There were industry murmurs and question’s prior to the collapse of Celsius but the conversation really gained momentum once Alex Machinsky and Co’s books/ records were reviewed. That question was – Do Cryptocurrency Exchanges actually hold any of your Crypto and if so where?
It was soon discovered by many inside and out of the industry the answer was no. In relation to staking and earn product’s scrutiny grew when customers started to dig deep into how these inflated earning vehicles generated income, the collapses and carnage continued. As major exchanges were forced to review their Staking products as the light shining on the Celsius collapse increased and their model around high yield returns kept the industry spotlight on Staking. Locally exchanges such as Swyftx started to take proactive measures and exiting the earn/ staking business despite this product giving their business a huge boost in 2021. The debate and reform post Celsius collapse lingered around on vs off chain yield products and the risks involved, while the storage of clients assets took a temporary back seat.
Then the FTX bomb dropped and the industry changed forever, or a year, or a month, or a few weeks, or not at all?
The FTX collapse brought the exchange asset storage concerns into the mainstream, with AFR, news.com.au and others all jumping on board the Crypto FUD train – rightly so. Questions from various news outlets prompetd mass bank runs of exchanges almost collapsing them in doing so, with many just scraping through as withdrawals reached all time highs. The trust in exchanges hit an all time low as they struggled for a message to calm users, when it came to them – Proof of Reserves.
On Nov 22nd 2022 Blockchain Australian released their – Blockchain Australia Digital Currency Exchange Members’ Affirmation. Which outlined and was not limited to the following:
- Customer balances are held on a 1:1 basis
- Customer balances are held on a 1:1 basis and are denominated in the client’s currency. Therefore, the digital currency exchange member does not trade its customer balances.
- Customer balances are held in 100% full reserve
- Customer balances are held in 100% full reserve and the digital currency exchange is not susceptible to running out of liquid funds for withdrawals. Additionally, the digital currency held is not on-lent to any other party.
- Ongoing proofs of the above, will be provided through:
a. Annual financial audits, followed by quarterly or monthly self attestations;
b. Onchain proofs;
c. Or a combination of the above.
This was supported and agreed by the following Crypto Exchanges and related businesses – BANXA#, Binance Australia, BlockEarner, BTC Markets, Caleb & Brown, Coinbase*, CoinJar, Crypto.com, Dacxi, Easy Crypto#, Elbaite#, Independent Reserve, Luno and Swyftx. This was then reported by many news outlets as the ‘safe’ place for users to trade and the sentiment was echoed across the world, check if your exchange has audited proof of reserves.
Reported rumours in the following weeks of exchanges ‘manipulating‘ their proof of reserves by transferring funds from exchange to exchange and as the dust settled – the question of exchange security started to settle due to this new comfort in proof of reserves and 1:1 asset allocation. Unfortunately, though the truth is none of the above actually answers or provides transparency around the original question users have – Do Cryptocurrency Exchanges actually hold any of your Crypto and if so where? The reason for this is because the answer will most likely/ should prompt fear back into the crypto community as not much has changed from a security standpoint. The following is known of exchange Asset storage and where exchanges can store client funds:
- Cold storage: Some exchanges store the majority of their clients’ funds in cold storage. Cold storage means that the private keys for the funds are stored offline, typically on a hardware wallet or in a secure vault. This method is considered the most secure since it’s not connected to the internet, and therefore, it’s less susceptible to hacking attempts.
- Hot wallets: Some exchanges keep a portion of their clients’ funds in hot wallets, which are connected to the internet and are used to facilitate transactions. These wallets are less secure than cold storage, but they allow for quick access to funds for trading and withdrawals.
- Multi-signature wallets: Some exchanges use multi-signature wallets, where multiple private keys are required to access the funds. This method increases security since no single person or entity has access to the entire wallet.
- Third-party custodians: Some exchanges may partner with third-party custodians to hold their clients’ funds. These custodians can be other exchanges, financial institutions or other vehicles.
It’s common and public knowledge that many large exchange wallets have transactional links to other exchanges, this is the nature of the ‘exchange’ business as most are operating as a broker, rather than an exchange. What remains grey and far from transparent is if exchanges are holding funds on third party custodians such as other exchanges, how much of it is client funds and on what exchanges? The disclosure of this information and reporting would be true transparency at a time when the industry really needs it. In most cases, proof of reserves and asset 1:1 allocation can be completely manipulated based on the current industry standards.
Like with everything the truth is in the detail and right now the details are limited. Disclosure around proof of reserves still remains limited protection for clients in the event there is legal action, government regulation or hacks that impact the exchange itself. As per our previous articles, in the event of an administration or bankruptcy funds will be pooled and distributed accordingly. With talk of insurance programs and other related security measures these improvements can’t come soon enough for users.
Unless disclosure of third-party custodians are made it’s hard to see how the Cryptocurrency Exchange industry won’t experience another FTX or Celsius. What question is also being missed amidst all eyes on asset storage?