Warning: Some crypto exchanges may have hidden Ponzi schemes

On January 28, Canada’s largest cryptocurrency exchange point, the QuadrigaCX, suddenly disappeared. At least $ 136 million in customer assets disappeared under highly dubious circumstances.

How was that possible? The official scenario is as follows:

Founder and CEO Gerald Cotten married unexpectedly, changed his will and flew to India with a single copy of an exchange point for the private keys of offline cryptocurrency bags.

A death certificate was then issued stating that Cotten had suddenly died of Crohn’s disease. It’s just that Crohn’s disease isn’t as deadly as a rule, and there is a very lively black market in India that produces high-quality fake documents, including death certificates.

Whether it’s all true or not, the fact remains that it was no ordinary hacking. Hackers usually attack from the outside, but this time we are dealing with an extraordinary internal crime.

Did Cotten secretly carry customers’ crypt in his private purses? To your fellow adventurers? We may never know.

In any case, this episode draws attention to two risks when trading on cryptocurrencies. The first is known in the crypt world. But almost no one talks about the other.

Risk # 1: No exchange point is 100% protected against hackers

Every time a cryptocurrency exchange office uses a private key for one of its wallets to pay out money to a customer, there is a risk that someone will be able to use it.

It’s risk is small, virtually zero. But this is not zero. So when you multiply that almost non-existent risk by millions of transactions, it’s suddenly not that small at all.

Strong security policies and procedures can significantly reduce this risk. But they will never lose it.

Cause: Withdrawing cryptocurrencies from an exchange requires the use of a private key online. That in itself is risky.

Technology is constantly evolving and cunning hackers are constantly on the lookout to find new ways to exploit vulnerabilities.

Security experts know that no matter what they do, they are always at risk. So as a fallback plan, they usually keep a small portion of their total fund in networked wallets that they use to transact with customers.

It’s like a village shop that keeps exactly as much cash at the checkout as it needs to trade on an average day, plus a little extra for the unexpected. The lion’s share of the money is somewhere else. In the crypt world, the corresponding mechanism is called ” cold storage “.

Are frozen wallet purses more secure than networked purses? Still. There are fewer in-and-out deals. So there is much less chance that anyone will get the private key. And there’s no need to even mention that if they’re not connected to the Internet, hackers are basically much harder to access.

The problem is that this solution to risk # 1 creates …

Risk # 2: Too many exchanges are unaudited

There are many stock exchanges in the world. Even if the share of unaudited stock exchanges is negligible, there are too many of them. If there are more of them, the situation is, of course, worse.

Result: It is not possible to know how much crypt they have or how much they should have. We know of some wallets that belong to the exchange points, but we almost never see the whole picture.

In short, it is:

Shared ledgers that run on cryptocurrencies are transparent and fully auditable. But when they are sent to the exchange, only the employees of that exchange know how much property they actually have.

One would think that customers would demand more openness. But most people are happy if their transactions go through properly and they get their crypt if needed.

At the same time, the opacity of exchange points can mask a huge number of problems. The investigator claims that Quadrigal never claimed to have lost Bitcoin and that they had to hope that the influx of new customers would help them cover the costs of their existing customers.

Important Lessons from Bernie Madoff’s Ponzi Scheme

Investigators recently interviewed by the Wall Street Journal came to a similar conclusion. It can be concluded that Quadriga was a cryptographic version of the Ponzi scheme, which was deceived by Bernie Madoff for decades.

The comparison with Bernie Madoff is an important lesson that exchange points and their customers should not ignore:

Madoff started as an honest fund manager. But he soon realized that he could bring in a lot more money in another way. As long as customers thought everything was going well … and until they received their money if necessary … they didn’t ask questions.

They did not delve much into the “details” of this allegedly “foolproof” investment strategy. They did not realize that they had been drawn into a pyramid scheme.

Now Bernie is doing something she didn’t have much time for before. He reads good books. Behind bars.

Reputable cryptocurrencies do not do this. They don’t even think about it. But if there are no regular audits, they have the opportunity.

It’s not just bad for customers. It is also bad for exchange offices.

In order to run a good business, they must not only avoid suspicious activity, but also the reputation of suspicious activity.

What Mt. Was Gox’s disaster really hacking?
Or was it an internal crime too?

Mt. At some point, the Gox Exchange was responsible for about 70% of all transactions with Bitcoin.

2014. Problems began to emerge at the beginning of the year. Customers claimed that Bitcoin ‘s payout was expected on a monthly basis. Mt. Gox finally filed for bankruptcy protection, claiming that they had lost about 740,000 Bitcoins. (Read the full story here .)

We can never know for sure what happened. But there are three options:

1. Due to the confusion or misinformation in the company, Mt. Gox is actually aware of how much Bitcoin they owed their customers. As a result, they found themselves in a situation where they were unable to meet their obligations.
2. Some of their employees stole customers’ assets and transferred their Bitcoin to their accounts. And no one noticed.
3. Hacking. Gox was the victim of an attack from outside when someone broke through the security barriers at the exchange and stole their Bitcoin. The board was not aware of this. Or they thought they could handle it.

Are all these options different? Yes. But they all still express the same problem: Mt. Gox did not have enough cash to meet customers’ payouts.

In other words, they basically used something called a ” fractional reserve system “, which means that their bonds were worth more than their actual assets. This is a game that can only be maintained as long as customers do not rush to take out their property at exactly the same time.

Read more: Why you shouldn’t keep your crypt at exchanges

In the 1930s, it was precisely this system of marginal reserves – along with a lack of audits and transparency – that blamed US banks for easily falling bank flows (massive outflows of money). It also helps to explain why low – mortgage companies in 2007. went bankrupt in 2006 and caused the global debt crisis.

The irony is that Bitcoin was created with the idea of avoiding it all. Are exchange points now recreating the vulnerable system that cryptocurrencies were to replace?

That’s exactly what Quadriga CEO and Mt. What happened to Gox isn’t the only problem. The main concerns concern exchange points in general:

If you use an exchange point, you will not trade or actually own a crypt. What you actually trade and what you seem to own is a bond that must later be redeemed from a cryptocurrency or regular currency custodian.

Just like a bank.

But banks have regulations. They are accountable to governments and international institutions. They have to follow strict rules. They are reviewed regularly. It is not often that the CEO of a bank suddenly flies to India with clients’ assets and declares himself dead there.

In the world of cryptography, the same risks must be borne in mind when trading on stock exchanges, but there are no guarantees that will make the traditional banking system relatively stable for billions of people around the world.

Is this situation hopeless?

Not at all.

We are not against stock exchanges. Not in the slightest. What we want to see is more transparency and more responsibility in the cryptographic trading process. We’ll provide more specific instructions in some of the following posts. But in the meantime …

1. Keep the lion’s share of your crypt in your private offline wallet.
2. Keep the key codes in a safe place.
3. And never share them with anyone except one specific person you know and trust completely.

The best,
Juan

Article – Weiss Ratings

Translation: Lucreds Plus OÜ