Crypto community audits "Euro Stablecoin EURCV" code: each transaction requires approval, has a Rugpull backdoor
French investment bank Societe Generale recently announced the launch of a Euro stablecoin, EURCV, on the Ethereum blockchain. However, the crypto community discovered numerous flaws after examining its code.
Table of Contents
Societe Generale Launches EUR CoinVertible EURCV, the First Euro Stablecoin
French bank Societe Generale's SG-FORGE announced the launch of the Euro stablecoin EUR CoinVertible EURCV on April 20th, with the following features:
Open-source smart contract code
Deployed on the Ethereum blockchain
Available only to qualified investors compliant with KYC/AML regulations
Designed to bridge the gap between traditional markets and digital assets
The collateral value and composition of EURCV can be viewed on the Societe Generale website
With the code being open-source, issues with EURCV were quickly discovered by the crypto community.
All EURCV Transactions Require Approval
Developer foobar pointed out:
This is the worst code I've ever seen, every ERC20 token transfer must be submitted for central approval, it's a joke, is this your CBDC?
Foobar sarcastically remarked that because cryptocurrency settlement efficiency far exceeds traditional institutions relying on cumbersome fax documents, threatened traditional institutions have launched similar ERC20 tokens that still require fax documents for settlement.
France launched a stablecoin on Ethereum and it's the worst code I've ever seen
Every ERC20 single transfer has to be approved in a separate eth tx submitted by a centralized registrar
What a laughingstock, is this your CBDC?https://t.co/hKkHiQTCyN pic.twitter.com/S6tRfh54wz
— foobar (@0xfoobar) April 20, 2023
EURCV Has Backdoors and Can Be Completely Destroyed
Engineer cygaar pointed out that EURCV has backdoors, allowing the initiator to take all funds and also has a destruction mechanism.
The new Euro-pegged stablecoin from SG-Generale (a French Bank) has a function that allows them to take all of your money lol pic.twitter.com/auqOrEOw6Y
— cygaar (@0xCygaar) April 20, 2023
In fact, these mechanisms are inconsequential to a "bank"; even if a bank were to exploit related vulnerabilities for arbitrage, government agencies would intervene for investigation. Ironically, if this were to occur in the decentralized and proud DeFi space of the crypto realm, currently, there may be no protection for any users.
Returning to the point, the crypto community wonders why Societe Generale did not simply operate EURCV through a centralized settlement layer. Does integrating ERC20 tokens and building on a public chain make sense?
Foobar pointed out that Societe Generale's token transfer function does not include any tokens and is completely incompatible with any ERC20 applications.
Overall, the crypto community seems to hold banks to a higher standard, but some optimistically view this as a way to further introduce and adopt Ethereum among bank users, which is still a positive development.