The main problem with amateur investigations is, of course, that they lack teeth. The Twitter threads or blog posts in which crypto-sleuths reveal their findings are only good for warning potential victims or shaming perpetrators. The hope is that people will care enough about their reputations to make amends. That happened with Divergence Ventures, and earlier with NFT marketplace OpenSea, which in September found itself at the center of another “insider trading” scandal after a Twitter user accused its head of product of hoarding NFTs by artists who were about to be featured on OpenSea’s homepage, thus profiting from the spike in hype. The head of product was forced to resign.
But when shame doesn’t prompt change, there’s little one can do. Many of the behaviors that crypto-sleuths expose take place in a regulatory vacuum. “Insider trading has a very specific meaning—using nonpublic information when trading on the stock market,” says Nick Price, a crypto-asset disputes specialist at law firm Osborne Clarke. “These tokens are not stocks and shares. NFTs aren’t regulated, so it is not insider trading.”
Cases of fraud, such as thefts of crypto or manipulating a smart contract, can be reported to the police, Price says. But he says the level of scrutiny coming from the cryptocurrency community, and the quality of the information that it can crowdsource, is “unprecedented.” For instance, in October the users of DeFi protocol Indexed Finance said they had unmasked the person who had carried out a $16 million heist on the network—although negotiations with the hacker to recover the funds ultimately did not pan out. The team is working “to determine which authorities have jurisdiction over the attack,” according to a recent Twitter post.
The blockchain’s open ledger is a big advantage for investigating mischief. It “leaves a much better audit trail than in other sectors,” Price says. “There is more information out there for people who are willing to do the technical analysis.”
That said, there are risks in relying on anonymous Twitter accounts to police a feverish, high-stakes online space. In May, @WARONRUGS, a Twitter-based watchdog who made a name as a fiery scam-hunter, allegedly ran away with almost $500,000 in stolen crypto. Even discounting instances of extreme dishonesty, some worry that a system based on online call-outs is just too prone to abuse. Mitchell Amador, founder of Immunefi—a company that brokers “bug bounty” deals between hackers and DeFi developers—is critical of what he calls “the crowdsourced panopticon” and points to the Twitter abuse heaped on Harris, the young Divergence Ventures employee who had run the wallet used to orchestrate the airdrop operation. Harris, who is still a college student, was targeted with dozens of mocking, taunting, and insulting tweets. Divergence Ventures said she was not to blame for the firm’s actions, but Harris still deleted her Twitter bio and went silent on social media.
Gabagool acknowledges that there is a “sinister side” to policing by Twitter. “I think, for some people, it’s reminiscent of a kind of ‘cancel culture.’ But that was really not my intention,” he says. For him, self-regulation is still the best route to preserve DeFi’s space of freedom and innovation. Failing that, he fears that “there will be something else that emerges. And I can’t guarantee that alternative will be beneficial for the community,” he says.
It might already be too late to stave off that scenario. In September, the US Securities and Exchange Commission launched an investigation into Uniswap Labs, the developer of DeFi exchange Uniswap. SEC chair Gary Gensler has said some DeFi protocols could eventually be subject to securities regulations.
“The question is, do we use an open system people created themselves? Or do we use the long arm of the state?” Amador says. “Either way, we’ll end up with some form of regulations—there’s no doubt about that outcome. Right now, we are still in that adjustment period.”
More Great WIRED Stories