The Multichain incident continues to send shockwaves through the cryptocurrency community as victims grapple with the aftermath of one of the most significant hacks of 2023.
The ordeal began back on May 31, when the developers of the Chinese cross-chain protocol, valued at a staggering $1.5 billion, announced on Twitter that the protocol was facing multiple technical issues and that the team was not able to fix these issues as they had been unable to establish contact with their CEO, Zhaojun He. Amidst all the rumours, the ordeal further escalated when on July 14, the developers confirmed what many had feared – that their CEO had been arrested by Chinese authorities back on May 21. This revelation was a blow to the protocol's credibility, which had been plagued by months of denials and uncertainty regarding the whereabouts of its core team, who were allegedly operating in Shanghai.
The lack of transparency surrounding Zhaojun's arrest has given rise to numerous questions. Little information has been disclosed regarding the charges or reasons behind his arrest. However, recent evidence points towards a larger crackdown on cryptocurrency-related activities by Chinese authorities, including an alleged money laundering operation involving Multichain funds. To add to the intrigue, it has been revealed that the CEO may have used a fake ID to register Multichain's operations, raising further doubts about the credibility of the project and its leadership.
Despite assurances of decentralization, the Multichain team disclosed that Zhaojun had exclusive control over the protocol's multi-party computation servers and private keys, all of which were handed over to the police. This centralized control led to the shutdown of the protocol and left users unable to access their locked assets. The magnitude of the incident became clear when it was disclosed that a staggering $1.5 billion worth of assets remained inaccessible due to the protocol's closure.
Later, in what the developers claim was “an attempt to rescue users' assets”, an action that reportedly led to Zhaojun's sister's arrest, some funds were swapped or bridged to unidentified wallets. However, according to Certik, the large outflows were the result of what appeared to be a private key compromise. As a result, unauthorized transactions and movements of digital assets were conducted, leading to significant outflows of tokens amounting to approximately $130 million across its bridges operating on the Fantom, Moonriver, and Dogechain blockchain networks.
During this tumultuous period, the Fantom Foundation, one of the most prominent users of the Multichain bridge before its collapse, reached out to victims. Through Telegram messages, the foundation revealed that it had engaged Chinese attorneys to assist in recovering funds and confirmed the detention of Zhaojun by Chinese police. Their efforts also shed light on the frozen funds by centralized exchanges and stablecoin issuers, which the foundation is striving to distribute to victims. While the Fantom Foundation's actions provide a glimmer of hope, uncertainties still cloud the future of these funds and the likelihood of full recovery for the victims.
Investigation Reveals Troubling Insights
In In the backdrop of these events, an alleged Singaporean business filing for Multichain was shared, and it listed “He Xiaokun” as the director of the company, which led many to believe that “Zhaojun He” was possibly a pseudonym for “He Xiaokun”. As the investigation continued, the Chinese national ID system revealed some troubling insight regarding Multichain’s directorship. A meticulous inquiry into the system using Multichain’s alleged Singaporean registration documents showed that the listed individual "He Xiaokun" was born on May 10, 1955. Similarly, an investigation into "Yang Qiumei," another director mentioned in the Multichain registration file, revealed a birthdate of July 20, 1957. What's more, both individuals were indicated as residing at the same address in a rural Chinese village. In contrast, the third director of Multichain – listed as “Xu Ruduo”, possibly indicating co-founder Alfred Xu, used a different type of identification. Curiously, Alfred Xu has remained inaccessible since the arrest of his colleague.
After Cointelegraph’s initial publication, sources reached out to Cointelegraph’s team, confirming that "He Xiaokun" and "Yang Qiumei" are none other than the parents of Multichain's CEO, Zhaojun He. This confirmation aligns with a 2019 post where the CEO's name was explicitly mentioned.
To further add to the ordeal, information examined by Cointelegraph's sources assert that since the beginning, Chinese authorities directed accusations of "money laundering" against Zhaojun, implicating him in the act of funnelling tainted assets through the Multichain protocol. Consequently, law enforcement attempted to seize all assets connected to the protocol, spanning users, enterprises, and those tainted by illicit activities, under the umbrella of proceeds of crime. While some of these seizures were thwarted due to actions by centralized exchanges and stablecoin issuers freezing the funds, the remainder reportedly transitioned into the control of Chinese authorities, as confirmed by the same sources.
Similar Patterns Across The Country
Multichain’s ordeal shares a lot of similarities with other incidents in the country, with a former member of the exchange CoinXP stating that back in 2019, the entire team was apprehended by Chinese authorities, after which the exchange’s funds were confiscated, and all operational activities came to an abrupt halt. Subsequently, Liang Liang, the CEO of the exchange, found himself facing charges of operating a "multi-level marketing operation" and a "pyramid scheme."
Another similar pattern surfaced on May 29 when Chinese crypto exchange BKEX ceased withdrawals, citing the necessity to cooperate with law enforcement over allegations of "money laundering." Since that point, the exchange has been conspicuously inactive, and much like Multichain, its team members have vanished from the scene. Notably, the exchange's social channels have gone quiet, and its website is no longer accessible.
Another parallel incident revolves around the complete disappearance of the development team behind the offshore issuer of the Hong Kong dollar and Chinese yuan stablecoin, Trust Reserve. This disappearance occurred subsequent to a police raid on the company's office in May. Unfortunately, the exact charges remain undisclosed.
Where Do Things Go From Here?
One troubling similarity across these incidents is that law enforcement has refrained from disclosing charges against protocol developers to investors, leaving them in the dark about the process required to reclaim their funds and prompting allegations of corruption within the Chinese legal system. According to Wuwei Liang of CoinXP, the deliberate lack of transparency stems from law enforcement potentially exploiting the legal framework to facilitate corruption, enabling them to siphon investors' capital for personal gain. This alleged strategy involves coercing parties, including arrested crypto executives, into compliance, server shutdowns, surrendering private keys, and pleading guilty under the promise of leniency.
Nevertheless, the Chinese government has yet to provide any answers to investors' queries concerning the whereabouts of the funds and the reasons behind their non-restitution, leaving individuals and involved groups in the dark regarding the destination of their hard-earned finances. However, one thing we can be certain of is that the Multichain Exploit will go down in history as one of the most severe crypto hacks of 2023.
Hopefully, the catastrophe will be seen as a cautionary tale of the dangers of centralization, serving as a stark reminder of the ongoing challenges facing the cryptocurrency industry, and the need for security, transparency, and accountability in the rapidly evolving world of decentralized finance.