My Thoughts on the FTX Collapse and a Technical Explanation of Custodianship
The Sordid Details Behind the FTX Downfall
Many deemed last week’s news regarding FTX to be the most shocking turn of events ever within the wild crypto industry. In just under a year, FTX International went from raising $400 million at a $32 billion valuation, to filing for bankruptcy. Sam Bankman-Fried is the founder of crypto exchange, FTX, and quantitative trading firm, Alameda Research. In just one day, Bankman-Fried’s net worth fell from $16 billion to $991 million. The supposed crypto golden-boy, dropped from the top of the industry to a soon-to-be-jailed-pariah.
The story of the unexpected collapse began in July 2022 with Binance, the world’s largest crypto exchange and early investor in FTX, selling its stake in the company. The $2.1 billion deal was done in cash and FTT token, the exchange token for FTX. The separation appeared to be a logical parting of ways for rival firms as FTX had quickly grown to a prominent competitor. In 2021 alone, privately-held, Bahamas-based, FTX reported $388 million in net income, up from $17 million the prior year.
The heat on FTX began to ramp up in early November when a leaked balance sheet of Bankman-Fried’s trading firm, Alameda Research, revealed that the FTT token “dominated” the firm’s assets and the token was used as collateral in its high-risk crypto lending business. While there was nothing inherently illegal with Alameda’s possession of FTT, the situation included to an unusually close relationship between Bankman-Fried’s crypto exchange and trading firm. Appearing to have more information into the relationship, On November 6, Binance CEO Changpeng Zhao revealed his plans to liquidate the firm’s FTT holdings. Zhao tweeted, “due to recent revelations that have come to light, we have decided to liquidate any remaining FTT on our books.” In the following 72 hours, a firesale on FTT caused the value of the token to plummet ~80%.
During this time, FTX was experiencing a major bank run of their exchange as users attempted to withdraw $5 billion of the total $16 billion of customer assets. For FTX, the run on customer withdrawals should not have been a major issue from a liquidity perspective. As quoted in a WSJ article covering the story, “an exchange really shouldn’t have problems getting its customers their deposits,” said Frances Coppola, a U.K.-based economist. “It shouldn’t be doing anything with those assets. They should literally be sitting there so people can use them.” However on November 10, FTX paused customer withdrawals hinting at major liquidity concerns. Then in an investor meeting, Bankman-Fried revealed that “FTX lent billions of dollars [$10 billion] worth of customer assets to fund risky bets” by Alameda Research. Lending customer assets without consent is highly illegal, according to U.S securities law, and directly goes against FTX’s terms of service which state, “none of the Digital Assets in your Account are the property of, or shall or may be loaned to, FTX Trading; FTX Trading does not represent or treat Digital Assets in User’s Accounts as belonging to FTX Trading.”
On November 11, FTX and Alameda Research filed for Chapter 11 Bankruptcy. The story does not end here however, as just one day after, FTX confirmed a hacker stole roughly $473 million in assets. Bankman-Fried also stepped down as CEO and FTX is now under criminal investigation.
My Thoughts on the Collapse: What Does it All Mean for The Crypto Market
Following the collapse of FTX, the crypto market tanked as Bitcoin (BTC) fell 22% over a 7 day period. The price of BTC hit a 2 year low at around $15,700 and the rest of the market followed suit as the entire crypto market cap fell about 10%.
The lack of visibility into centralized exchanges and the failure to protect investors calls directly to the SEC to regulate the crypto industry. In the past, the collapses of the ICO bubble, Voyager Digital, Celsius, 3 Arrows Capital, Blockfi, and now FTX, show similarities to the 2008 financial crisis. At the time, credit default swaps were largely unregulated and the negligent lending policies and lack of clear visibility into banks fueled the crash of the market. Similar to 2008, the lack of visibility into centralized companies calls for regulation and the necessity for the SEC to require audits of centralized exchanges and the necessity to show proof of reserves.
While blockchain is a revolutionary technology with similarities to the invention of the internet, the collapse in investor confidence could have massive ramifications going forward. The upside of investing in cryptocurrency is that the largest pools of capital in the world are still unexposed to the market. The absence of clear policy and a spot crypto ETF leaves hundreds of trillions of dollars of institutional capital on the sidelines. (Total crypto market cap is currently around $800 billion). Clear policy and regulated securities present the opportunity for an allocation of institutional money along with the millions of retail investors waiting for properly regulated crypto securities.
However, I believe that the crypto collapse further postponed industry-wide institutional investment and a spot ETF for the exact reason why FTX was vulnerable. At its core, crypto was meant to be owned by the individual and time and time again, custodial, centralized crypto companies fail to properly protect investors’ assets. While a spot ETF would allow investors to expose themselves to cryptocurrency without needing to hold the asset themselves, the centralized entity offering the ETF would need to overcome the technologically-difficult challenge of storing cryptocurrency. The lack of clear visibility and security challenges presented by this new form of custodianship presents a strong argument for crypto skeptics against short-term recovery. In the long run however, regulation and proper security measures could present the opportunity for the next crypto bull run.
The Problem With Cryptocurrency is the Same Reason It Has Value
So you may be wondering: why was FTX able to manipulate customer funds, how were hundreds of millions of dollars stolen, and what does it mean to own crypto in the first place? Well the problem with cryptocurrency is the same reason it has value. Tokens are the first form of fully digital property in which users have sole possession over their assets. Owning a token on a blockchain network is extremely different from storing digital funds in a bank. When a user deposits funds in a bank, the user is beholden to the central intermediary that controls the system. Banks could refuse customer withdrawals or lend user funds to other parties. Cryptocurrency is valuable because on a blockchain network, ownership of tokens is controlled solely by the user and is not beholden to any central authority.
On a technical level, owning cryptocurrency is a revolutionary mathematical advancement that can be difficult to fully comprehend. At its core, a blockchain is a digital ledger that tracks transfers of tokens between blockchain addresses (wallets). The blockchain is maintained by a network of validators, independently owned computers that keep track of and update the state of the system. These independent actors each store a copy of the ledger and constantly communicate to synchronize the records they have stored. Blockchains utilize consensus protocols consisting of mathematical proofs to ensure the validity of the ledger and that the bad intentions of anonymous network participants do not affect the network. This allows blockchains to store public, verifiable, immutable information without relying upon a central authority to maintain/update the state of the network.
Although tokens are simply data, owning cryptocurrency is not the same as storing data on a traditional server. Crypto assets are not stored on your computer or some central location, in fact the data that is a token is not stored in any singular server. Rather, the data stored on each individual copy of the ledger is simply the history of token transfers between blockchain addresses. Ownership of cryptocurrency is simply when a token was last transacted to a particular blockchain address and an individual has the necessary ‘key’ to control that address. This implies that ownership is individualistic and directly tied to controlling this ‘key’.
This mechanism of ownership is dictated by a form of public, private key encryption known as Elliptic Curve Cryptography. Whenever a new blockchain address is instantiated, a cryptographically generated 256-bit number known as the private key is created in association with that address. This key functions similarly to a password and allows the owner to be the sole possessor of their blockchain address as the only way to transact tokens is to know the private key.
Further detail into the mathematics of how private keys prove ownership of blockchain addresses is explained in the addendum of this article, but for now, the important point of note is that this mechanism of owning digital property through a private key is an entirely foreign concept. Since tokens are not stored in any singular location and thus not beholden to the authority of a centralized entity, users can now indisputably own digital property (tokens). On social media networks, banking systems, and video game platforms, user data is not owned by the individual. Instead, the central authority that controls the network has the ability to manipulate the user’s property. Blockchains allows users to immutably own data without the chance of manipulation because there is no single owner of the network. However, the downsides of this system is that user’s are solely responsible for protecting their funds. Private keys need to be stored in secure, offline environments because exposure of this information will allow a malicious actor to falsely authenticate transactions and control one’s blockchain address.
So How Was FTX Vulnerable
Crypto exchanges like FTX, Coinbase, Binance, Kraken, Gemini, etc, essentially act like commercial banks. Although the main business of these centralized exchanges is to allow users to buy/sell assets, these platforms are similar to banks in that they store user’s funds. This presents an extremely difficult technological challenge to securely store customer’s private keys.
Unlike fraudulent banking transactions, blockchain transactions are irreversible. If your bank account was compromised and a malicious actor paid themselves thousands of dollars via a credit card, you could simply call your bank who could theoretically take steps to revert the transaction. Additionally, FDIC provides depositors up to $250,000 in insurance. In cryptocurrency transactions, there is no intermediary to revert fraudulent activity. If the private key of one’s blockchain address is compromised by a malicious actor, that malicious actor can now authenticate transactions on behalf of that address.
In the case of FTX, the exchange was storing private keys on behalf of customers. Having this information available, Bankman-Fried had the ability to do whatever he wanted with user’s assets. Furthermore, regarding the FTX hack, an individual must have infiltrated the company’s storage to gain access to customers’ private keys. With this sensitive information, the hacker would be able to generate transactions on behalf of those blockchain addresses and send themselves millions of dollars.
So How Do Centralized Exchanges Store Your Private Keys
Like storing any other form of sensitive data, the good crypto exchanges store your private keys in encrypted, offline storage. According to Coinbase, the company stores over “98% of assets offline in secure, guarded cold storage facilities” (by assets, Coinbase is implying private keys). In theory, offline storage prevents web-based vulnerabilities since the storage is not exposed to the internet like traditional cloud data. However, the exchanges themselves are connected to the internet amongst other bridges to offline storage which presents opportunities for hackers.
The Dilemma of Ownership and Safe Private Key Storage
The original design of blockchain was intended so that individuals are the sole possessors of their assets. Private keys were not meant to be stored in a central server by a crypto exchange or government organization. The dilemma however is self-custodianship is a technological challenge and much like the early days of the internet, the new technology is difficult for users to work with. Exchanges like Coinbase are well-intentioned in that they aim to lower the technological barriers to entry by providing a Web 2 interface for Web 3. Signing up for a centralized exchange trades in the necessity to store your private key for a traditional username/password system.
In crypto, secure forms of ownership are individualistic and many products on the market offer this freedom. The two must-haves in any crypto wallet are the following.
1. The wallet must be “non-custodial”
Non-custodial implies that the creator of the wallet does not store the private keys for you. Instead, storing the private key in a secure manner is up to the individual.
2. The wallet must be “cold”.
A cold wallet, as opposed to a hot wallet, implies that the private key is stored in an offline environment. This prevents the key from being exposed to web-based vulnerabilities. Cold-storage wallets are capable of sending transactions to the blockchain without the private key ever needing to leave the safety of the cold storage.
The majority of wallets today that meet these two criteria are known as hardware wallets. These devices are essentially super-USBs and store the private key in an encrypted, offline environment. They allow users to ensure the security of their private key while still being able to engage in the Web 3 ecosystem. Prominent examples of hardware wallets are Ledger, Trezor, and NGrave.
Addendum — The Mathematics Behind Crypto Transactions
A quick warning, this section gets extremely technical. It is best to have an elementary understanding of how the blockchain works before reading. This Bloomberg article is an excellent primer on blockchain technology. With that forewarning out of the way, let’s dive into how private keys allow individuals to be the sole possessors of their assets.
Arbitrary variables for ‘from’ and ‘to’ address:
address A = 3685cf9da3eb23c3c82c23cde008b30e6b822fb2ccfe5a27c1ac596bc99450fd:27
address B = 1FWQiwK27EnGXb6BiBMRLJvunJQZZPMcGdIn the Ethereum transaction above, address A sent 0.14367159 BTC to address B. The large alphanumeric strings you see assigned to the variable address A and address B are blockchain addresses. These strings are completely unique and function as the ‘username’ of the wallet. The blockchain address is also ‘essentially’ a shortened version of what is known as a public key. The public key is a large alphanumeric string that is mathematically derived from the private key. More specifically, the public key is derived by inputting the private key into a specific, one-way, cryptographic function. The reason why a shortened-version of the public key (blockchain address) is used as the ‘username’ of the wallet is to make the tag easier to read. However, it is appropriate to think of a blockchain address as essentially the public key.
Wallet Generation
When blockchain address A was instantiated, the first step was to generate the private key. Using a random number generator, Ethereum software selects a number from the set [1, 2^256]. 2^256 is an incredibly large number with the beginning of its pronunciation being 115 quattuorvigintillion. The private key, call it k (integer), is inserted into the equation, K = k * G, where G is a generator point of the form (x,y). The output is a unique K, of the form (x,y), in which just one of the coordinates in the (x,y) pair is then assigned to the public key establishing the public, private key pairing.
The critical aspect of the equation, K = k * G, however, is that it’s __not__ typical multiplication. Rather, the operation ‘*’ is known as elliptic curve point multiplication. This one-way (irreversible) operation is done over the specific curve: y ² = ( x³ + 7 ) over the field of prime numbers ( 𝔽 p ). While the entire explanation of why elliptic curve multiplication is irreversible, is out of scope for this article (full explanation: here), it is a critical aspect of cryptography. The significance of using an irreversible function to generate the public, private key pairing is that this allows for the public key (output of the function) to be confidently used as the public blockchain address without the fear of a private key (input) being easily inferrable.
Side Note on Irreversibility
If you want to better understand irreversibility, take a look at another irreversible function, Modular arithmetic. It is defined: r = x mod n, where r = the remainder of x divided by n. (e.g: 10 mod 3 = the remainder of 10/3, which equals 1) or (e.g — 14 mod 2 = the remainder of 14/2, which equals 0). Modular arithmetic is irreversible since given an output, there is no mathematical operation/algorithm to solve for the input besides guess and check. For example, take the function: r = x mod 3. If I were to tell you that “r=1”, then there would be no way to determine the exact value of x. The value of x could be 4, 7, 10, 13, and so on to infinity. (4 mod 3 = 1, 7 mod 3 = 1, 10 mod 3 = 1). This is significant because imagine if the equation was instead PubKey = PrivKey mod 3. The PubKey variable can be used as a ‘username’ of a wallet and thus exposed to anyone, and the PrivKey variable ‘secret key’ would not be inferrable. While Elliptic curve cryptography is much more complex than modular arithmetic, the property of irreversibility similarly holds.
Transactions
So now that we have established wallet generation and the process of creating a public, private key pairing, the intuitive question is how does this cryptographic encryption mechanism enable transactions without a central intermediary managing the transfer? The process is similar to going to a bank and transferring funds to another party. In order to do so, the bank would need to verify that you are in fact the owner of the sending account and are approving the transaction to send funds to the recipient account. In a crypto transaction, these same criteria are satisfied by a mathematical proof. More specifically, the owner of a blockchain address (public key) can propose a new transaction by using the private key to cryptographically prove they are in fact the owner of the wallet.
When a new transaction is proposed to the network, the request must contain a transaction message (ie: ‘address 1 paid address 2 x amount’) and a digital signature. A digital signature for a specific public key is the given output when inputting the private key into a ECDSA, a specific cryptographic function. The digital signature serves as a mathematical proof since it can only be created by using the private key. Thus, whenever a transaction is accompanied by a digital signature, it is possible to verify that the individual who proposed the new transaction does in fact know the private key and has approved the new transfer of funds.
An overview of the process is shown in the graphic below (ignore SHA-256 for now), but essentially, a transaction message (ie: Person A paid Person B 3 Bitcoin) is encrypted by using the private key in the ECDSA equation to generate a digital signature.
This transaction is thus verifiable since anyone can prove the transaction’s validity by calculating two results. 1. The result of running SHA-256 on the transaction message. 2. Decrypting the digital signature using the public key. If these two results match, then the verifier can mathematically prove the individual who created the digital signature owns the private key without the individual ever needing to expose the private key itself.
Let’s walk through the process in a little more detail through an example. First, we will generate an example public, private key pairing with elliptic curve multiplication (points along curve)
For simplicity, we will now refer to the public key as ‘Person A’. Now that we have the public, private key pairing for our blockchain address, the first step in the transaction process is to run the transaction message through SHA-256. SHA-256 is a hashing function, which is defined as a “mathematical process that takes input data of any size, performs an operation on it, and returns output data of a fixed size.” Hash functions are a peculiar mathematical phenomena in which the input is extremely hard to guess from the output. This is because the output is always of fixed length and is pseudorandom compared to the input.
Notice the difference between the two hashes below.
Despite the messages only differing by the casing of ‘B’, the outputs are extremely different. This property is critical during the verification process as it ensures that the original message is not manipulated in any way. If the transaction was not hashed, an individual could simply change the transaction message to say something else after the digital signature is created, and the verification of the transaction would still hold.
Now that we have the public, private key pairing and the hashed message, the next step is to generate the digital signature. The hashed message and private key are plugged into the cryptographic function, ECDSA signing algorithm: signature = k^(-1)∗ (hash+r∗privKey) (mod n)
[ignore k and r, essentially random-generated numbers with a little more math involved]
Below is an example signature:
The ‘signature value’ was generated by taking the message, running SHA-256, then plugging the value of the hashed message, private key, k, and r, into the ECDSA signing algorithm.
Now the transaction is ready to be submitted to the network and the data will specifically include 1. the original transaction message and 2. the digital signature.
In order to verify the validity of the transaction and that person A is in fact the owner of the private key, one could run the ECDSA verification algorithm. This process decrypts the digital signature using the public key and compares that result to the output of running the transaction message through SHA-256.
Result 1 — Hashed Message, ie: SHA-256 on ‘Person A paid Person B 3 Bitcoin’
Result 1 = be188d100d77c431def6911727ea6f98336c0142bbddca7845af6cc76b40648dResult 2 — ECDSA Verification Algorithm (Process of decrypting digital signature using public key)
Digital Signature = 304502200f12a3f9a82f4da2a78a55f22d3549262093a4b52897279ce94749d6f9f6d615022100ce2366ddc086d81f05b416c8ce2d1ecea73bb0fd8afe59dab2e3c10031e2a34d
s1 = digital signature-1 (mod 257)
R' = (hash * s1) * G + (r * s1) * pubKey
Result 2 = x coordinate of R
Result 2 = be188d100d77c431def6911727ea6f98336c0142bbddca7845af6cc76b40648dNotice that Result 1 == Result 2, and from this information, one could mathematically verify that the initiator of the transaction does in fact know the private key and is thus the wallet owner.
New to trading? Try crypto trading bots or copy trading
