Tokenization: Enhanced Liquidity and Risks Ahead, BofA Warns

Bank of America analysts say tokenization offers enhanced liquidity, faster settlements, and lower fees, but faces significant hurdles, including regulatory uncertainty, custody risks, and integration with legacy infrastructure. The value of real-world assets represented on-chain exceeds $28 billion, but the bank warns of vulnerabilities in smart contracts and blockchain platforms.

Tokenization, the process of converting rights to an asset into a digital token on a blockchain, has gained significant traction in the financial sector. Bank of America analysts highlight that tokenization offers enhanced liquidity, faster settlements, and lower fees. However, it also faces substantial hurdles, including regulatory uncertainty, custody risks, and integration with legacy infrastructure.

The value of real-world assets represented on-chain exceeds $28 billion, according to recent estimates. However, the bank warns of vulnerabilities in smart contracts and blockchain platforms. Cybercriminals are leveraging the complexity of blockchain technology to obscure malicious activities. A recent report by cybersecurity firm ReversingLabs revealed that hackers are embedding malware within Ethereum smart contracts to facilitate covert operations [1]. This sophisticated approach allows hackers to disguise harmful traffic as routine blockchain operations, making detection significantly more challenging for traditional security systems.

In another incident, the decentralized exchange Bunni suffered an $8.4 million loss due to a rounding error in a smart contract [2]. The attacker exploited a flash loan attack, manipulating pool prices and liquidity, which underscores the potential risks associated with smart contract vulnerabilities.

The rise of tokenization and blockchain technology has also brought to light the need for robust cybersecurity measures. Traditional security tools are not typically designed to scrutinize blockchain-based traffic, making it difficult to detect and trace malicious activities. ReversingLabs suggests that organizations invest in specialized solutions capable of analyzing smart contract interactions and detecting malicious patterns within blockchain traffic.

To mitigate these risks, blockchain developers and cybersecurity professionals must collaborate to address the evolving sophistication of cybercriminal tactics. Public awareness campaigns, industry partnerships, and regulatory frameworks are essential to educate developers and users about the risks of unverified contracts and the importance of proper security practices.

In conclusion, while tokenization presents numerous benefits, it also introduces significant challenges. Financial institutions must navigate regulatory uncertainty, custody risks, and integration issues while staying vigilant against cyber threats. By adopting proactive measures and strategic defenses, the industry can maintain trust and security in this rapidly evolving landscape.

References:
[1] https://www.crowdfundinsider.com/2025/09/250211-hackers-conceal-malware-in-ethereum-smart-contracts-according-to-new-cybersecurity-report/
[2] https://www.theblock.co/post/369564/bunni-smart-contract-rounding-error