Bybit freeze exposé highlights decentralization transparency issues

A report from Bybit’s Lazarus Security Lab today claims that 16 blockchains have built-in fund freezing measures, while an additional 19 are capable of the same freezing with some minor tweaks, raising concerns around decentralization and transparency. 

Researchers used artificial intelligence (AI), alongside manual review, to look into 166 different blockchains to determine their freezing capabilities.

The full report found 16 chains utilizing three methods of freezing mechanisms, namely hardcoded public blacklists, config file-based freezing methods utilizing private blacklists, and a blacklist enforced through an on-chain smart contract. 

Hardcoded freezing mechanisms are built directly into the chain and are utilized by Binance’s BNB Chain, as well as Chiliz, Viction, XDC Network, and VeChain. 

Circle rarely freezes stolen funds but wants reversible transactions

Read more: FBI confirms North Korean ‘TraderTraitor’ to blame for $1.5 billion Bybit hack

The config file-based freezing, which relies on a blacklist stored in local configuration files and managed by validators, the foundation, and core developers, is used by Harmony ONE, HAVAH, Apts, Supra, EOS Network, Oasis Network, WAX, Sui, Linea, and Waves.

Only the Huobi Eco Chain utilizes on-chain smart contracts. 

BNB Chain and VeChain were able to use their hardcoded freezing methods in response to a $570 million bridge exploit and a $6.6 million breach, while Sui froze $162 million in stolen assets following the Cetus hack.

The report also found that 19 blockchains could implement these methods with some “relatively minor protocol changes.” 

These blockchains include Arbitrum, Cosmos, MANTRA, Terra, Axelar, Babylon, Celestia, dYdX, Dymension, Dymension DYM Evm, Evmos, Initia, Kava, Nillion, OKExChain, THORChain, Sei, Secret Network, and XION.

VeChain disputes Bybit’s findings

VeChain has described Bybit’s report as “clickbait” and “factually incorrect,” claiming that it “categorically” does not have freezing capabilities embedded directly in its source code.

It also claims that during the 2019 breach, VeChain’s “community approved a one‑time blocklist to protect the ecosystem,” in which funds were neither seized, nor reallocated.

Reports based on ByBit’s allegations that VeChain operates a “hidden” freezing function are false.

As proponents of transparency & community governance, VeChain does not, and never will have such a function.

Full details: https://t.co/YTnhE3iBRh

TL;DR 👇🧵 https://t.co/ZT265lx8V1

— VeChain (@vechainofficial) November 12, 2025

This community governance decision allowed validators to reject the identified address and approved the burning of 727 million VET tokens, “resolving the incident transparently on‑chain.”

It said, “VeChainThor’s software includes consensus‑level checks that allows validators to reject transactions, once enabled through community governance, rendering the affected assets immovable. It does not grant any party the ability to move, seize, or unilaterally ‘freeze’ funds.”

Bybit’s Lazarus Security Lab calls for greater freeze transparency 

Bybit’s report suggests that blockchain foundations and firms aren’t being fully transparent about their freezing capabilities, and in turn, the extent to which they are truly decentralized.

It concluded, “The presence of these mechanisms fundamentally challenges the foundational principles of a decentralized ecosystem and necessitates further discourse within the blockchain community, but it has prevented hackers from stealing funds.” 

An openness about these on-chain freezing capabilities and emergency intervention mechanisms, it says, is key to blockchain governance and should be publicly disclosed more often.  

A31 Labs’ Armin Reiter notes that any blockchain can implement freezing. He argues that the real differentiator is “how decentralized a system is and if the validators/miners accept the change or not.”

Lightning Network gets ‘real bitcoin’ reality check

Read more: Garantex says ‘USDT in Russian wallets under threat’ as Tether freezes $27M

He claims that such freezes will not be implemented on Bitcoin because there’s strong community consensus against it and that the most important takeaway is which chains have already accepted these tradeoffs.

In some cases, these freezing mechanisms have failed. Crypto security firm GoPlus Security highlighted that the hacker of DeFi exchange Balancer bypassed a freeze on the Sonic chain, and moved roughly $3 million worth of crypto from a frozen address to a new one. 

The firm claimed the hacker was able to do this because the freeze only affected its native token and not other ERC20 tokens.

Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.

Edit 12:35 UTC, Nov 13: Updated piece to include comment from VeChain.