Author

Topic: Is it possible for a token creator to take back the tokens sent to someone (Read 570 times)

hero member
Activity: 1750
Merit: 589
It depends on the token. Bitcoin, no. EOS, yes. Others, maybe.
Well, technically if the token is bitcoin, the creator cannot because bitcoin is backed by blockchain and blockchain is designed to have irreversible activities and it will be hard to get back the token if you'll do it alone without the knowledge of whom you sent it and not request them to give it back to you. But if the token isn't bitcoin, anythibg is possible depending on the smart contract. If certain people implemented that tokens they distributed during they campaign mught be taken back once unused, they probably can.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
As many of the previous posters explained, anything is possible if it was implemented in a Smart contract. Some of these people will launch a specific campaign to distribute these tokens and then they implement a recall of all tokens that was not used within a specific time frame.

So you can have a massive air drop of tokens and you code a recall of unused tokens if the receiver has not shifted those tokens or used it within a predetermined time frame. Obviously the developer wants these tokens to be used and not be left in a wallet or even lost for a definite amount of time.   Wink
legendary
Activity: 2604
Merit: 2353
I am having an argument with some people and they said that an Ecr20 token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.

I want to send them a link to this thread with opinions of crypto experts in this forum so we can know who is right.
Yes you can do that with Ethereum tokens but you can't call them ERC20... rather "shitty tokens" I would say  Roll Eyes

In fact in many ERC20 smart contracts you can transfer coins of other people... but only if they allow you to do it

This is the "allowance" function : the owner of the coins allows the address he chooses to send his coins to whoever the address wants, in the maximum amount he defines.

For example in the BNB smart contract, you will find :
https://etherscan.io/address/0xB8c77482e45F1F44dE1745F52C74426C631bDD52#code  
Code:
/* Allow another contract to spend some tokens in your behalf */
    function approve(address _spender, uint256 _value)
        returns (bool success) {
if (_value <= 0) throw;
        allowance[msg.sender][_spender] = _value;
        return true;
}
msg.sender is the variable that brings the address of the user executing the contract, so as you can see, the contract just fulfills a box of a matrix corresponding to your address and the address of your mandatary with the maximum amount you've allowed

Code:
/* A contract attempts to get the coins */
function transferFrom(address _from, address _to, uint256 _value) returns (bool success) {
        if (_to == 0x0) throw;                                // Prevent transfer to 0x0 address. Use burn() instead
if (_value <= 0) throw;
        if (balanceOf[_from] < _value) throw;                 // Check if the sender has enough
        if (balanceOf[_to] + _value < balanceOf[_to]) throw;  // Check for overflows
        if (_value > allowance[_from][msg.sender]) throw;     // Check allowance
        balanceOf[_from] = SafeMath.safeSub(balanceOf[_from], _value);  // Subtract from the sender
        balanceOf[_to] = SafeMath.safeAdd(balanceOf[_to], _value);  // Add the same to the recipient
        allowance[_from][msg.sender] = SafeMath.safeSub(allowance[_from][msg.sender], _value);
        Transfer(_from, _to, _value);
        return true;
    }
After checking the allowance matrix, the transfer just consists in a substraction on your balance and an addition on the recipient balance(ie the recipient of the mandatary).  

So as you can see it's really simple to code a contract doing the same thing without calling an "allowance" function before...  Roll Eyes



Unlike Bitcoin where transactions are irreversible, ERC20 tokens based on smart contracts allow the contract creator to take back sent tokens.

Just like you, I used to believe it can't be done. Untill I had a long conversation with another member (omer-jamal) about this subject and we decided to test it. He created a smart contract on testnet 0x29555479daf420c32157e03c7c4b0cfebda37eee and he was able to send me few tokens then take them back although he didn't know my address private key nor I did have Eth to pay Gas fee.

The moral here is that you must read the smart contract of the token you want to invest in.

If you decompile the smart contract with the decompiler, you will see the transferFrom function doesn't test the "allowance" matrix to transfer the coins, the transferFrom function just updates the balances...  Roll Eyes
An user of this smart contract can transfer the coins of whatever address he wants.
https://ropsten.etherscan.io/bytecode-decompiler?a=0x29555479daf420c32157e03c7c4b0cfebda37eee#
member
Activity: 378
Merit: 53
Telegram @keychainX
I am having an argument with some people and they said that an Ecr20 token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.

I want to send them a link to this thread with opinions of crypto experts in this forum so we can know who is right.

You should post a link to which token or what smart contract created it then its very easy to see what options are possible with the coin.

There are many different coins where the issuer can freeze your coins, most famously is XRP (Ripple) when one of the creators parted with Ripple, they freezed his coins(wallet)

RIPPLE (XRP) - YES
https://www.financemagnates.com/cryptocurrency/news/ripple-reportedly-orders-freeze-of-1m-worth-of-mccaleb-funds/
https://cointelegraph.com/news/ripple-directs-bitstamp-to-freeze-funds-of-former-co-founder-jed-mccaleb

EOS - YES
then you have the famous EOS freeze of 27 accounts

https://www.coindesk.com/eos-blockchain-arbitrator-orders-freeze-of-27-accounts

TETHTER (USDT) - YES
https://www.financemagnates.com/cryptocurrency/news/tether-plans-freeze-31-million-worth-stolen-token/

COINBASE USDC - YES
https://cointelegraph.com/news/ripple-directs-bitstamp-to-freeze-funds-of-former-co-founder-jed-mccaleb

BANCOR (BNT) - YES
https://www.bitrates.com/news/p/bancor-stirs-exchange-decentralization-debate-after-125-million-hack

You can do this with any ERC721 Token (there are many)

The list goes on.
/KX


legendary
Activity: 2702
Merit: 3045
Top Crypto Casino
Unlike Bitcoin where transactions are irreversible, ERC20 tokens based on smart contracts allow the contract creator to take back sent tokens.

Just like you, I used to believe it can't be done. Untill I had a long conversation with another member (omer-jamal) about this subject and we decided to test it. He created a smart contract on testnet 0x29555479daf420c32157e03c7c4b0cfebda37eee and he was able to send me few tokens then take them back although he didn't know my address private key nor I did have Eth to pay Gas fee.

The moral here is that you must read the smart contract of the token you want to invest in.
newbie
Activity: 5
Merit: 0
Everything is very simple and everyone should know this. ERC-20 tokens can have a smart contract with which the creator can freeze or withdraw these tokens from your Ethereum wallet. I know such an example. Not all tokens have such a function, but because of the frequent cases of fraud, the creator assumes the function of a regulator in this chaos of decentralization. This is both good and bad. In any case, if you are not involved in fraud, then you have nothing to fear. Otherwise - study before use
sr. member
Activity: 1512
Merit: 292
www.cd3d.app
If we are talking about cryptocurrency, then as a rule this is not possible. For example, on such blockchains as Bitcoin and Ethereum. However, if you look at the EOS blockchain, it turns out that this is not quite a cryptocurrency, more than once there was a refund in the event of a hack. Also, it may depend on the smart contract.
legendary
Activity: 2492
Merit: 1018
Then the fundamentals of blockchain isn't there.
Precisely. And yet still EOS was the most successful ICO of all time. Goes to show just how stupid this space is sometimes.

Unless they have the same privileges as the token creator, then no. It would be a disaster, and I believe people won't use such blockchain.
Unfortunately they would. They either wouldn't know because they had done zero research, or they wouldn't care because they were too busy being greedy and chasing some pump and dump. People use EOS, for example, which as I described above is the antithesis of decentralization. Bitconnect was the most obvious Ponzi since Charles Ponzi, but that didn't stop people using it. People use BCH and BSV for crying out loud. The simple fact that transactions can be reversed won't stop idiots parting with their money.

What about the tokens created under them, can they also be reversed and taken back from our EOS wallet? I have invested to a project which we are trading on STEX.
I'm curious because there are also people in the telegram asking why their coins were reduced, the project is Volentix (VTX). I was already wondering lately how stupid it is that there is the need to buy EOS wallet. But I started using as I was attracted to one project on EOS when it offers dividends to the token holders.

legendary
Activity: 2268
Merit: 18748
Then the fundamentals of blockchain isn't there.
Precisely. And yet EOS was the most successful ICO of all time. Goes to show just how stupid this space is sometimes.

Unless they have the same privileges as the token creator, then no. It would be a disaster, and I believe people won't use such blockchain.
Unfortunately they would. They either wouldn't know because they had done zero research, or they wouldn't care because they were too busy being greedy and chasing some pump and dump. People use EOS, for example, which as I described above is the antithesis of decentralization. Bitconnect was the most obvious Ponzi since Charles Ponzi, but that didn't stop people using it. People use BCH and BSV for crying out loud. The simple fact that transactions can be reversed won't stop idiots parting with their money.
legendary
Activity: 2170
Merit: 1789
Going back to the main topic, can say, that, if token creator can take back tokens that was already send, is it  also possible for token/crypto sender to take back payment that was already made?

Unless they have the same privileges as the token creator, then no. It would be a disaster, and I believe people won't use such blockchain. They might use some exploits to do that (if there's any), but no developer in their right mind would build such a thing. Nobody is going to buy his idea and use it.
sr. member
Activity: 1274
Merit: 278
Yes, EOS.

EOS is a centralized pile of trash. It isn't decentralized at all. Their entire blockchain is maintained by 21 carefully selected so called "Block Producers". These block producers have the power to do anything they like to the blockchain - freeze your wallets, reverse your transactions, even seize your coins. This has happened in the past, with the block producers taking coins away from one user and giving them to another. There is no way to challenge this, and there is no oversight. The block producers also print thousands of new EOS every day and award it to themselves as a reward for having complete control over your coins.

With EOS you are holding an inflationary token which is constantly being devalued and can be taken away from you at any time. It's even worse than fiat. At least banks are regulated and have rules they must follow. The block producers don't.

This is completely common knowledge. A simple Google search will confirm everything I have said above. If you are unaware of it, then I hope you haven't spent any money on EOS because it means you haven't done the bare minimum amount of research.

Then the fundamentals of blockchain isn't there. Blockchain was made for the contribution of others, not to manipulate the transactions, and for the security of the assets. If these 21 people can somewhat control their blockchain, the essence of decentralization isn't present.

Going back to the main topic, can say, that, if token creator can take back tokens that was already send, is it  also possible for token/crypto sender to take back payment that was already made?
legendary
Activity: 2268
Merit: 18748
Yes, EOS.

EOS is a centralized pile of trash. It isn't decentralized at all. Their entire blockchain is maintained by 21 carefully selected so called "Block Producers". These block producers have the power to do anything they like to the blockchain - freeze your wallets, reverse your transactions, even seize your coins. This has happened in the past, with the block producers taking coins away from one user and giving them to another. There is no way to challenge this, and there is no oversight. The block producers also print thousands of new EOS every day and award it to themselves as a reward for having complete control over your coins.

With EOS you are holding an inflationary token which is constantly being devalued and can be taken away from you at any time. It's even worse than fiat. At least banks are regulated and have rules they must follow. The block producers don't.

This is completely common knowledge. A simple Google search will confirm everything I have said above. If you are unaware of it, then I hope you haven't spent any money on EOS because it means you haven't done the bare minimum amount of research.
legendary
Activity: 2492
Merit: 1018

It depends on the token. Bitcoin, no. EOS, yes. Others, maybe.

EOS really?

What kind of kind would really be designing a smart contract with the reversible transaction?
Haven't encounter such cryptocurrency. If EOS has this feature, it would be interesting to see what plans do they have upon having such feature to the chain. I can only think of paypal scams once again which the stories being told many times in forums.
sr. member
Activity: 812
Merit: 253
●Social Crypto Trading●
I always thought it was permanent. If you using an eth smart contract you should not be able to change peoples balances. I really don't know what that means. How does a dev change peoples balances?
I know devs can have a premine then just dump it all and run if they like. I have never heard of tokens disappearing from wallets or devs making new tokens on the fly. I wish people would post some source links.
legendary
Activity: 2268
Merit: 18748
-snip-
This is the right answer.

The creator of a token can code anything he or she desires in to that token's code. The vast vast majority of users who buy tokens do not read the code of the token they are buying. A similar overwhelming majority probably do not have the knowledge required to be able to understand the code if they were to read it. Unless OP or someone else involved in this dispute can read the code of the token in question and say categorically that the creator has not given themselves the ability to move coins around at will, then the person in OP's post who says coins were removed with their consent could very well be correct.

If you are thinking "Surely this could never happen", I would suggest you have a read up about the coin Oyster Pearl (PRL). Its contract had a function allowing the developer to re-open it for ICO, essentially allowing him to create new coins out of thin air at will. He did, gave himself 3 million tokens instantly, dumped them all on the market, and disappeared with an estimated $300,000 in profit. This coin was heavily shilled across social media, with thousands of people owning it and several major exchanges listing it, but yet no one had picked up this major flaw in the smart contract.

As odolvlobo has pointed out above, even some "major" coins (in terms of marketcap ranking, which is inherently flawed, but that's a whole 'nother discussion), have this ability built in to them. Anybody and everybody's EOS tokens can be frozen, transferred, seized or confiscated by the all-powerful "Block Producers", and there is nothing you can do about it.
sr. member
Activity: 854
Merit: 272
I am having an argument with some people and they said that an Ecr20 token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.

I want to send them a link to this thread with opinions of crypto experts in this forum so we can know who is right.

Depending on the ERC20 contract, I guess. Some ICO’s back then with failed operations or distribution of tokens were able to take their token back and distribute a new replacement token. I experienced it with one of the campaigns I joined.
hero member
Activity: 1162
Merit: 547
CryptoTalk.Org - Get Paid for every Post!
It shouldn't be possible as long as the transaction is confirmed beforehand. ETH is a decentralised blockchain, which means that the token creator simply does not have the sovereignty to reverse transactions at will, even if it concerns tokens that they issue themselves.

It is very likely that the person you're arguing with simply got confused somehow, or never received funds in the first place.

If it was a centralised ledger, then it COULD be done. But not for ERC20 tokens to the best of my knowledge.

It is absolutely possible for the Ethereum token developer to take tokens from anyone's account if he has made such functionality in the smart contract's code.
It does not mean he is "reversing" the transaction, he just executed some code in smart contract that allows him to change other's balances.

For people who are not aware of how a token works, here are the details:

1. The developer writes code (say in solidity language) for a smart contract, that when deployed on Ethereum blockchain creates a token and follows instructions defined in it.
2. The developer has full flexibility to allocate x number of coins to himself or any other address. He can even define some functions that can alter anyone's balance as per his, considering he is the creator of this code.
3. (technical) There is a hash map that maps the number of tokens to a particular address (assume 2d array with key-value pair instead of indexes). You can change its value as you would change any other variables'.



Btw, ERC20 token standard also has defined a function to allow someone to send 'y' number of tokens from another account, provided he has been provided allowance by the owner for the same.
hero member
Activity: 1666
Merit: 753
I am having an argument with some people and they said that an Ecr20 token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.

I want to send them a link to this thread with opinions of crypto experts in this forum so we can know who is right.

It shouldn't be possible as long as the transaction is confirmed beforehand. ETH is a decentralised blockchain, which means that the token creator simply does not have the sovereignty to reverse transactions at will, even if it concerns tokens that they issue themselves.

It is very likely that the person you're arguing with simply got confused somehow, or never received funds in the first place.

If it was a centralised ledger, then it COULD be done. But not for ERC20 tokens to the best of my knowledge.
legendary
Activity: 2296
Merit: 1014
It depends on the token. Bitcoin, no. EOS, yes. Others, maybe.
Good point. Token can work on its own rules. Bitcoin have well known rules because its most popular crypto.
But Token XYZ you want to invest your hard earned money can have no limited supply, co in time your investment will be less valuable. Creator can have power to take any amount of tokens with 'master password'/smart contract whatever rules he set. Thats why its important you know in what you exactly investing. Bitcoin is proven, fair and decentralised. Can't say that about any other coin.
legendary
Activity: 2450
Merit: 4295
eXch.cx - Automatic crypto Swap Exchange.
In this case the guy claims that the token was sent to his personal ethereum wallet

Was there a confirmation from the token creators that they were responsible for the transfer of the token from his wallet? Or did similar experience happened to others? If yes then that's how such projects operates.

But if no confirmation has been received from the token creator that they're responsible then that your friend's wallet is compromised. Also in times of swapping users can also experience this although in this case a second token would be recieved depending upon the sharing formula for the new token.
member
Activity: 406
Merit: 10
I am having an argument with some people and they said that a token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.


Seems the answer here is very clear from the highlighted statement above. I presume this incident was recorded via bounty payment since we have recorded numerous report of such scenario occuring in the forum, where bounty hunters token's get withdrawal by the tokens creators or their wallets get blocked. The issue here isn't about the token's blockchain instead it's about the wallets.

So here's my answer, wallets controlled by token creators especially web wallets can be access at any point and tokens can be withdrawn without your notice but in regards to tokens blockchain, it all depends on how the blockchain was created to function (like users above have explained).
In this case the guy claims that the token was sent to his personal ethereum wallet
legendary
Activity: 2450
Merit: 4295
eXch.cx - Automatic crypto Swap Exchange.
I am having an argument with some people and they said that a token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.


Seems the answer here is very clear from the highlighted statement above. I presume this incident was recorded via bounty payment since we have recorded numerous report of such scenario occuring in the forum, where bounty hunters token's get withdrawal by the tokens creators or they get restrict form accessing their tokens. The issue here isn't about the token's blockchain instead it's about the wallets.

So here's my answer, wallets controlled by token creators especially web wallets can be access at any point by them and tokens can be withdrawn without your notice but in regards to tokens blockchain, it all depends on how the blockchain was created to function (like users above have explained).
legendary
Activity: 3542
Merit: 1352
Cashback 15%
It is possible depending on the conditions laid out by the developers in the event of something uneventful (like the ETH events that saw the creation of ETH Classic)--or simply put, if the algorithm of the whole token/coin allows such rollbacks to happen without that much of an effort, else the developers would need the cooperation of the community to do the rollback. This usually leads to a hardfork when the whole network can't reach into a consensus, and again this depends on the consensus rules of the coin/token. In bitcoin, you need at least 51% to undo a certain transaction and split the chain whereas on other tokens/coins I'm not entirely sure of.
newbie
Activity: 47
Merit: 0
from my understanding, it depends on how the smart contract of the token/coin is created, and in some cases [name of project withheld ] though minor, it is possible the developer(s) can unsolicitedly debit a user for a token. It may be arguable if this is right or wrong though, and if the developers have such rights to do that

moreover, i think this flaws the concept of Decentralization and blockchain, and as such would taunt the name of the project(s) in question, that would be bad for business
hero member
Activity: 1778
Merit: 882
The blockchain was created to prevent this. Under normal conditions, it is not possible for anyone to reverse a transaction, when trying to make a double spend, the currency protocol identifies that this transaction does not follow the rules and discards. It is possible for anyone to create a blockchain of some currency by rolling back and undoing transactions, the problem being that you would have to convince the rest of the world that this was correct and that they should follow your blockchain.
This happened to Ethereum in 2016 when there was a token hack called "The DAO" and many ETHs were stolen, the creator of Ethereum undone this theft transaction and the chain went on from there. Many people agreed with this and others did not, so Ethereum Classic (ETC) was created that is nothing but ETH with transactions intact.
Doing so is a very risky move, as many defend the immutability of the network even if there are cases such as theft, and in doing so much of the value of the coin can be lost. Moreover, in this case, it has been proved that there is no decentralization. In cryptocurrencies like Bitcoin I can't see something like this happening.
member
Activity: 406
Merit: 10
It depends on the token. Bitcoin, no. EOS, yes. Others, maybe.
It's an Ecr20 token
newbie
Activity: 47
Merit: 0
from my understanding, it depends on how the smart contract of the token/coin is created, and in some cases [name of project withheld ] though minor, it is possible the developer(s) can unsolicitedly debit a user for a token. It may be arguable if this is right or wrong though, and if the developers have such rights to do that
newbie
Activity: 86
Merit: 0
it can on erc20 depending on the smart contract I guess
legendary
Activity: 4466
Merit: 3391
It depends on the token. Bitcoin, no. EOS, yes. Others, maybe.
member
Activity: 406
Merit: 10
I am having an argument with some people and they said that an Ecr20 token creator removed a token from one of their wallet and i told them that tokens that has been sent cannot be withdrawn back as long as they're the only ones with their private key but they don't believe me.

I want to send them a link to this thread with opinions of crypto experts in this forum so we can know who is right.
Jump to: