The digital asset community has been shocked by the news that another exchange has gone down, potentially taking $190m of investors’ funds with it. This kind of event simply should not be happening at this stage of the industry’s development, and certainly not with the situation as suspicious as it is with QuadrigaCX.
Picking apart such catastrophes, exit scams and general misbehaviour, common themes emerge. The good news is that the root causes are, right now, completely solvable. However customers (that’s you!) need to start loudly demanding solutions by voting with your wallets. Existing exchanges — especially those with something to hide — have too much to gain from continuing to bend the rules.
Some repeating root causes:
- Hot wallets, improperly secured
- Cold wallets, improperly backed up
- All operations are internal and/or no multisig is used
- Client and operator assets are commingled
- No ability or desire to offer independent proof of full collateralisation
These are all solved in the traditional (highly regulated) financial world by the use of custodians and to a lesser degree, central clearing houses. (See this very readable article for more details about how it all ended up like this!) In crypto you can solve all of the problems listed above in one simple stroke: use an independent fully insured custodian to hold your customer funds.
A traditional exchange’s main business is not holding assets, after all. The exchange exists to facilitate buyers and sellers in their efforts to find each other and execute trades efficiently. Any exchange could quite easily white-label or even openly outsource custody to a third party. An openly outsourced solution makes a great deal of sense as it can be a next step towards a functioning free market for custodial services, with the consumer empowered to make a choice. However to begin with, we expect that many exchanges will prefer to white label.
An exchange using a custodial solution can choose to have broadly similar workflows as they do now, albeit with far fewer staff requirements. However they’ll additionally have insurance against external and internal theft, they’ll have segregated customer and operational balances, and perhaps most importantly, they’ll be able to prove it all to their customers. They’ll have trust.
(If you’re running an exchange, come speak to us! MetaVault is one of the very few custodians with insured capacity sufficient to support large institutions, and the operational speed to support good customer UX on withdrawals.)
It’s time to get serious. There should never be another QuadrigaCX.