Coincheck hacking and what it says about NEM

Last week, the cryptocurrency world was shocked with the news that 534 million US dollars worth of XEMs were stolen due to a hack attack on Coincheck, one of Japan’s largest cryptocurrency exchanges.

It has to be clear that though XEM is the only cryptocurrency that was stolen, it was Coincheck that was hacked and not NEM. The problem was with Coincheck, not with NEM. Despite this, NEM is helping out by leveraging its decentralized API to provide support to the NEM community and its investors in this unfortunate incident.

Low Security Exchange, Secured Blockchain

The exact details of the hacking are still unclear, but what is known is that it was because Coincheck stored its XEMs in a low-security hot wallet. They neither used a cold wallet nor the more secured NEM’s Multisignature (Multisig) feature.

What are hot wallets? Simply put, they are wallets that are connected to the internet. Hence, these wallets, if they hold large sums of coins, become vulnerable to hacking. This is tantamount to carrying large amount of money in person.

Cold wallets, on the other hand, are wallets that are stored in external devices such as USB drives or external hard drives. This allows the coins to be stored offline. These devices must be properly secured in a safe box or vault.

NEM’s Multisig wallet meanwhile is a unique option/feature that NEM pioneered. The way it works is that it uses multiple keys from other signing accounts to transact XEM. This means that if a person loses his/her wallet through a hack, no XEM can be transacted unless another wallet signs it. This Multisig feature allows community-held funds, such as that of Coincheck’s, to be protected since the majority of designated users should agree before any transaction. This is why even if Coincheck representatives insisted that their “security standards were not low,” the absence of this Multisig protection proves otherwise.

The Unlikely Solution

To some, the only solution to return the stolen XEMs is to execute a hard fork. In simple terms, a hard fork is the splitting of a single cryptocurrency into two. The idea is that this will somehow modify or reset the system in order to avoid the hacking.

In the case of Coincheck’s hacking, this is not an option. Why? Simply because it was not NEM’s fault. It was a security breach caused by weak security measures of Coincheck. If it was the fault of the NEM blockchain, a hard fork could have been performed.

As Lon Wong, the President of NEM.io Foundation, firmly states:

“As far as NEM is concerned, tech is intact. We are not forking. Also, we would advise all exchanges to make use of our Multisignature smart contract which is among the best in the landscape. Coincheck didn’t use them and that’s why they were hacked. They were very relaxed with their security measures.”

The bottomline is that the Coincheck incident was a hot wallet vulnerability and it did not, in any way, impact the NEM blockchain security. The decentralized NEM protocol remains to be highly secured and is performing exactly as designed.

The Ray of Hope

The Coincheck hack is indeed a troublesome incident. But a ray of hope pierces this dark cloud. NEM, being a true decentralized blockchain, is already closely monitoring the situation through its decentralized API. It has immediately developed a system that would trace and at the same time prohibit the transaction of the stolen funds.

NEM created an automated tagging system that will trace the stolen coins and will mark the stolen funds as tainted funds. This will allow the cryptocurrency exchanges to easily verify if the stolen XEMs are withdrawn or deposited to regulated trading platforms. This will make the conversion of the stolen XEMs to other cryptocurrencies such as Bitcoin or Ethereum or to the fiat currencies such as the US dollar extremely difficult, if not impossible. As long as those funds are off public exchanges they will be very difficult to liquidate, especially in large amounts.

The True Value

Practically, NEM did not need to develop this automated tagging system because the stolen funds could still have circulated around the NEM blockchain network even if they are not recovered. But as a matter of principle, NEM did.

This speaks of volumes of what NEM really is. How it responded to the biggest theft in the history of cryptocurrency since the infamous Mt. Gox collapsed in 2014 highlights its 100% commitment to the safety and security of the NEM community. What can truly be seen in this crisis is that NEM endeavors to protect what are truly valuable — its principle and its community.

NEM’s voluntary provision of a solution to a tremendously serious problem is a statement that it is more than just a cryptocurrency whose value is based on demand, transaction frequency, and innovation. What makes NEM even more admirable is it knows how to place importance in its true value: the NEM community and its investors — the real people in NEM’s peer-to-peer blockchain network.