The Juno blockchain’s trials and tribulations continue, with a mistake sending millions worth of JUNO tokens into an inaccessible address. The incident has left the community red-faced while developers, validators, and token holders deal with who is to blame for the copy-paste error.
The protocol was on the verge of resolving a long-standing issue with the transfer of tokens into a community wallet before the latest developments put a spanner in the works.
The Backstory
Barely a few days earlier, the Juno community had voted to seize millions of dollars worth of JUNO tokens from a whale that was accused of gaming a community airdrop. As a result, Juno Proposal 20 was passed with overwhelming support, revoking tokens from the whale in question, Takumi Asano. This was also the first instance of a blockchain community collectively taking action against an individual and altering their token balance after they had acted against the interests of the protocol.
The proposal was set to strip around 3 million JUNO from Asano and transfer it to a community-controlled wallet, with the funds now worth around $36 million. However, things didn’t go as the community had planned, with the tokens being sent to the wrong address.
A Not So Simple Copy-Paste
A member of Juno’s Core-1 founding developer team, Andrea Di Michele, revealed that the botched transfer happened thanks to a mistake while copy-pasting the address. Di Michele stated,
“When I gave the [Proposal 20] developers the address of the [Unity] smart contract, I pasted the address of the smart contract and just underneath put the transaction hash. But I didn’t write ‘the transaction hash is this,’ I just put the transaction hash.”
It turns out the developers inadvertently copied the transaction hash instead of the wallet address. This resulted in the funds moving to a part of the Juno blockchain that no one, not the developers or Asano, can access.
The Blame Game
Technically, it is the validators that deploy nodes running the proof-of-stake blockchains which are responsible for due diligence. This is true with Proposal-20 as well. Ultimately, it is the community of validators that issues blocks, secures the network, and processes upgrades in a decentralized manner.
Out of all of Juno’s validators, none noticed that the address was incorrect. According to Daniel Hwang, head of protocols at Stakefish, the events that unfolded were the fault of validators, who were the ones that executed the code that sent the funds into an inaccessible location.
“Devs can mess up … but at the end of the day, there should be trust assumptions that cannot be relied on. Validators should have due diligence for ourselves to actually check the code we’re executing and running.”
How Will This Play Out?
While Takumi Asano was rather mocking of the outcome for Juno, the core team is still intent on moving the funds into the community-controlled Unity contract. The current plan is to move the funds to the Unity address through a planned upgrade to the blockchain, which will rewrite Juno’s ledger, assigning the stranded funds to Unity. The new proposal, Proposal 21, looks on track to pass.
A Series Of Setbacks
Juno has received significant support from the Cosmos blockchain community after a series of setbacks. The community had initially voted to revoke Asano’s tokens in March, but a smart contract attack the following month rendered the chain offline for days. As a result, JUNO’s value has plummeted from $40 to around $10.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2022/05/a-36-million-typo-human-error-sends-juno-tokens-to-an-inaccessible-address