- TrustSwap has said that it is “reworking multiple internal processes” following the Hatch DAO exit scam
- Victims called TrustSwap’s services “worthless” because it failed to protect them
- The team claimed that they never promised to offer comprehensive protection, and that investors should always be wary
TrustSwap, the protocol that helps DeFi teams build community confidence by locking team tokens, has promised that it will review its internal processes after the Hatch DAO exit scam last week. TrustSwap came in for criticism after a Hatch developer minted two million tokens and sold them all just a week after it had engaged TrustSwap’s services. Many thought that the use of TrustSwap mitigated the risks of what the community has come to call a rug pull, but after deflecting blame TrustSwap has said that they are “reworking multiple internal processes” following “feedback” from victims.
Hatch Rug Pull Accused of Undermining Token Lock Premise
Cryptocurrency is known for unscrupulous behaviour from project operators, who routinely pump their token price through marketing and alleged partnerships, sell at the top, and then leave the token to die, waltzing off with a handsome profit.
TrustSwap set out to remove the possibility of that by offering a “fully audited SmartLock Technology” service that locks team tokens, with many DeFi projects signing up to their protocol since their launch just a matter of weeks ago.
One of these was Hatch, who TrustSwap announced on September 18 had utilized their services to lock up the percentage of the tokens belonging to the team, meaning that it was theoretically impossible for team members to sell their tokens in a pump and dump.
However, when on Saturday a Hatch DAO developer crashed the token price and effectively killed the project by minting and selling two million tokens, questions began to be asked of TrustSwap, with many wondering how such an eventuality was possible:
So @hatchdao just exit scammed despite using @TrustSwap fully audited SmartLock trusted system. CEO @JeffKirdeikis said they can not prevent these types of things from happening. In that case I don’t understand the point of using a trusted secure 3rd party lockup system? 🔐🚨💸 pic.twitter.com/0lcfSfLH7I
— Alex Saunders 🇦🇺👨🔬 (@AlexSaundersAU) September 26, 2020
TrustSwap Goes on the Defensive
TrustSwap responded to the accusations by saying that their processes “worked as they should”, but that there are “multiple areas that are vulnerable in each project”, before giving a list of these areas:
Trustswaps Team Token locks worked as they should, but simply locking team tokens does not guarantee a project’s security.
There are multiple areas that are vulnerable in each project, beyond simply what founders hold.
This post lays out the areas you should watch pic.twitter.com/DfRgzEGNt2
— TrustSwap (@TrustSwap) September 25, 2020
They also reminded investors that they do not audit the code of the projects that use their services, lock liquidity, or do any other form of due diligence, leaving many ways in which projects can still rug pull after locking their team tokens up with TrustSwap.
This development led to more people accusing TrustSwap’s services of being worthless, given that it only addresses one issue in half a dozen, with TrustSwap emphasizing that they never promised to offer a one-stop shop for all things DeFi:
Our software worked exactly as advertised.
We never claimed to provide liquidity locks or team audits.
The last sentence clears up what the value proposition we offer is.
— TrustSwap (@TrustSwap) September 26, 2020
Fault Lies on Both Sides
All things considered, it seems that there is fault on both sides. TrustSwap never claimed to act as a kind of fully comprehensive insurance policy for DeFi projects, although the way they promoted themselves perhaps gave an impression that investors’ money was safer than it actually was.
It is understandable that TrustSwap would not advertise the fact that developers still had myriad ways to rug pull despite using their services, but at the same time it could be argued that they allowed this impression of confidence and security to foster incorrectly.
As a result, TrustSwap’s statement that they are reworking internal processes is much more likely to involve correcting the way they market their services to highlight the risks still involved, rather than working to expand their offering to cater for the other loopholes that nefarious developers can exploit.
Equally, investors in brand new DeFi projects should be aware that no service currently exists that rules out the possibility of a rug pull, and should exercise the relevant levels of caution.