Yet another cryptocurrency exchange was hacked and lost a large amount of money. This time it was UpBit, one of the top cryptocurrency exchanges in Korea, and they lost $50 million of Ethereum (ETH). It seems like this is a persistent problem for all cryptocurrency exchanges, and it is ruining the reputation of the crypto space as well as untold numbers of individuals and businesses. This article will explore this issue, and proposes a compliant ‘DEX’ as a solution.
A Brief History Of Crypto Exchange Hacks
First, it is important to understand how severe this issue is. In 2019 alone 8 major cryptocurrency exchanges have been hacked for major amounts of money. Cryptopia lost $16 million in a hack on January 15 and ultimately closed down, which was a major loss for the crypto space since Cryptopia was perhaps the main hub for numerous small cap cryptocurrencies.
QuadrigaCX, which may not be a hack but was likely a scam, and at the least a huge failure due to holding funds in a centralized manner, lost $190 million in February.
DragonEx, an exchange based in Singapore, lost $7 million on March 24. A week later Bithumb lost $13 million of EOS and $6.2 million of Ripple (XRP), and this was right on the heels of another Bithumb hack in late 2018 for $31 million.
Binance, which is one of the top cryptocurrency exchanges in the world and thought of as extremely secure, lost $40.7 million of Bitcoin (BTC) in May. Binance is one of the few examples of a major exchange hack where customers did not lose any money, since Binance had built up a large insurance fund via trading fees. However, it is still disturbing that one of the most trustworthy exchanges could be hacked.
Singapore exchange BiTrue lost $4.2 million in June, and in July the Japanese exchange Bitpoint lost $28 million.
In total during 2019 cryptocurrency exchanges have lost $355 million of cryptocurrency due to the vulnerability of holding coins in a centralized manner, and the year is not even over yet.
The plethora of crypto exchange hacks in 2019 is nothing new. Exchanges being hacked has been the story of the crypto space since the earliest days. Bitcoinica lost 50,000 Bitcoins (BTC) and Bitfloor lost 24,000 Bitcoins (BTC) worth $600,000 and $250,000 respectively in 2012. In 2013 popular altcoin exchange Vicurex lost $160,000, and Picostocks lost $3 million.
Perhaps the most infamous hack in crypto history so far was Mt. Gox, which lost 850,000 Bitcoins (BTC) worth $480 million. This event precipitated a years long bear market and ruined a tremendous amount of individuals and businesses, since it was the biggest crypto exchange in the world for years leading up to the hack.
One of the most popular altcoin exchanges, Cryptsy, got hacked for $9.5 million in 2014, ruining alot of altcoin traders. Perhaps the most reputable crypto to fiat services for merchants, BitPay, also lost $1.8 million in 2014, and lesser known exchange KipCoin lost $690,000.
After the fall of Mt. Gox, Bitstamp was perhaps the most popular USD-based crypto exchange, and they lost $5 million in 2015. Bter lost $1.75 million in 2015 as well.
In 2016 Bitfinex lost $60 million. Bitfinex actually had another $850 million of funds seized by the government in 2019, which is not technically a hack but just as bad.
Also in 2016 Shapeshift lost $230,000, Gatecoin lost $2.14 million, and Bitcurex lost $1.5 million. In 2017 Bithumb lost $1 million and YouBit lost $5.3 million.
In 2018 Coincheck lost $535 million of NEM tokens and Bitgrail lost $195 million of NANO tokens, with CoinSecure and Coinrail losing $3.3 million and $40 million respectively.
This may not even be all of the crypto exchange hacks in history, but the trend is clear. Any cryptocurrency exchange is at risk of centralized hacking. Even Coinbase, the most trusted cryptocurrency exchange in the United States, was almost hacked in April.
Crypto Exchanges Need To Stop Holding Coins In A Centralized Way
Obviously a solution is needed. There is an arms race between crypto exchanges and hackers, and ultimately it seems no matter how secure a crypto exchange is there will eventually be hackers who can steal from it. This is simply unacceptable, since it is ruining the reputation of the crypto space and wrecking uncountable numbers of individuals and businesses.
Also, these crypto exchange hacks make one of crypto’s main selling points, cryptographic security, seem laughable. When a crypto exchange is hacked it is worse than if a bank or other fiat payment service is hacked. Digital fiat hacks can easily be rewound, but cryptocurrency is immutable and pretty much lost forever if it is stolen.
Essentially, cryptocurrency’s immutability is making digital bank robberies a serious problem in the crypto space, in the sense that a crypto exchange is basically the crypto equivalent of a bank. Unlike a physical bank robbery which requires the thieves to actually be there at the bank and to risk being arrested or killed by the police, any hacker in the world can attempt a ‘crypto bank robbery’ without any imminent threat of being caught.
Basically, the reliance of the crypto space on exchanges which hold coins in a centralized manner, combined with cryptocurrency’s immutability, makes using cryptocurrency less secure than fiat.
The Crypto Space Needs A Compliant ‘DEX’
A solution can be derived from blockchain technology. It is possible for cryptocurrencies to be traded via atomic swaps or multisignature smart contracts, where one party sends a transaction into a smart contract, and then the other party sends a transaction into the smart contract, and then the smart contract executes the trade. If one party does not fulfill the agreement, then the smart contract will send the money back to the other party after a certain time period.
This technology is simple yet highly secure since cryptocurrency remains in the control of each individual user, with no coins held by an exchange in a centralized manner. Therefore, a hacker cannot rob the entire exchange blind all at once.
Indeed, this technology is already in use and is the basis of decentralized exchanges (DEX). Perhaps one of the best examples is the Binance DEX. The Binance DEX runs on the Binance Chain, and all funds are held in user’s wallets and traded via smart contracts, preventing the possibility of a hacker draining the exchange.
The only problem with the Binance DEX, and other DEXs like Bisq, is that they decided to be completely decentralized, making them illegal to use in the United States and dozens of other countries. Although people can still technically use the Binance DEX and Bisq since they are decentralized, they will will never catch on in the mainstream since they are not compliant with the law.
What is needed is a ‘DEX’ that is not completely decentralized, where only cryptocurrencies which are legally allowed in the United States can be traded, and with proper know your customer (KYC) and anti-money laundering (AML) laws so that it can be in full compliance.
This can easily be accomplished with the use of a permissioned blockchain. The point is that all funds will still be controlled completely by users and not stored in a centralized manner, while the exchange itself will have control over what cryptocurrencies are traded and collecting KYC/AML information.
So while this idea would not technically be a DEX, it would use the most important technology that comprises a DEX, which is blockchain-based trading and decentralized crypto storage.
This idea combines the best of both the DEX world and the compliant world, and will allow the mainstream to use cryptocurrency exchanges legally while simultaneously controlling their funds 100% of the time, and with no worry of the exchange going down due to a hack. If this can be accomplished it will increase crypto adoption and save many individuals and businesses in the future.