Security and regulation – do these go hand in hand where blockchain is concerned?
By Gerald Fenech
Its no secret that after the massive bull run of late 2017, early 2018, the cryptocurrency, and to a lesser extent, the blockchain space, has seen a considerable turnaround over the past year. However, confidence is slowly creeping back in notwithstanding the fact that recent issues such as exchange hacks and scams tend to lend a fresh blow to consumer interest.
One issue which is constantly being bandied around is the fact that most trading volumes on cryptocurrency exchanges are artificially inflated. In fact, it appears that there is an army of so-called commercial wash traders which regularly approach cryptocurrency exchanges with offers to artificially inflate their trading volumes, according to one co-founder.
And according to Ed Woodford, who runs Seed CX, these wash trading companies propose similar terms to his exchange on an almost weekly basis. Speaking to an audience at Paris Blockchain Week Summit (PBWS), Woodford said that these companies charge thousands of dollars a month to make exchange volumes look higher than they actually are.
“For $1,000 a month, wash trading firms will inflate volumes by a few million dollars,”Woodford said.
Wash trading is believed to be widespread among cryptocurrency exchanges. Artificially inflated volumes can raise a platform’s profile and attract new users, thereby allowing exchanges to collect more transaction fees. The practice is illegal in many countries, including in the United States.
Until recently, the true scale of wash trading was unknown. But a report by the asset management firm Bitwise, published in March, concluded that roughly 95% of exchange volume was fake.
An OKEx executive has since admitted that his exchange has a problem with wash trading, saying that the fake volume stems from large parties trying to bypass its tier fee structure.
Crypto exchange hacks and security
Another issue is security and this has been consistently in the news of late with hcaks such as the one on the New Zealand based Cryptopia and the vanishing of users finds with the sudden death of the Canadian Quadriga CX exchange.
$3.2 million in tokens were stolen from New Zealand-based cryptocurrency exchange Cryptopia which were eventually liquidated on major cryptocurrency exchanges.
The hack, which was the first major security breach of 2019, was announced by the platform on Jan. 15. On Jan. 20, Elementus reported that as much as $16 million worth of Ethereum (ETH) and ERC20tokens were stolen. The attack continued for two weeks following the initial breach as the exchange had not regained control of its wallets. Hackers stole an additional 1,675 ETH ($175,875) from 17,000 Cryptopia wallets, with Elementus stating that, among the 17,000 affected wallets, 5,000 were emptied when the platform was first breached, but eventually refilled.
The Quadriga CX case is a bit different. On January 14, Gerald Cotten, the 30-year-old co-founder and CEO of Canadian exchange, QuadrigaCX, died suddenly, on honeymoon in India, according to reports. He was, inexplicably, the only person with access to $190 million of funds in cryptocurrencies and fiat money, the majority of funds stored on the exchange.
A year ago, QuadrigaCX was in financial difficulty. Funds were being locked up and users were complaining. This was the beginning of a series of unfortunate events for the Canadian crypto exchange. QuadrigaCX, founded in 2013, was originally quite successful, quickly becoming the largest crypto exchange in Canada.
But things soon started going downhill. In January, 2018, the Canadian Imperial Bank of Commerce (CIBC) froze $30 million of funds belonging to QuadrigaCX because it couldn’t identify the owners of the funds. Customer complaints rained down on QuadrigaCX as people struggled to access their funds. This led to fewer people using the exchange and its daily trading volume dwindled to $600,000 by October, 2018.
The exchange faced financial difficulties throughout the year and may have lost a considerable amount of users’ money. This was supported by the recent announcement that the funds may not even exist. The CEO’s of crypto exchanges Kraken and Coinbase have also backed this view. Kraken has since offered a $100,000 bounty for information about the case which has caused 115,000 people to lose their money. Right now, Ernst and Young are continuing to search for the missingfunds. The QuadrigaCX affair has only just begun.
Jean-Michel Azzopardi, CEO of Kralanx, a cyber security firm explained that although regulation is important, security on exchanges is of paramount importance for trust.
“While regulation is sorely needed to prevent artificial inflation of trading volumes, it's equally important to ensure that the cyber security of these exchanges are standardised. Too often do users put their crypto in the hands of exchanges whom do not take cyber security seriously enough which leads to a catastrophic lost in funds when things go belly up. In the customers defence, there is no way for a customer to currently trust an exchange since details regarding its security measures are kept secret to avoid the information being used against them”, Azzopardi said.
Crypto exchange security is generally quite weak from what I've seen. It's no surprise that exchange hacks are so frequent... The main issue is that, in most cases, there is no single responsible person for security(CISO). The lack of regulation specifically around this point also plays an important role in the pervasiveness of exchange hacks.
So where do we go from here? It is clear that exchange hacks and security remain major issues in the space and data privacy is also a hugely important issue. It remains to be seen whether maturity in this sector will eventually increase to the extent that people will begin to trust their funds and investments on this relatively new platform.