A Deep Dive Into Blockchain Freezing Powers Raises Decentralization Concerns
A new report from Bybit’s Lazarus Security Lab is shaking assumptions about blockchain neutrality. After analyzing 166 blockchains, the security team identified 16 networks that can freeze or restrict user funds at the protocol level - a finding that challenges long-standing claims of decentralization across major ecosystems.
The research, which combines AI-driven analysis with manual review, shows that some of the industry’s top chains, including BNB Chain, are hardcoded with freezing mechanisms, while others can activate this function through configuration files or onchain smart contracts.
Bybit’s team stressed that while these tools are often marketed as “security features,” they can also function as censorship vectors, allowing select actors - validators, foundations, or core developers - to block transactions or lock addresses without user consent.
Hardcoded Freeze Powers Across Major Networks
The report highlights five blockchains with freezing capabilities embedded directly into their underlying code. Among them, BNB Chain, VeChain, Chiliz, Viction, and XinFin’s XDC Network were found to contain predefined blacklist or freeze functions within their GitHub repositories. These capabilities allow developers or designated governance bodies to halt transfers, freeze wallets, or lock assets without requiring a fork or additional protocol upgrade.
For a sector built on the ethos of trustless and censorship-resistant finance, the discovery underscores the tension between security-driven control and true decentralization, especially as more chains integrate compliance modules aligned with regulatory expectations.
The Hidden Risks of Config-Based Freezing
Bybit’s researchers identified a second category encompassing 10 blockchains that rely on configuration-based freeze mechanisms. These use private blacklist files - YAML, ENV or TOML - which are only accessible to validators, foundations, or core developers. Among the chains flagged were major layer-1 networks like Aptos, Eos, and Sui, where freezing functions can be toggled at the node level rather than the protocol level.
The team warned that such designs allow for discreet intervention, potentially enabling unilateral decisions by infrastructure operators without broader community consensus or block-level transparency.
The Cosmos Ecosystem and “One Step Away” Freeze Capabilities
The researchers identified 19 additional blockchains, largely in the Cosmos ecosystem, that could implement freezing with relatively minor code changes.
These chains use module accounts, which are controlled by network logic rather than private keys. While currently not used to restrict user transactions, the report says they could be repurposed for address blacklisting with small modifications.
Although none of the Cosmos networks have deployed such features, the potential alone raises questions about whether “decentralized” systems can drift into admin-controlled infrastructure over time.
When Freezes Happen Onchain
The Heco chain stands alone as the only blockchain that uses an onchain smart contract-based blacklist, offering a more transparent but still centralized form of freeze enforcement.
These mechanisms, the report notes, are justified by many projects as “necessary” for responding to hacks. Ironically, this comes months after Bybit itself suffered a $1.5 billion cold wallet hack, one of the largest in the industry.
Coordinated efforts with partners such as Circle, Tether, THORchain, Bitget, and mETH Protocol helped freeze or recover over $85 million, demonstrating both the utility and centralization risk of such controls.
A Debate That Cuts to the Core of Blockchain Philosophy
The Lazarus Security Lab report warns that the presence - or easy introduction - of freeze powers ultimately blurs the line between decentralization and administrative control.
The findings are likely to intensify debates as major blockchains incorporate emergency switches, compliance tooling, and admin-level privileges in the face of rising hacks and regulatory tightening.
For users, the key question becomes whether the ability to freeze funds is a necessary safeguard-or a centralization trap that undermines the very purpose of blockchain technology.
