Hackers recently stole $530 million from a cryptocurrency exchange in Japan. This wasn’t the first exchange to suffer that fate.
The biggest theft before that was the $400 million theft from another exchange based in Japan, Mt. Gox. Bloomberg reports smaller attacks cumulatively have cost cryptocurrency investors more than $1.2 billion.
Hackers often target a weak link in the cryptocurrency marketplace — wallets on exchanges held for individual investors.
The wallet is where customers store private keys that unlock their funds. Wallets are similar to account statements that track transactions and changes in the account value.
Many exchanges make wallets a central part of the transaction process. But a collection of wallets on the web is an alluring target for hackers.
Experts recognize the vulnerability of wallets. Many also understand a potential solution.
David Shin, president of the Asia Fintech Society in Singapore, called the latest crypto theft “more evidence that the crypto-infrastructure should move away from centralized custody-type exchanges to decentralized exchanges where the need to have a middleman function is no longer necessary.”
Work is already underway to create decentralized exchanges.
Decentralized exchanges transfer the responsibility of securing wallets to individual traders.
When a trader wants to buy or sell, the decentralized exchange uses a search engine to find someone to take the other side of the trade.
This might sound familiar to investors. It’s the same type of process large investment funds use to trade stock in dark pools.
Anonymous dark pools allow traders to place large orders without creating rumors about who’s buying or selling. That helps prevent trades from turning into market-moving events.
Smart contracts offer safeguards to ensure all transactions are completed at the agreed-upon terms. Decentralized exchanges are secure because there isn’t an attractive target of thousands of wallets in a single location.
One new system, called AirSwap, is being developed by Michael Oved, an engineer who helped create systems for the high frequency trading firm, Virtu Financial.
When Virtu went public, it was revealed they had lost money on just one day from 2009 to 2014.
Competitors include Radar Relay, which processed nearly $40 million in transactions last month, and ShapeShift, which is processing up to 35,000 trades a day.
ShapeShift has been hacked. But there’s good news. The hackers didn’t get anything,
“It was a very good use case to tell our customers, ‘Hey we were hacked, and it didn’t affect any of you,’” a company spokesperson told Bloomberg.