[anchpop]

In this case, the weakness was that the keys that controlled the bridge were somehow stored insecurely. When attackers gained access to the keys, they were able to steal from the bridge. In a properly-implemented rollup, there are no keys to secure, so this attack vector is ruled out.

But more broadly, there is really nothing else with the same security properties as a smart-contract-enabled cryptocurrency. Paypal will delete your account any time they want, Visa and Mastercard will blacklist whatever industries they feel like blacklisting, etc. If you want a system that's decentralized and where these attacks aren't possible, you have no alternative. The problem is that current blockchain-based systems can only handle a certain number of operations/second while remaining decentralized. The appeal of scaling solutions like ZK-rollups is that they give us the same security properties as the main chain without any security compromises (relative to the main chain). That's all conditional on their code being correct, but given that there's such a large payout to hacking e.g. bitcoin or ethereum or zksync and it still hasn't happened, we can guess that the coders have done their jobs well and such problems are at least very difficult to find.

[easrng]

You are misinformed. With most cryptocurrencies (except Monero) it is very easy to blacklist wallets, and since tx history is public you can't just move your coins to a new address to get around it either. You don't actually even need decentralized systems for private transactions, digicash with blind signatures would be private and vastly more efficient.

[nwiswell]

I think "very easy" is relative. How do you get the whole world to agree to participate in the blacklist (or even to be aware of it)? If you don't, then obviously it will remain possible to tumble/launder the coins.

By comparison, if PayPal decides to freeze your account, that's it, the end, those funds are frozen unless and until you successfully run the corporate supplication gauntlet.

[easrng]

You don't need the whole world, just the exchanges. And and some ERC20 tokens can have addresses frozen by a central authority (ex. USDC and Circle, USDT and Tether, etc) which is why the attacker immediately sold the USDC for ETH on 1inch and Uniswap.

[nwiswell]

> You don't need the whole world, just the exchanges.

Then you just tumble the coins and head to an exchange.

[netheril96]

> You don't need the whole world, just the exchanges.

But there are a whole world of exchanges. Anyone can make an exchange. Any one can also trade in person.

[dorgo]

I think what gp means is to tell all the exchanges (and maybe merchants) to blacklist your wallet. Not as simple and bullet proof as PayPal freezing your account but similar.

[anchpop]

On Ethereum you can you decentralized tumblers like Tornado Cash