The rapid ascent of Blast, a new Layer 2 (L2) solution on Ethereum, has garnered significant attention after surpassing $300 million in Total Value Locked (TVL) since its launch on Monday, according to data from DefiLlama. This milestone, however, raises several questions and concerns within the crypto community, particularly regarding legal and security aspects.
Blast, created by Tieshun Roquerre, aka ‘Pacman,’ the founder of the NFT marketplace Blur, aims to innovate within the Ethereum ecosystem by introducing a native yield generation model for ether and stablecoins. This approach has been met with enthusiasm from investors and users, demonstrated by the rapid accumulation of assets within the platform. However, this achievement is not without its challenges and criticisms.
One significant concern is that Blast has not yet enabled withdrawals, meaning that funds are essentially locked within the platform. Withdrawals are scheduled to be enabled on February 24 of the next year, raising questions about liquidity and control over assets in the interim.
Further complicating the situation, the control of Blast is currently vested in a multisig contract, managed by five signer wallets with unknown identities. This setup adds another layer of uncertainty, especially since Blast, at this stage, lacks key features like a testnet, transactions, bridges, rollbacks, and sending transaction data to Ethereum.
From a technical standpoint, security risks associated with Blast’s multisig setup have been brought to light by Jarrod Watts, an engineer at Polygon. Watts detailed potential vulnerabilities in the platform’s architecture, specifically the “enableTransition” function and the “mainnetBridge” contract. These elements could theoretically allow unrestricted access to all staked ETH and DAI, posing a considerable risk to investors’ assets.
“Blast is just a 3/5 multisig…”
I spent the past few days diving into the source code to see if this statement is actually true.
Here’s everything I learned:
— Jarrod Watts (@jarrodWattsDev) November 23, 2023
Legal experts and industry observers have voiced concerns about the regulatory landscape surrounding such projects. Figures like Gabriel Shapiro, general counsel at Delphi Labs, and Wassielawyer, a pseudonymous crypto legal expert, have expressed frustration with the inconsistent application of securities laws within the crypto space. Even though he didn’t explicitly mention Blast, Shapiro pointed out the disparity between the treatment of conservatively structured projects and those with clear securities law violations that still manage to secure significant venture capital backing. Wassielawyer highlighted the paradox of advising clients on compliance in a sector where projects, such as Blast, are perceived to market securities publicly, including in the U.S.
This is probably the most frustrating thing about BLAST.
Have spent hours explaining to clients why they can’t run on-chain hedge funds with anon LPs or dangle token incentives… while a Paradigm backed MLM straight up markets securities to the public.
Including in the US. https://t.co/MED5fUmpkt
— wassielawyer (哇西律师) (@wassielawyer) November 23, 2023