The crypto tracking system will keep a record of transaction history, gather information on transactions, and verify the origin of funds both before and after transfers.
The South Korean Ministry of Justice plans to launch a “Virtual Currency Tracking System” to combat money laundering and recover funds tied to criminal activities. This system will monitor transaction history, gather transaction information, and check the origin of funds before and after the remittance.
Regulators in South Korea are also cracking down on the broader crypto industry, recently investigating exchanges for native token listings and excluding global crypto exchanges from plans for third-party digital exchanges in the city of Busan.
The tracking system will be rolled out in H1 2023, and the ministry intends to develop its own tracking and analysis system later in the year. The aim is to improve the forensic infrastructure and conform to international standards in the fight against crime. The South Korean police have previously partnered with five local crypto exchanges to support criminal probes and foster a secure trading environment for crypto investors.
According to the press statement, the system is set to improve the forensic infrastructure and to come into aid in building a criminal justice system at international standards. All of this is needed to combat the level of sophistication that digital crime has reached over recent years, especially in regard to cryptocurrencies.
Police in South Korea has already established an agreement with local crypto exchanges that fight against digital crime and try to create a secure trading environment for crypto investors.
South Korea is harsh on crypto exchanges
The South Korean Supreme Court declared that Bithumb, a crypto exchange, must compensate investors for a 1.5-hour service disruption that happened on Nov. 12, 2017. The final ruling mandates that damages from $6 to $6,400 be paid to 132 affected investors. The total damages to be paid by the exchange rise up to $202,400 (251.4 million won).
The court stated that the operator, not the users who pay commissions, should bear the responsibility and cost of technical failures.
Bithumb is South Korea’s largest exchange and was temporarily impacted by a sudden doubling of average order volume. The exchange is facing ongoing investigations, including a special tax probe and a fraud case against a former chair.
South Korean government reacts to the Terra collapse
South Korean authorities are still investigating and confiscating assets related to the Terra ecosystem over six months after its collapse. In November, 140 billion won ($108 million) was seized from Terra co-founder Shin Hyun-Seong, and now, the Seoul Southern District Court has ordered to freeze of 120 billion won ($92 million) in assets of former and current CEOs of Terraform Labs’ affiliate Kernel Labs. The news was reported on Dec. 20 by The Korea Economic Daily.
Kernel Labs is a blockchain consultancy founded in 2018, specializing in decentralized apps and blockchain payments. It has close ties to Terraform Labs, with its CEO previously serving as VP of Engineering there and some employees having worked at Terraform’s South Korean office. The Seoul Southern District Court has seized 120 billion won ($92 million) in assets from Kernel Labs’ former and current CEOs as part of its ongoing investigation into the collapse of the Terra ecosystem. The court also accepted the prosecution’s request to confiscate assets from 7 individuals involved in profiting from the sale of pre-issued Terra tokens.
The CEO of Kernel Labs, Kim Hyun-Joong, is among those targeted in the Terra case, with prosecutors alleging he made illegal gains of at least $61 million. Another executive of Kernel Labs, a former CEO, is believed to have received $31 million in illegal proceeds. Kim reportedly made several real estate purchases in South Korea in 2021, including a $27 million building in the upscale neighborhood of Gangnam-gu and a $7 million apartment in Seongdong-gu.
The Terra case continues as global authorities search for Terraform Labs’ CEO, Do Kwon, who is believed to have fled to Serbia after leaving Singapore.
The Terra collapse has been one of the biggest impactful events in the crypto market in 2022. Its algorithmic stablecoin, TerraUSD Classic (USTC), was once among the top 10 cryptocurrencies but lost its dollar peg in May. This led to a chain reaction in crypto markets, resulting in major liquidations and instability, hitting hard the crypto lending sector.
After the 2022 crypto collapses, the Thai securities regulator now requires crypto custodians and exchanges to have a contingency plan. The DeFi sector is increasing its TVL, and this expansion needs to assure clients of the safety of their funds.
New rules are being introduced by the Securities and Exchange Commission of Thailand to protect crypto investors.
As of January 17, 2023, the Thai SEC published regulations requiring virtual asset service providers to create a digital wallet management platform to ensure efficient custody of digital assets. These new rules are directed at crypto custodians, or virtual assets service providers (VASPs), that offer crypto storage services.
Three major requirements are included in the regulations, including creating policies and guidelines to oversee the risk management of private keys and digital wallets. VASPs must communicate with regulators about such policies and provide action plans to ensure compliance.
The Thai SEC also requested that crypto custodians create policies and procedures to manage digital wallets and keys. The SEC will require crypto custodians to create a contingency plan for any unforeseen events that could affect the wallet management system.
The SEC added that this included testing and drafting action procedures, assigning responsible persons, and reporting on the event.
Suppose an event affects the security of digital assets in custody. In that case, an system security audit and a digital forensic investigation must be conducted to assess the potential impact on client assets.
According to the announcement, the regulations regarding crypto custodians will take effect on January 16, 2023. These custodians must comply with all requirements within six months of that date.
The recent crypto regulations by Thailand’s SEC align with the authority’s efforts to implement stricter regulations. This comes in the wake of industry incidents such as the collapse of FTX. In early January, the authority reportedly began a new investigation against a local crypto exchange. Zipmex was accused of providing digital asset fund management services without proper authorization.
Such policies are important since more money is poured into crypto. Experts are calling this amount the Total Value Locked (TVL).
What is the Total Value Locked (TVL)?
Financial market experts have begun to accept the new type of investment that decentralized finance (DeFi) and have explored ways to measure its performance.
Since the rise of decentralized finance (DeFi) in 2020, financial experts have been exploring new ways to evaluate its performance. In addition to market capitalization, trading volume, and total and circulating supply, total value locked (TVL) is a popular crypto indicator. DeFi investors use it for assessing the overall value of assets, usually in USD. This estimate may be used across all DeFi protocols or in a single DeFi project.
For example, TVL in staking is particularly useful for investors looking to support the DeFi platforms with the highest rewards. It is the total value locked in the DeFi staking protocols and represents the amount of assets deposited by liquidity providers. In 2022, TVL reached nearly $2 billion globally, growing from $400 million in the previous two years. Having this sum of money in a vastly unregulated industry is becoming a risk.
TVL has become a crucial metric for investors looking to assess if the entire ecosystem or a single protocol is healthy and worth investing in.
The value of TVL value is affected by many other factors than withdrawals, deposits, and the actual amount that a protocol holds. The TVL changes with the value of either the native token or fiat currency. Some protocols may deposit funds in native tokens, so their TVL can vary with their value. The protocol’s TVL will also increase in value if a token is acquired.
Most DeFi apps are not regulated
The growth of DeFi has been substantial in 2021. But it still remains relatively small compared to the overall crypto-asset market capitalization. The TVL of the DeFi sector rose from around 18 billion EUR in January 2021 to over 240 billion EUR by the end of December 2021.
Currently, many DeFi platforms provide financial services in a non-compliant manner, exposing participants and the market to significant risks. Despite their complexity, many DeFi applications, when broken down, could represent regulated activities. These may follow the comprehensive frameworks already in place to preserve financial stability, protect financial consumers, promote investor protection and market integrity, and mitigate illicit finance risks. Non-compliance of DeFi systems with existing frameworks gives rise to pronounced risks for participants and the market.
However, compared to the size of the entire crypto-asset market, DeFi is still considered a niche segment. After the collapse of the stablecoin TerraUSD in early May 2022, TVL in DeFi dropped by almost 40% (approx €80 billion). Credit and staking protocols have experienced the biggest declines. Similarly, the value of many DeFi tokens decreased, particularly the DeFi token Luna which is directly linked to TerraUSD.
Some DeFi applications or activities are currently falling outside of the regulated space. This happens in some jurisdictions, and they raise risks that are left unaddressed by the existing rules.
Some of the characteristics of DeFi may be incompatible with existing regulatory frameworks. But these particularly given that the current framework is designed for a system that has financial intermediaries at its core. For example, frameworks are in place for the registration, licensing, and supervision of intermediaries involved in issuance, brokerage/trading, custody, and lending activities.
But the existence of intermediaries is contrary to the very essence of decentralized finance. And it is often difficult to even identify parties involved that can be assessed or regulated. Enforcement of existing regulations is also difficult to apply, given the absence of a responsible entity. As such, it may also be the case that current regulatory frameworks may not be suitable for regulating decentralized networks in certain jurisdictions.
The adoption of the concept of “account abstraction” by Visa has the potential to greatly improve the user experience of Ethereum wallets.
One of the drawbacks of cryptocurrency is the high cost of mistakes.
For example, if a user loses their account keys, they may permanently lose access to their funds. This and other potential problems make it easier to lose money in cryptocurrency than in traditional banking. To address this, blockchain developers are working on solutions such as “Account Abstraction” to make it safer and easier to use crypto.
Account Abstraction (AA) uses smart contracts to execute transactions by implementing certain validation rules. With AA, users won’t need to sign each transaction with their private keys. The goal of AA is to make using Ethereum as easy as using a traditional bank account, allowing for easy transactions, automatic bill payments, and more.
It is important to note that AA can change the way people use crypto. That’s why it is important to understand how Ethereum transactions work today.
Types of accounts on Ethereum
On Ethereum, there are two types of accounts. These are the External Owned Accounts (EOA) and Contract Accounts (CA). EOAs, commonly used by Ethereum users, are accessed through wallet providers such as MetaMask and Coinbase Wallet. They have a pair of keys: a public key, through which anyone can send funds, and a private key, used to initiate transactions by the account owner. CAs, also known as “smart contracts,” are code-controlled accounts that live on the Ethereum network. These accounts cannot initiate transactions on their own, they need an EOA to send a transaction to them.
Losing access to an EOA (Externally Owned Account) on the Ethereum blockchain can be a serious problem as it is linked to a private key that has complete control over the account. If the private key is lost, then there is no way to regain access to the funds, as there is no key recovery process or help desk to assist.
This vulnerability is primarily caused by human error, which can be the biggest security flaw in Ethereum account management. According to a report by Chainalysis, it is estimated that up to 23% of all bitcoins in circulation (around 3.79 million BTC), could be lost forever due to forgotten keys.
Additionally, if a private key falls into the hands of hackers, they would have complete control over the corresponding funds.
How does Account Abstraction work?
Account Abstraction (AA) considers the limitations of Externally Owned Accounts (EOAs) by combining them with Contract Accounts (CAs). This allows for the creation of user accounts with built-in fail-safe mechanisms. Accounts could also have some other special features for verifying transactions. Ethereum co-founder Vitalik Buterin explains in a 2021 blog post that under AA, smart contract code would not only be used to implement the logic of applications but also the verification logic (nonces or signatures) of individual user wallets.
By utilizing AA, user accounts could be programmed to include social recovery systems where multiple individuals with their own keys have the ability to return an account to its owner if the owner loses access to the private key. It also allows for the creation of “multisig wallets” that transfer account ownership to a group. These wallets require multiple different parties to sign off on transactions as an additional security measure.
Moreover, accounts under AA could avoid hard-coded limitations of EOAs, such as gas fee payment in a single cryptocurrency like Ether (ETH). They could choose to use a different cryptocurrency (like DOGE) or assign someone else (like a friend) to pay gas fees.
Currently, it is possible to implement these systems using CAs, but it would require a significant degree of complexity and high gas costs as all transactions need to be initiated by an EOA.
Can Account Abstraction be implemented on Ethereum?
There are several proposals for adding Account Abstraction (AA) to Ethereum, with the most notable being EIP-4337. According to Gazso, the co-author of the EIP, this proposal is the first one that can achieve AA without requiring a hard fork.
The main advantage of EIP-4337 is that it does not necessitate any modifications to Ethereum’s core protocol. Instead, it would introduce a new account abstraction layer on top of the core protocol, allowing wallet providers to create user-owned accounts that utilize smart contracts to establish the rules for initiating transactions.
Despite the availability of these tools, AA is not yet widely adopted. The main reason is the lack of momentum in creating and distributing new wallets. Convincing users to try new technology and wallets is a difficult task, said Gazso.
As a result, many users opt for more established and well-tested options such as MetaMask. However, it seems that this trend is changing, and there is an increasing interest in implementing these new technologies.
Is Account Abstraction happening already?
Some layer-2 solutions on Ethereum are exploring the integration of Account Abstraction (AA) as a feature. StarkWare, the company behind the StarkNet blockchain, has already implemented AA.
The Co-founder and president of StarkWare, Eli Ben-Sasson, has stated that AA could be used in the future to authorize payments using facial recognition or biometrics, similar to how FaceID is used to authorize credit card payments for iPhone users. He also said that infrastructure for this is already present on StarkNet.
In recent times, Visa also announced its proposal to utilize Account Abstraction to deploy automatic payments using StarkNet infrastructure, which would be similar to automatic payments in a bank account, but on the blockchain.
Other companies, such as Gnosis Chain, are also exploring the integration of AA in their infrastructure. Gnosis Chain co-founder Stefan George stated that interest in AA is increasing as more developers and users become aware of its potential. Gazso also stated that 2023 would be the “year of Account Abstraction” and the topic widely discussed s in the crypto and blockchain space.
Policymakers have scrutinized Binance, the largest crypto exchange, amid multilateral sanctions against Russia and U.S. sanctions against Iran. At the same time, the exchange fails to make its balance sheet fully transparent to auditors.
Binance joins the Association of Certified Sanctions Specialists
In an effort to stay compliant with global sanctions, Binance was one of the first cryptocurrency firms to join the Association of Certified Sanctions Specialists (ACSS).
According to a news release on January 6, Binance announced that its sanctions compliance team would receive training as part of the ACSS certification process. The website states that the group offers an exam covering “knowledge and skills common for all sanctions professionals in different employment settings.”
“The blockchain industry is still young, and it’s important to maintain the highest level of compliance in a rapidly-evolving space,” stated Chagri Poyraz, Binance’s global head for sanctions. “At the end, we want the industry standard in security and compliance to continue alongside other industry players.”
In October 2022, Poyraz stated that the exchange had complied with multilateral sanctions against Russia after the country invaded Ukraine. However, he said there was “room for improvement” when it came to clarity in EU guidelines on crypto.
Binance claims that the ACSS training will inform the exchange’s staff about guidelines from the U.S Treasury’s Office of Foreign Assets Control, and help them to avoid potential violations. According to Binance, the exchange is the largest in the entire crypto space and is available in over 100 countries.
Binance US does business in US-sanctioned countries
There have been reports that Binance might have granted Iran-based users certain services, which may be in violation of United States sanctions. This has prompted officials to investigate.
An investigative report by Reuters shows that individuals in Iran continued trading on Binance even after Iran was placed on a blacklist.
Iranians using the exchange also raises questions about capital controls that were increased against Iran in 2018. Binance itself is based in the Cayman Islands and is therefore not subject to U.S. sanctions prohibiting Iranian entities from doing business.
But, Binance US (the version of the exchange that operates in the US) could face secondary sanctions for doing business with a sanctioned country and providing an opportunity for Iranians to circumvent trade embargoes.
Binance aims to build trust with crypto holders but fails to provide transparency
With over 8 billion people on the planet, over 320 million are crypto holders, according to a TripleA estimate. Cryptocurrency use is expanding, but as of the beginning of 2023, only 4% of the world’s population uses it.
Binance, the world’s largest crypto exchange, is trying to boost confidence following a spike in customer withdrawals in December 2022 and a sharp drop in its digital token value. According to the exchange, net outflows totaling $6 billion were managed “without breaking stride” in the first week of December 2022. This is because its finances are strong, and “we take responsibility as custodians seriously.” Binance founder Changpeng Zhao said that his company would lead by example and make a point to prove its transparency, especially after the bankruptcy of the FTX crypto exchange, which collapsed in November 2022. Reuters’ analysis of Binance’s corporate filings reveals that the core business, the Binance.com exchange, which has processed trades in excess of $22 trillion this fiscal year, is mostly hidden from the public.
Binance refuses to disclose the location of Binance.com. It does not disclose basic financial information like revenue, profit, and cash reserves. Although the company has created its own cryptocurrency coin (BNB coin), it doesn’t disclose its role on its balance sheet. It lends money to customers against crypto assets and allows them to trade on margin with borrowed funds. It doesn’t provide details about how large those bets were, how vulnerable Binance is to this risk, nor the extent of its reserves for financing withdrawals.
While Binance has said that it has been audited using the proof-of-reserves mechanism, the auditing firm has deleted the initial report and paused its proof-of-reserves checks due to miscommunication and the way the public perceived the reports. The auditing company, Mazars, did not make any further comments, but Binance’s CEO had already tweeted in Dec 2022 that the audit had been completed.
The Turkish central bank is interested in adopting the CBDC technology. It has recently completed its first payments using digital currency. It will continue to test this technology in 2023.
The first trial of the digital currency of the Central Bank of the Republic of Turkey was completed using the Digital Turkish Lira. They have indicated plans to continue testing through 2023.
According to a press release by the Turkish central bank issued on December 29, 2022, the first payment transaction using the digital lira was successful.
It stated that it would continue to conduct closed-circuit pilot tests with technology stakeholders in 2023’s first quarter. The program will later expand to include select banks and financial technology companies throughout the year.
The Turkish central bank stated that the results of these tests would be made available to the public via a comprehensive evaluation report. Next, it will reveal more about the next phases of this study, which will increase participation.
This follows the announcement by the Turkish central bank, which was made on September 21, 2022, that it was investigating the benefits of introducing a digital Turkish Lira. The project is called “Central Bank Digital Turkish Lira Research and Development.”
The government did not make any commitment to digitalizing the final currency of the country and stated that it had not made a decision about the issuance of the digital Turkish lira.
The Turkish central bank also stated in its latest statement that it would continue to test distributed ledger technology in payment systems and their integration with an instant payment system.
It will also focus on the legal aspects of the digital Turkish Lira. This includes the economic as well as the legal framework surrounding digital identification. The bank is also revising the technical requirements for the program.
More countries are experimenting with CBDC
Many countries, including the United Kingdom, Kazakhstan, and India, have begun to pilot programs for central bank digital currencies.
The Bank of England (BOE) has allocated nearly $255,000 for the development of a central bank digital currency wallet. This will allow basic functions such as payments and transactions to be executed.
This wallet could be a proof-of-concept that can hold a central bank’s digital currency (CBDC).
The BOE published a request for applications on the United Kingdom government’s Digital Marketplace. This is a place where government agencies can seek work for digital projects.
The proof-of-concept wallet should provide basic functionality. It must be able to show balances, transactions, and notifications. The wallet must also be able to load and unload with a CBDC. It also needs to be able to request peer-to-peer payments via an account ID or QR code. It must also be capable of being used to pay businesses online.
Meanwhile, the central bank of Kazakhstan recommended that an in-house CBDC be introduced as early as 2023 and a gradual implementation over three years. The latest research paper confirmed Kazakhstan’s intention to launch the digital tenge.
Kazakhstan is one of the largest Bitcoin mining countries in the world. After the second phase of the CBDC test was completed, the National Bank of Kazakhstan (NBK), revealed the findings. The primary purpose of conducting research on CBDC was to assess its potential to improve financial inclusion and promote innovation in the payments sector. It also aimed to increase the country’s global competitiveness.
Pilot research was focused on offline payments. It also examined programmability. The report recommended that market participants and infrastructure players be included in different scenarios.
More than 140 proposals have been submitted by the finance sector for a pilot program of central bank digital currency in Australia. The Reserve Bank of Australia (RBA) warns that digital currency could replace the Australian dollar, and people will avoid commercial banks.
The RBA released a speech by Assistant Governor Brad Jones on December 8. This speech was given at a central banking conference that took place from Dec. 8 through Dec. 9. Jones discussed in detail the potential impact of a CBDC on Australia’s economy.
More than 80 financial institutions have proposed use cases in many areas, including e-commerce and government payments. The pilot eAUD team is currently deciding which use cases it will take into the pilot phase. They expect to publish a report about the project in the middle of 2023. Other risks associated with an Australian CBDC could be liquidity problems, and other problems banks might face if the CBDC is chosen as the preferred source for holdings. If people prefer the CBDC, then banks may not have enough capital to lend money to consumers.
The first hacking signal was that investors reported that they had lost their stakes in Defrost Finance, as well as Avalanche coins from the MetaMask wallets.
At first, the team announced that Defrost Finance’s V1 was not affected by the hack.
After confirming the attack, PeckShield, a blockchain security company, discovered that the hacker had manipulated the price of LSWUSDC (Lending Switch USD Coin). The profit generated from the hack was approximately of $173,000.
“Our analysis shows a fake collateral token is added, and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M,” according to PeckShield.
The community was suspicious of the activities of the DEX, although they had announced the hack as soon as it was noticed.
Shortly after, it was announced that V1 of the DEX was also affected by the hack, although it was initially announced that it was not affected. Since V1 lacked the flash loan functionality, the team believed that V1 couldn’t have been affected. At this moment, they asked all users to stop using both V1 and V2.
The Defrost team continued their on-chain investigation, on Dec 25. After publicly asking the hacker or hackers to return the funds stolen during the attack, the team also proposed a 20% (negotiable) fee of the total amount of $12.
According to the team, they have been working round the clock, on Christmas day, to try and solve the crisis and return the funds. Eventually, on Dec 26, the team announced that the funds stolen from V1 have been returned. However, no other explanation was given.
Defrost Finance announced it would refund affected users
According to Defrost Finance, the platform managed to recover the funds from the V1 flash loan exploit and plans to return them to their rightful owners.
On Dec 27, Defrost posted on Medium that it would soon refund the stolen assets. The recovered funds are in an ETH wallet, will be converted to a stablecoin, and then transferred to Avalanche. The users will be able to recover their funds through a specific smart contract.
Users are still waiting for further news.
Other DeFi protocols that suffered losses recently are Raydium (Solana blockchain) – $2 million, and Ankr (Ethereum blockchain) – $5 million.
Is Defrost Finance a scam?
On Dec 24, PeckShield, a blockchain analytics company, issued a warning to its community. They described Defrost Finance project as a “rug pull” with losses estimated at around $12 million.
On Dec 26, CertiK, a blockchain security company, posted an alert about Defrost Finance. It stated that they tried to reach the team but did not receive any response. They described the exploit as an “exit-scam,” which implies that the DeFi platform might have stolen user funds.