Bybit Discovers Hidden Fund-Freezing Features in 16 Blockchains
Date: 2025-11-13 Author: Gabriel Deangelo Categories: BLOCKCHAIN
The Lazarus Security Lab, an analytics division of the Bybit crypto exchange, discovered that sixteen popular blockchains, including BNB Chain, Aptos, and Sui, have built-in tools to restrict the movement of user funds. According to experts, similar functionality is also present in the Chiliz, VIC, XDC Network, VeChain, Harmony ONE, HVH, Supra, EOS, Oasis Network, WAX, Linea, Waves, and HECO Chain networks.
Furthermore, 18 other ecosystems—such as Arbitrum, Cosmos, Axelar, Celestia, dYdX, Kava, and Terra—provide the ability to quickly activate a freezing mechanism at the discretion of validators or developers.
The study covered 166 networks, which the experts classified into three types of interference. The first category includes functions built into the code at the protocol level. A similar mechanism was first used in 2019 on VeChain, when developers blocked blacklisted addresses following a $6.6 million hack. A similar practice is used on BNB Chain.
The second group includes locks managed by validators, foundations, or developers, which can temporarily restrict access to assets.
The third type is based on system smart contracts, as in HECO Chain: there, the blacklist is stored in a separate contract, changes to which are instantly reflected throughout the network thanks to constant data reconciliation by validators.
An example of the use of such tools was the incident with the Cetus decentralized exchange on the Sui blockchain. After a hack of approximately $220 million, the network's developers froze $162 million and later returned it to the platform's liquidity pool.
Bybit's Head of Risk Management, David Zong, noted that despite the principles of decentralization, most blockchains are creating flexible tools to protect users. He argued that such solutions help minimize damage from hacker attacks, although they also raise questions about trust in DeFi systems.
The news sparked a mixed reaction in the crypto community. Users accused the developers of abandoning the ideals of decentralization. "If someone can freeze your funds, they're no longer yours," wrote one participant. Some compared such mechanisms to centralized solutions from the Web2 era, calling them a threat to trust in DeFi.
However, representatives from ACY Securities stated that Bybit's statements were exaggerated. They believe the "hidden code" is a standard element of network governance and is intended for updates, not for manipulating user assets.
Previously, independent developers presented the Ethereum R1 project—a "neutral rollup" without a token or centralized control, which, according to them, should return decentralization to its original meaning.
