CHD Blog

(Honestly… it was only fairly recently that I realized what I always called ‘nonsense tokens’, are MUCH MORE NONSENSE than I ever could have imagined! The ‘crypto space’ needs legitimacy SO BADLY. The Time for Qortal is past due.)

ERC-20 “Tokens” Are Contracts, Not Assets

That’s right, you heard me… in Ethereum (and ALL ‘EVM’ nonse…ermm… clones…):

• A token is NOT a “thing” — it’s just a contract that claims to track balances.
• There’s no native concept of an asset beyond ETH itself.
• If a dev screws up transfer() logic, or adds a backdoor in approve(), you get a malicious “token” that can:
  • Freeze funds. (Yup, literally!)
  • Change your balance. (As in… all of a sudden the balance IN YOUR WALLET is no longer what it was legitimately before!)
  • Drain your wallet with clever allowances. (I thought this was a blockchain!? O_o?)

This is exactly why:

• Reentrancy attacks exist.
• You need formal audits before using a basic swap.
• Flash loan exploits can wipe entire protocols in a single atomic call.

It’s programmable finance, but with zero standard enforcement beyond conventions, and no native guarantee of anything.

Research Links

• Eploiting ‘approval’ (nonsense that shouldn’t be needed, but is because it isn’t a native asset) – https://medium.com/mycrypto/bad-actors-abusing-erc20-approval-to-steal-your-tokens-c0407b7f7c7c
• Breakdown of how a business-logic flaw in ‘token + factory’ interaction drained 450k – https://www.quillaudits.com/blog/hack-analysis/veth-token-450k-exploit-analysis
• Token Exploit that allowed infinite token mint – https://sdlccorp.com/post/security-challenges-in-erc-20-tokens-identifying-and-addressing-vulnerabilities/
• Post Explaining many security issues with the ERC-20 Standard – https://dexaran820.medium.com/security-problems-of-erc-20-standard-cc2a1e300441

There are MANY more examples like these… All of which can be wholly avoided, by not using fake tokens written into ‘contracts’ that pretend to be coins. (Who would have thought!?)

✅ Qortal: Native Assets(‘tokens’), Native(ly) Trust(less)

(Transactions created the same way as QORT, signed by the account’s private key – If the account didn’t deliberately make the transaction, the balance isn’t changing!)

In contrast, Qortal’s design is sane:

• Assets are part of the protocol layer, not “applications pretending to be tokens”.
• You don’t need a smart contract to define or manage a token.
• You don’t need to trust any dev — it’s validated by consensus.
• Asset ownership and transfers are natively enforced by the core — not by arbitrary bytecode.

It’s like the difference between:

• ✅ An actual decentralized OS with built-in syscalls (Qortal)
• ❌ A BYO-OS environment where every app implements its own fake version of sys.exit() and malloc() (Ethereum)

(See initial wiki post regarding Qortal Assets ((nicknamed ‘Q-Assets’)) HERE – https://wiki.qortal.org/doku.php?id=q-assets)

So… Why Do People Use EVM Contract-NoTokens Anyway?

Apparently there are reasons, such as… (reasons on the left, my comments on the right):

• Composability: it’s easy to mix-and-match. (This has no basis IMO, ‘mix and match’? What does that even mean and is that really worth legitimacy? Not in my mind.)
• Flexibility: you can write any logic you want. (Right, leading to a MASSIVE number of scams… When you can just as easily create a Q-App that is actually decentralized, and leverage a native, real token on Qortal.)
• VC-bait: endless room to “innovate” (read: obfuscate, extract fees, and relaunch forks). (BINGO! This, IMO, is the REAL reason. Fake ‘innovation’, in reality just newly created ICO scams to fill bags with FIAT debt notes. The EXACT THING that Bitcoin was built to REPLACE. The ‘crypto space’ is seriously a massive shit show.)
• Hype-first dev culture: 10x engineers deploying $1B TVL with require(false) bugs.

But at the end of the day, EVM tokens are just ‘contracts’ with a social contract.

(Basically, they are nothing, and there isn’t even really any reason for them to be ‘on-chain’ other than hype, as they may as well be on a centralized server for all the ‘blockchain-like’ functionality they have… which is essentially none.)

Is it time to WAKE UP Yet?!

Qortal has the TRUE ALTERNATIVE, that doesn’t require that people memorize:

• That “wrapped” ETH isn’t actually ETH. (Neither is wrapped BTC, or wrapped anything else… and when the primary chain they are wrapped on dies, bye bye not-coins!)
• That EVM tokens aren’t tokens. (Code-based contracts with no immutability or any other native blockchain features… I always wondered why ‘audits’ were such a thing on EVM chains, now I know!)
• That infinite approval could drain your EVM wallet. (Along with any number of coder errors, scams, or manipulative tactics in the EVM oh-so ‘Smart’ Contracts…)
• That selfdestruct() or delegatecall() might nuke your funds from orbit. (‘Wow’ is all you can say here…)

Qortal brings sanity, with native-level control, verifiable logic, and no shell game required. That’s the future decentralized tech needs — not just the illusion of it.

This is all from someone who doesn’t like the idea of ‘assets’ (tokens) in 99% of cases…

Look, I have many times said that I do not like the idea of ‘assets’ at all, at least, not in the way they are currently able to be created. I have also said that I would like to design a new method of asset issuance on Qortal that provides a much more solid foundation.

However, it was only recently that, upon a deeper dive into the EVM nonsense, I discovered that EVM ‘tokens’ are not even REAL, not even TOKENS, and able to be PROGRAMMED TO STEAL. Which made me re-think my overall stance on the subject… a little.

Tokens – Love Em or Hate Em…

It is clear that tokens aren’t going anywhere… and honestly, the vast majority of uses of today they are treated like ‘company stock’ anyway… which in all reality is what the asset issuance system of Qortal was designed to allow.

As long as the assets issued in this fashion (by a single entity) are done so in a way that is honest, and doesn’t trick people into believing they are actually coins issued by consensus, or pretend to be such… Then I suppose I don’t have an issue with them. In 99% of cases I would still likely not hold any, but if I did, and they were ‘company stock’ in a company I actually thought would go somewhere, then sure, why not.

Don’t treat tokens as coins (and sure as hell don’t treat EVM NoTokens as coins), realize they are stocks in the company that launched them.

Real Tokens, Real Decentralized Features, Real Everything – Qortal

IF they’re going to exist, they should at least be REAL tokens, controlled the same way as QORT, by CONSENSUS. They should be only spendable by way of a SIGNATURE, and shouldn’t be so complex that they require individualized audits on each one prior to being deemed ‘legit’. Get real, get Qortal.