A Japanese cryptocurrency exchange, Zaif, experienced a momentary software glitch in mid-February that allowed to buy Bitcoins for nothing at all — and one enterprising buyer tried to make off with $20 trillion worth.
Much like stock traders who place “stink bets” of nearly zero on volatile stocks, hoping for a flash crash to accidently reward them, the alert buyer snatched up the coins and tried to sell them just minutes later at a huge profit.
The software problem lasted just 20 minutes on Feb. 16. The the exchange quickly reset customer accounts and issued a statement.
“The glitch was not systematic and there was never any risk that clients would lose their funds or that bad actors would steal funds or get something for nothing,” Zaif parent company Tech Bureau Corp said.
That statement contradicted reports by several of competitors of Zaif that argued the glitch could have easily resulted in the looting of the exchange as well as possibly put the entire Bitcoin ecosystem at risk.
It’s not clear if the individual who bought and tried to sell the $20 trillion worth of Bitcoins will be prosecuted or if it’s even a crime in Japan.
In all, seven customers bought cryptocurrencies for free during the glitch. All the funds have been recovered, except for one client who tried to transfer funds to another exchange.
Other exchanges froze transactions from Zaif, affecting up to 100,000 users, though Zaif says the numbers are much lower.
The timing of the problem is bad. Japan is considering increasing regulations on exchanges and limiting crypto speculation and hacking.
Coincheck, another Japanese exchange, recently had more than a half-billion worth of NEM stolen. It was converted on the dark web by offering a 15% discount to purchasers. The coin immediately lost value on the hack news.
Safeguards
Though the Zaif issue wasn’t a hack per se, and the Bitcoin market much more robust than NEM’s, it does raise concern that Bitcoin and other cryptocurrency trading platforms often lack basic technical safeguards that would allow them to go mainstream.
In Japan, the country’s primary financial regulator, the Financial Services Agency (FSA), made a series of unannounced visits at exchanges on soon after the Zaif glitch, in order to inspect security safeguards.
Whether government regulators even know enough about cryptos to protect consumers is a matter of debate.
Reuters cites unnamed sources that 16 exchanges are making the move to self-regulate and will cooperate with the Japanese government and law enforcement to verify compliance.
The sources said a plan to merge two existing groups — the Japan Cryptocurrency Business Association and Japan Blockchain Association — could not be agreed upon, and that the exchanges had opted to form a new organization that would be registered with the FSA.
Since September 2017, following new legislation, the FSA issued licenses to some of the country’s crypto exchanges while other smaller exchange were allowed to keep on functioning on a provisional basis.
Privately, an FSA official said that if there is another large hack of cryptocurrency exchanges then the agency will have no choice but to tighten the license process to exclude smaller companies that cannot guarantee compliance and security.