Interpreting the technical and security factors behind the massive Gas consumption of the Binance Wallet aggregation

Analyzing the reasons for high Gas usage in the Binance Wallet aggregation.

Author: Haotian

Exchanges manage a large number of EOA Deposit recharge addresses. Every time a user deposits coins, the assets are transferred to these fragmented small addresses. Normally, exchanges need to “collect” these addresses to facilitate centralized asset management.

There are usually two options for address collection by exchanges:

1) Whenever a user makes a deposit, the program immediately transfers the corresponding assets to a hot wallet address. However, the problem is that a user’s deposit demand may be divided into multiple transactions. For example, a whale usually transfers a small amount first and then gradually transfers the rest for security reasons. Clearly, this approach is prone to creating more transactions. If an exchange adopts this collection method, it may have to execute transactions with high GAS fees, resulting in high transaction fees. The benefit of this approach is that the entire collection process is decentralized, so users are not aware of it, and for the exchange, it is just a normal business expense.

• Zero-knowledge proofs from the perspective of non-technical personnel How did it become the third major technological innovation in the history of blockchain development?
• The Third Major Technological Innovation in the History of Blockchain Development – Application of Zero-Knowledge Proof Technology
• Bankless Dialogue with Vitalik The great vision of ETH is to truly create an independent open technology stack.

2) After a user makes a deposit, the small fragmented EOA addresses remain unchanged for a period of time. When the user withdraws coins, they are directly withdrawn from the large hot wallet, and then the addresses are collected at regular intervals. This allows for reconciliation and centralized management of assets. In addition, a time period with relatively low GAS fees can be selected for the transfer operation. However, there is a difficulty in doing this: a large number of operations in a short period of time can easily increase the GAS fees, and once it attracts media attention, it can lead to public relations incidents. It is difficult to explain to the public why the exchange needs to concentrate assets and why so much GAS has been consumed.

Clearly, Binance has adopted the second address collection method. From the perspective of the exchange’s business logic, regardless of which method is chosen, there will be a significant loss of business funds, and different exchanges may have different asset management strategies.

For the purpose of understanding, I have selected the addresses Binance14 and OKX3. Binance14 adopts the second method, while OKX should have adopted the first method. However, the asset volume and trading volume of the two addresses are vastly different, so the data is for reference only.

In Figure 1, the total scale of asset management for the Binance14 address is nearly 110,000 ETH. As a receiving address, a total of 10,000 ETH has been consumed in historical GAS. On September 13th, there was a significant collection, consuming 388 ETH in a single day. The highest daily consumption in history was 871 ETH. Therefore, it is normal business expense for address collection to consume several million ETH. Let’s not misunderstand and let the colleagues responsible for collection lose their jobs.

In Figure 2, the asset scale of the OKX3 address is smaller, but it has consumed 1,530 ETH in historical GAS as a receiving address. From the chart, we can see that the daily consumption of OKX is relatively balanced, with a peak of only 15 ETH in a day. This indicates that the first collection method is used for regular expenses.

As for which method is better, exchanges will definitely calculate and choose the most suitable and optimized option for themselves. There is no company that does not optimize costs. Although Binance is wealthy, it is not to the point of not optimizing.

In addition, it is clear that the management of exchange assets will involve multiple issues such as cost optimization, security risk control, internal approval processes, and fund efficiency. Cost optimization is just one key factor, but not absolute.

– Cost optimization: If we take a closer look, optimization can definitely be done. I checked the data and found that over 140,000 transactions were made between 5-6 pm Beijing time alone. Naturally, people wonder if these transactions could be spread out over 1-2 days. Can’t the program be stopped when Gas congestion is detected? From an engineering perspective, of course, it can be done. The problem is that when we spread out the time, over 1-2 days or even 1-2 months, it will certainly not cause Gas congestion issues and save money, but it may also bring other risk issues, which is no different from the first solution.

– Security risk control: The biggest consideration should still be security issues. Exchange managers have a large number of address private keys, and permissions may be controlled by a system. The engineer’s asset collection is equivalent to obtaining a high-level management permission from the system (calling the private key signature). Assuming it is a set of HSM cold wallet systems, these systems should have minimal online exposure. Compared to 2 days, having a 2-hour permission can greatly reduce the attack surface and prevent the system from being hacked. Therefore, the reason for rapid asset collection is that security risk control is a major consideration. If spending 300 ETH can effectively prevent 300,000 ETH from being attacked, it should be reasonable, right?

– Internal control processes: The exchange system is a large group organization involving management and execution layers. There will also be approval processes internally to regulate the use of assets. With hundreds of thousands of EOA address private keys, the most efficient way is naturally for the boss to have the highest authority and then sign uniformly for one-time processing. If it is divided into small portions and then processed in batches, it will involve the distribution of management rights, and it is inevitable that some employees will have the risk of being a single point of failure. If it is managed by the boss, the ideal solution is to concentrate on a certain time point and only approve once. Is it appropriate to divide it into multiple addresses and multiple batches for collection approval, which would tie up the boss’s energy on asset collection?

As for fund efficiency issues and preventing unexpected emergencies, etc., they are all possible.

In summary, the issue of exchange asset collection is not just a cost issue. It involves many complex factors. Looking back at the history of Binance, we can see that cases like high Gas collection are not isolated incidents. It is obvious that this is a consistent balancing solution made by Binance considering various factors.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!