisted address is an admin.
While these features can be used for good, like warding off attacks or confiscating illicit funds, they could also be abused if someone were to gain admin control over a smart contract.
While blacklisting events are rare, most of them occur after some kind of illegal activity is detected in the smart contract. For example, an attacker could use an inflation bug to mint and transfer tokens to an address they control, or the police could request that assets be frozen pending investigation.
Tether (USDT) is one such token with these capabilities. The USDT smart contract has the capability of freezing and reissuing USDT.
The Tether token contract has had a blacklist function for some time now. According to Bloxy explorer, 704 smart contracts have been blacklisted by the Tether token contract over the last month, with new addresses added to the blacklist every few days. Most notably, in January of this year, Tether froze more than $150 million worth of funds held across three separate addresses. When asked for comment, all Tether would say is that the funds were frozen at the request of law enforcement officials.
Recently, the Acala team discovered and froze 16 wallets containing around 3 billion aUSD. This is a multi-collateral stablecoin that is pegged to the US dollar. There was an exploit which allowed aUSD liquidity providers to mint non-collateralized tokens without proper authorization. The team managed to recover most of these fraudulently minted tokens, but some had already been dumped onto Polkadot based DEXes by attackers.
Smart contract admins can freeze funds that may be associated with criminal activity on external DeFi applications. For example, Circle — a popular USDC issuer — recently froze several Ethereum addresses that had interacted with the Tornado Cash DApp, leaving them unable to send or receive USDC.
Not only Ethereum-based contracts have the capability to freeze, blacklist, and confiscate tokens. In fact, most layer-1 blockchains come with this ability as a built-in core feature of their token contracts. For example, XRP and Stellar both let developers create coins with a global freezing function—this way, the issuer can halt all token transfers if necessary.
Although it is frequently desired, freezing digital assets held on a blockchain is often impossible. Most people believe that they can freeze the primary cryptocurrency related to a blockchain, but this theory only applies to tokens. For example, BTC, ETH, BNB or XRP cannot be frozen unless they are stored on a centralized platform like an exchange site or with someone who manages custody .
These centralized companies usually won’t freeze funds unless they are given a police or court order. However, the company’s parent, issuer or admin may have the right to freeze assets even if there is no good reason.
All USDC issuers must comply with an approved blacklist request. Similarly, most fiat-backed stablecoins have this same capability.
The blacklist feature can be used to cut off funds involved in criminal activity, but it can also be abused by scammers through what are called “honeypot scams”. This usually happens when someone buys tokens that cannot be resold on a decentralized exchange.
The blacklist function can be used to automatically block outgoing token transfers from any address associated with a scammer. By doing this, scammers make it seem like their token is worth more than it actually is on DEX explorers.
When this happens, it creates a recognizable chart pattern featuring many green candles in succession with few to no sell orders intermittent.
The scammer, who is the only one with access to the whitelisted address(es), starts off the liquidity pool for the fraudulent token and waits for their LP tokens to increase in value as victims buy the unsellable token.
When the community discovers the scam and stops buying, the withdraw their LP tokens along with all of the funds from unsuspecting buyers.
There are many honeypot scams that launch each month across DEXes like Uniswap, PancakeSwap and QuickSwap.