The FTX (FTT-USD) failure has again shown crypto remains exceptionally vulnerable to strange failures, generally affecting crypto exchanges.
These failures - usually attributed to hacking - typically produce very large losses for customers, as well as lead to renewed distrust in crypto in general, and Bitcoin (BTC-USD), the best-known crypto, in particular. Calls for more regulation are typical, at this point.
Today’s article is about a lesson which the FTX collapse allowed us to learn, or perhaps re-learn, which fully applies to Bitcoin.
This is something many “investors” in Bitcoin fail to understand.
The belief in Bitcoin’s (and other cryptos') resilience to direct attacks on the blockchain, clouds the obvious fact that the blockchain itself serves as nothing but a master/omnibus account when it comes to a crypto exchange or broker.
In this sense, crypto exchanges aren’t different from regular banks, brokers or exchanges. These, too, don’t really keep 1 account per customer when it comes to depositor or investor assets. Instead, for instance at the central bank, the bank will have just one account. And the broker will equally have just one account at a securities depository, or at the exchange. Then, internally, a broker divides its assets present in these aggregate (master/omnibus) accounts by using an internal book-keeping system to establish how much of the asset each customer owns.
It's the exact same with a crypto exchange. On the blockchain (per each cryptocurrency), the crypto exchange will keep just 1 or a few addresses where all the crypto will be stored. Then, an internal book-keeping system will divide this aggregate between customers.
Since assets are kept concentrated in one (or few) places, regular banks and brokers have to be extraordinarily cautious regarding the security of the access to this place (as well as the internal book-keeping).
Indeed, no one executive will be able to tamper or move assets recklessly both within the bookkeeping system, or from the master account. Systems will be in place to, at all times, verify the consistency of the aggregate assets implied by the internal book-keeping system, and the value held on master accounts. No executive will have the power to move assets quickly and in large chunks, and no unjustified (not consistent between the ledgers) movement of assets will be possible silently.
Cryptos are different:
Instead, a person just has to sign a transaction with the required keys, and immediately the exchange wallets will be breached, and the transaction will go through with nothing and no one being able to censor it.
Of course, like with regular financial institutions, it will be possible for the crypto-holding institution to immediately realize an accounting inconsistency emerged between the value held in its master accounts, and the one implied by its internal bookkeeping. Unfortunately, even in the case such alarm uncovers trouble, the trouble will already be irreversible (a characteristic of Bitcoin and most other cryptos – transactions cannot be reversed or censored).
This, for all purposes, means that any institution holding crypto will always be unsafe. There are no possible safeguards for this structural vulnerability.
This is a corollary which results from the previous observation.
Without looking – it’s doubtful FTX transferred cash or cryptos to Alameda.
It’s much more likely FTX bought stablecoins (with the cash) and shared keys with Alameda. As well as shared keys regarding various master crypto accounts. The money wouldn’t move (in a suspicious way), so no third parties would thus be warned. Ownership would just be a book entry. Internally, there could be warnings – but those were suppressed, as per Reuters (bold is mine):
In a subsequent examination, FTX legal and finance teams also learned that Bankman-Fried implemented what the two people described as a "backdoor" in FTX's book-keeping system, which was built using bespoke software.
They said the "backdoor" allowed Bankman-Fried to execute commands that could alter the company's financial records without alerting other people, including external auditors. This set-up meant that the movement of the $10 billion in funds to Alameda did not trigger internal compliance or accounting red flags at FTX, they said.
In his text message to Reuters, Bankman-Fried denied implementing a "backdoor".
This kind of action is possible because generally, in crypto, there is no ownership nexus. He who has the keys, controls the crypto but doesn’t really own it. He’s just able to move it. And if 2 (or more) institutions have the keys to a given crypto address, then they both can move this crypto and act as its owners. How they report ownership of the underlying crypto at any given time is entirely arbitrary. How they chose to move it to “somewhere else” at any given time is also entirely arbitrary (but will raise red flags internally in the unaware institution, as explained).
In the presence of a misdealing actor, this is a tremendous hole in crypto security. The misdealing actor will single-handedly, and without possibility of censorship, be able to move assets away from any of his controlled (or even not controlled, as long as they were controlled in the past) institutions at ease. This risk probably expressed itself both during the time FTX and Alameda were seen as viable, legitimate entities, and after that time (during the supposed hacking).
Notice how this differs from common banking. In common banking, each account has an ownership nexus. 2 different institutions will not be able to claim ownership of the same master account. And to transfer assets from the account of one institution to the account of another will require the agreement of those with the power to commit the institution, leave a paper trail, and be subjected to scrutiny. The financial institution holding one or both accounts (for customers) might even suspect the activity taking place and interrupt it to conduct further scrutiny. The risk for someone trying to compromise a crypto-holding institution is thus many orders of magnitude higher, due to this structural difference.
Finally, even if an illicit transaction takes place at a regular institution, there's still a good chance to reverse it. Such isn't possible with Bitcoin.
The flaw I described, and which must have been taken advantage widely in the context of the FTX collapse, cannot be solved by regulation. The most regulation can do is to be extremely strict regarding internal controls up to and including the internal warning system.
But crucially, there is no possible system or regulation which can prevent or reverse a master account from being abused from anywhere in the world, just as long as the keys to the master account are known to someone wanting to compromise them. This is structural to Bitcoin and most of crypto in general. It is so by design.
Hence, regulators, when it comes to crypto, will always be handicapped. This is unlike the present financial system, where checks and balances can keep control of most catastrophic attempted transactions, or reverse them after the fact. Indeed, the one common fraud within the financial system is typically slow – it mostly consists of making uneconomic loans to “friendly” customers. This can over time collapse an institution, but it will tend to:
Anyway, the central point is:
Crypto fans will immediately say that none of this applies if you just keep your crypto with yourself. Which is true, the vulnerabilities I talk about are present in the crypto ecosystem as a whole, not on the underlying blockchains. It’s very hard to take your crypto if you don’t have it deposited somewhere.
However, at the same time, it's wildly unpractical to hold crypto yourself. Besides the opportunity to lose it forever just because you lose the key, there’s also the fact that crypto is crazily unpractical.
For investors, which is what this argument concerns itself about, there’s simply no practical way to trade in and out of your crypto without putting it into an exchange, which is where liquidity for trading exists. Hence, there’s no solution here either.
Already, we know that FTX used customer funds which ought to have been segregated, to be loaned out to Alameda, which proceeded in some form to lose them. We also know that FTX did this in a covert way. These seem the main wrongdoings within the collapse.
However, I’ll immediately put forth that further wrongdoing is going to be disclosed. From observing the “haphazard” FTX Balance Sheet volunteered by SBF to which the Financial Times had access, I conclude the following:
Yet, there is no meaningful BTC or ETH on the asset side. It thus follows that it wasn’t just customers’ cash funds which might have been abused. Even the customers’ crypto assets were abused. This is yet to be disclosed in the news (though it is implied by the leaked balance sheets). Indeed, given what’s on the asset side (mostly obscure FTX-linked tokens), I’ll go as far as to say that nearly all customer assets (not just cash) are gone.
It also follows that in abusing customer crypto assets, the exchange had to keep a diverging accounting of those assets on the client-facing interface. Or else, the customers would think their assets still existed, which they didn’t. This is part of the “backdoor” we earlier talked about.
It’s immediately evident that if customers face losses, then other creditors and investors will be entirely wiped out.
However, from the leaked FTX balance sheet, it’s also immediately obvious that very large losses are coming to the customers / depositors as well. Initially the reports put this shortfall at $1-$2 billion, but there’s reason to believe the shortfall is much larger. Let me explain why:
This article leads to the following conclusions and predictions:
