Japanese Banking Giant Joins Tech Firms to Build Cross-Chain Stablecoin Infrastructure

Singapore’s UniPass Plays Role in ERC-4337 Vulnerability FixSmart contract wallet provider UniPass and crypto infrastructure firm Fireblocks have successfully addressed a significant vulnerability in the Ethereum ecosystem.Photo by Nenad Novaković on UnsplashAccount abstraction vulnerabilityThis vulnerability, identified as the ERC-4337 account abstraction vulnerability, posed a critical security risk to hundreds of mainnet wallets. The joint effort between Fireblocks and UniPass was detailed in a blog post published to the Fireblocks website on Thursday.This vulnerability, if exploited, could have enabled a malicious actor to execute a complete takeover of the UniPass Wallet by manipulating Ethereum’s account abstraction process. The vulnerability represented a substantial threat to the security of smart contract wallets, as it could lead to unauthorized access and fund drainage.Improving user experienceAccount abstraction, as dealt with via ERC-4337, is a mechanism that introduces a novel way of processing transactions and interacting with smart contracts on the Ethereum blockchain. It allows for a more flexible and efficient handling of transactions, transcending the traditional distinction between externally owned accounts (EOAs) and contract accounts.EOAs are controlled by private keys and can initiate transactions, while contract accounts are governed by the code of a smart contract. When an EOA initiates a transaction with a contract account, it triggers the execution of the contract’s code. Account abstraction introduces the notion of abstracted accounts, which are not tied to a specific private key and can initiate transactions and interact with smart contracts, similar to EOAs.In the context of ERC-4337, an account executing an action relies on the EntryPoint contract to ensure that only signed transactions are executed. Typically, these accounts trust a single audited EntryPoint contract to validate user operations before executing commands. However, the vulnerability resided in the fact that a malicious or buggy EntryPoint contract could potentially skip the validation step and directly call the execution function, bypassing essential security measures.This vulnerability, identified by the two firms, had allowed attackers to seize control of UniPass wallets by replacing the trusted EntryPoint of the wallet. Once this takeover was completed, the attacker could access the wallet and drain its funds.It’s worth noting that the vulnerability posed a threat to several hundred users who had activated the ERC-4337 module in their wallets, making them susceptible to exploitation by any actor on the blockchain. Fortunately, the wallets affected by this vulnerability contained only small amounts of funds, and swift mitigation efforts were successful in preventing further harm.Company mergerEarlier this year, Singapore’s UniPass merged with Chinese wallet provider Keystone to form Account Labs, a company which has been incorporated in Singapore. At the time, Keystone founder Liu Lixin outlined that further developing account abstraction-derived products was the objective of the creation of Account Labs. He stated:“We are on the cusp of a Web3 Account Abstraction revolution. Together, we’ll drive rapid transformation, making the transition from Web2 to Web3 effortless for users. Our goal is to ensure everyone can securely and smoothly manage a decentralized account. We welcome partners to join us in advancing the Web3 account domain.”In furthering that objective, Account Labs announced on Thursday that it had raised $7.7 million in a funding round led by Amber Group, MixMarvel DAO Ventures, and Qiming Ventures.

FanC – a South Korean blockchain reward project designed for creators and users of the Watch-to-Earn short-form video app CELEBe – has signed a business agreement with Coins.ph, the largest cryptocurrency exchange in the Philippines. Through this agreement, the two companies aim to expand their respective global ecosystem through fanC’s rewards system, according to an article by local news outlet Daehan Kyungjae.Photo by Lance Anderson on UnsplashEmpowering creators and rewarding viewersThe CELEBe app aims to bring content creators and viewers together through Create-to-Earn and Watch-to-Earn mechanisms. The platform has notably collaborated with some 4,000 well-known figures, ranging from actors and singers to YouTubers and athletes. Connecting communitiesUnder the agreement, fanC's reward token (FANC) will be available for trading on Coins.ph, allowing fanC to deepen its roots not only in the Filipino market but also in the larger Asian blockchain community. "This agreement marks an important step in fanC's global expansion strategy," said Lee Dong-ho, CEO of fanC. "Through our collaboration with Coins.ph, we will build a stronger global network." Meanwhile, fanC plans to continue to strengthen its partnership with Coins.ph through activities like global meetings to lead the growth of its global fan community. The platform is thus committed to consistent technological development and innovation through collaborations with various global partners. Through these efforts, it aims to provide new value by building an ecosystem that connects the global blockchain community.

How will Binance’s criminal case affect its presence in South Korea?Binance, the world’s largest cryptocurrency exchange, has reached a settlement with the U.S. government to pay a fine of more than $4.3 billion after the exchange was accused of anti-money laundering (AML) and sanctions violations. Co-founder and CEO Changpeng Zhao also pleaded guilty to violating the Bank Secrecy Act, which requires financial institutions to submit documentation to prevent them from becoming mediums for criminal funding. Binance will thus be withdrawing completely from the U.S.Photo by Vadim Artyukhin on UnsplashNews of this incident has sparked keen interest within the South Korean crypto industry regarding the impact it could have on Binance’s presence and influence in the country.Murky future for Binance as Zhao resignsBinance allegedly failed to report transactions involving criminal entities such as terrorist groups, ransomware perpetrators and money launderers without implementing a system to prevent such crimes. In particular, organizations like the Izz ad-Din al-Qassam Brigades — the armed wing of the Palestinian militant group Hamas — as well as the Palestinian Islamic Jihad and ISIS were found to have utilized Binance as a channel for their funds. Furthermore, the exchange also facilitated transactions with users in sanctioned territories such as Iran, North Korea and Syria.Zhao has subsequently decided to step down as Binance’s CEO, taking to his X (formerly Twitter) account to state that he believes it is the right move. However, he also emphasized that the U.S. government did not accuse Binance of misappropriating user assets or engaging in market manipulation.Despite this fiasco, some insights have painted Binance’s future in a positive light. JPMorgan, the largest bank in the U.S., stated that the uncertainty surrounding Binance itself would diminish. “For crypto investors, the prospect of settlement would see the elimination of a potential systemic risk emanating from a hypothetical Binance collapse,” the bank said, according to an article published by digital asset news outlet The Block.GOPAX reaffirms partnership with Binance despite concernsGOPAX, a Korean fiat-to-crypto exchange that was acquired by Binance in February, also maintained a rather unexpected positive outlook. The acquisition had been followed by a complicated string of events hindering Binance’s full-fledged expansion in Korea, including delayed approval from the country’s Financial Intelligence Unit (FIU) to become a virtual asset service provider (VASP) and multiple leadership changes as a result.Investors in GOFi — GOPAX’s decentralized finance (DeFi) service — subsequently responded by filing a lawsuit at the end of June, claiming that financial authorities unjustly delayed the approval. They argued that, by approving the request, the FIU would enable Binance to provide the capital that GOPAX had struggled to gather to pay principal and interest payments on GOFi in the wake of last year’s FTX collapse.However, these circumstances did not sway GOPAX’s decision to work with Binance. “We learned of the news about Binance’s fine through articles from foreign media platforms,” GOPAX said. “Regardless, we are still in a business and technical partnership with the exchange.”Prospects for Binance’s landing in KoreaIn contrast to GOPAX’s seemingly positive outlook, the Korean crypto community has voiced mixed opinions about the effect of this development, especially on Binance’s successful entry into the domestic market.If GOPAX’s VASP approval had been delayed due to concerns about Binance’s suitability as its largest shareholder — incited by the legal risks it posed in the U.S. — the possibility of the approval going through may be more plausible as some of these risks have since been alleviated, said Yoon Seung-sik, an analyst at Seoul-based research firm Tiger Research.However, Jang Hye-won, an analyst at crypto data research platform Xangle, pointed out that interpretations may differ depending on the reasons behind FIU’s hesitation in approving the GOPAX acquisition. “If the concerns revolved around legal risks, then the path for Binance’s entry into Korea may seem cleared since those risks have been resolved. But if the concerns are about Binance’s capital inflow into the country, then this incident (Binance’s criminal case) will have no effect,” she explained.On the other end of the spectrum, some experts believe that this incident may have negatively affected the GOPAX acquisition. Hwang Suk-jin, a professor at Dongguk University’s Graduate School of International Affairs & Information Security and a member of the ruling People Power Party’s committee for virtual assets, stated, “Since criminal punishment for Zhao and the U.S. Securities and Exchange Commission’s (SEC) lawsuit are still pending, it’s hard to conclude that legal risks have been completely resolved. Binance paying a fine for money laundering may actually reinforce the FIU’s concerns about legal risks, making the GOPAX acquisition decisively unfavorable.”These statements come after a public opinion survey conducted earlier in June by Cratos, a Korean blockchain-based polling app, revealed that a 64.6% majority of respondents favored approving the GOPAX acquisition.