Parsiq and Centralized Governance
On October 6th, CoinMetro, a centralized exchange and the primary exchange on which Parsiq was traded, was hacked and had a significant number of both its native XCM and Parsiq’s PRQ token drained from its hot wallets. As a result of this hack and, moreover, the Parsiq team’s actions to correct the hack, PRQ’s price fell to a low of $0.001 USD on October 7th—down from around $0.12 the day prior.
To correct the hack and restore token holders’ balances, the Parsiq team forked the platform and smart contract. A ‘snapshot’ was taken of user balances immediately prior to the hack and was used to issue new PRQ tokens to users, making the old PRQ tokens fundamentally worthless. The Parsiq team subsequently used the old version of the tokens to drain Uniswap’s ETH:PRQ liquidity pool in a “white-hat attack,” causing a flash crash. The ETH was used to create a new Uniswap liquidity pool, with the new PRQ token being distributed to existing users. During this process, the Parsiq team arranged for trading to be halted on all centralized exchanges.
In the days following, PRQ’s exchange rates appeared to have returned to normal, pre-hack levels. Thus, it seems that the team’s actions were effective in rectifying the damage caused by the incident. It should be noted that, though Parsiq was damaged by the hack, this was merely the result of a large portion of its native asset being removed from holders’ exchange wallets and not because of any element of Parsiq’s infrastructure being compromised either on- or off-chain. In fact, the tactics employed by the Parsiq team to reverse its own losses closely resemble those it has previously marketed to similarly affected projects, a use case for which elements of its technology were arguably tailor-made. Most notably, Parsiq’s snapshot services were being employed by NOIA Network to compensate for the effects of the KuCoin hack at the time of the CoinMetro breach.
Whether it be Parsiq’s actions to rectify its own losses or those of NOIA, any situation in which a project’s team or its agents are able to unilaterally reverse the effects of an attack seemingly places a spotlight on the degree to which control over the protocol’s governance and related outcomes are centralized. Many believe that such centralized governance is preferable given its facilitation of efficient and decisive action to secure and improve protocols, while others argue that this same power can easily be used to exploit or derail a protocol and that trusting centralized actors to behave benevolently is naive. This debate regarding the tradeoffs between the certain benefits and assurances implied by centralization and those implied by decentralization—and, more importantly, the ethics thereof—has been ongoing in the blockchain industry since its inception.
While, superficially, the persistence and ubiquity of debate over tradeoffs between centralized and decentralized governance may indicate such consideration is applicable to Parsiq’s situation, it is not entirely. Because the utility of PRQ was solely dependent on the functionality of Parsiq’s off-chain application and services, Parsiq’s on-chain elements, namely the underlying PRQ smart contract, provided no intrinsic value other than the provision of the PRQ token. That is, any token contract linked to Parsiq’s off-chain services would inherently confer the value thereof. Thus, it is inconsequential whether or not on-chain governance of Parsiq’s smart contract is decentralized because, as long as Parsiq remains in control of the linkage between it and its off-chain services, its team can always replace the existing smart contract with a new one in the event it objects to any changes made to the former. Indeed, such utility tokens have never been subject to the same tradeoffs discussed above. Any token whose value capture relies on the provision of off-chain services is expendable and replaceable, making its governance of its underlying contract effectively negligible.