The launch of Ethereum Classic and its support by the community has raised a lot of questions. More particularly, what about the exchanges where users can buy Ethereum with Bitcoin and then have it sold back to double their holdings? Apparently, such a scenario is possible when using Coinbase, GDAX, and Poloniex, according to several Twitter users.
The concept of this entire procedure is very simple and straightforward, although it is not advisable to do so. One Twitter user mentioned how it is, in theory, possible to double one’s Bitcoin by using Ethereum and Ethereum Classic. To pull these attacks off, however, users will need to verify their identity with at last two out of three platforms involved. Do keep in mind these companies can sue users for exploiting this loophole if they wanted to.
Tricking Coinbase And GDAX
It is not entirely surprising this method involves two exchange platforms which do not support Ethereum Classic at this stage. In fact, both GDAX and Coinbase have been dabbling around with Ethereum for a just a short while. As a first step, Bitcoin holders would need to transfer BTC funds to their Coinbase wallet. Once the funds cleared, send it from Coinbase to the GDAX exchange as soon as possible.
Users can exchange Bitcoin for Ether on GDAX – albeit they can do so on Coinbase as well – and the obtained ETH funds need to be transferred back to Coinbase. From that wallet, users should then sluice the funds to Poloniex, in the hopes of having their account credited with both ETH and ETC at the same time.
Pulling off this exploit is still possible if one is lucky enough to buy Ether from Coinbase, which were not moved before the hard fork. Since the exchange put zero preparation into avoiding replay attacks from happening, users are effectively able to double their Bitcoin balance once the funds go from CB to Poloniex.
Despite the best efforts by Poloniex to prevent replay attacks from happening, there is little they can do about funds being “marked” as “pre-fork”. GDAX and Coinbase need to sort these issues out as soon as possible before things get out of hand. However, they do not seem inclined to do so for the time being.
Keeping User Funds Hostage In Cold Storage
Perhaps it is good neither Coinbase nor GDAX is trading Ethereum Classic at this time, considering how users can exploit this bug across these two platforms for quite some time. Moreover, there is a bigger question as to how either of those platforms will reimburse users who rightfully own ETC in the first place.
GDAX has announced they will let users withdraw funds equal to the amount of ETH they had in their wallet at the time of the hard fork. However, all of the funds generated after the fork will remain in GDAX’s custody. Coinbase remains tightlipped on their plans, and they will probably wait and see what happens to the GDAX withdrawals first.
Luckily, these issues seem to be much harder to pull off as we speak. Poloniex ensures all incoming funds goes to either the ETC or ETH blockchain respectively, instead of having the two linked together. Situations like these could have been avoided if all Bitcoin/Ethereum exchanges had taken proper countermeasures in the first place.
Source: Reddit
Header image courtesy of Shutterstock
