The first hacking signal was that investors reported that they had lost their stakes in Defrost Finance, as well as Avalanche coins from the MetaMask wallets.
At first, the team announced that Defrost Finance’s V1 was not affected by the hack.
After confirming the attack, PeckShield, a blockchain security company, discovered that the hacker had manipulated the price of LSWUSDC (Lending Switch USD Coin). The profit generated from the hack was approximately of $173,000.
“Our analysis shows a fake collateral token is added, and a malicious price oracle is used to liquidate current users. The loss is estimated to be >$12M,” according to PeckShield.
The community was suspicious of the activities of the DEX, although they had announced the hack as soon as it was noticed.
Shortly after, it was announced that V1 of the DEX was also affected by the hack, although it was initially announced that it was not affected. Since V1 lacked the flash loan functionality, the team believed that V1 couldn’t have been affected. At this moment, they asked all users to stop using both V1 and V2.
The Defrost team continued their on-chain investigation, on Dec 25. After publicly asking the hacker or hackers to return the funds stolen during the attack, the team also proposed a 20% (negotiable) fee of the total amount of $12.
According to the team, they have been working round the clock, on Christmas day, to try and solve the crisis and return the funds. Eventually, on Dec 26, the team announced that the funds stolen from V1 have been returned. However, no other explanation was given.
Defrost Finance announced it would refund affected users
According to Defrost Finance, the platform managed to recover the funds from the V1 flash loan exploit and plans to return them to their rightful owners.
On Dec 27, Defrost posted on Medium that it would soon refund the stolen assets. The recovered funds are in an ETH wallet, will be converted to a stablecoin, and then transferred to Avalanche. The users will be able to recover their funds through a specific smart contract.
Users are still waiting for further news.
Other DeFi protocols that suffered losses recently are Raydium (Solana blockchain) – $2 million, and Ankr (Ethereum blockchain) – $5 million.
Is Defrost Finance a scam?
On Dec 24, PeckShield, a blockchain analytics company, issued a warning to its community. They described Defrost Finance project as a “rug pull” with losses estimated at around $12 million.
On Dec 26, CertiK, a blockchain security company, posted an alert about Defrost Finance. It stated that they tried to reach the team but did not receive any response. They described the exploit as an “exit-scam,” which implies that the DeFi platform might have stolen user funds.
Sam Bankman-Fried (SBF) could be extradited to the US for a court trial. He might get up to 115 years in jail.
Who is Sam Bankman-Fried?
Sam Bankman-Fried is the former CEO and founder of Alameda Research, a quantitative trading firm that is active in the cryptocurrency markets. He is also the former chief executive of FTX, a cryptocurrency exchange, and derivatives trading platform. Bankman-Fried is known for his contributions to the development of the cryptocurrency industry and for his philanthropic efforts through the Bankman-Fried Foundation, which focuses on supporting research and development in science and technology.
And more recently, Sam became even more famous when FTX declared bankruptcy in Nov 2022.
FTX’s collapse roiled crypto markets and revealed many accounting scandals within the company. FTX was once one of the most prominent and respected players in this space. The exchange had no accounting department and mixed customer funds with Alameda Research. It also reportedly spent $100 million on luxury vacation homes for its employees.
Sam Bankman-Fried was arrested in The Bahamas
After filing for bankruptcy in November 2022, Sam ran to the Bahamas, hoping to find a way and bring the price of the FTT token (the native token of FTX exchange) back up and give investors their money back. But things haven’t worked up quite that way.
After U.S. prosecutors brought criminal charges, Sam Bankman-Fried was taken into custody in the Bahamas.
The Bahamas government released the following statement:
“S.B.F.’s arrest followed receipt of formal notification from the United States that it has filed criminal charges against S.B.F. and is likely to request his extradition.”
This arrest was the latest dramatic development in one of the most shocking corporate falls from grace in recent history. On Dec 6, Mr. Bankman Fried was to testify before Congress about the collapse of FTX. This was the largest firm in the emerging crypto sector, and it was virtually destroyed in only a few days in Nov 2022 when its accounts were missing $8 billion.
Prosecutors from the Southern District of New York confirmed that Mr. Bankman Fried was charged and stated that an indictment would not be filed on Dec 13. Separately, the SEC (Securities and Exchange Commission) stated in a statement that they had authorized charges “relating to Mr. Bankman Fried’s violation of our securities laws.”
Some unverified sources say that Mr. Bankman-Fried was charged with wire fraud, wire conspiracy, securities fraud conspiracy, money laundering, and securities fraud conspiracy.
Mr. Bankman Fried, who was the only one charged in the indictment, was taken into custody. According to a statement by the Bahamian police, he was taken into custody at his apartment in Albany resort in the Bahamas shortly after 6 pm. It was unclear when Mr. Bankman Fried might be transferred to the United States. The Bahamas has an extradition agreement with the United States. However, it can take several weeks and sometimes even longer if there is a criminal defendant who contests it.
According to someone familiar with the matter, Mr. Bankman Fried cooperated during his arrest.
SBF’s reply to the arrest
Sam Bankman-Fried is reportedly reconsidering his decision to appeal extradition. According to Reuters, he will appear in court in the Bahamas on December 19 to seek a reversal of that decision.
On Dec 13, SBF was denied bail, and the reason was “risk of flight.”
Sam’s lawyer declared that his client is suffering from insomnia and depression, and a second bail application was reportedly filed at the Bahamas Supreme Court on Dec 15.
Bankman-Fried could be sentenced to 115 years imprisonment if he is convicted. However, it could take years before the court reaches a final verdict in this case.
SBF has hired Mark Cohen as his defense lawyer. Cohen is the co-founder of Cohen & Gresser, and was a member of the defense team for Ghislaine Maxwell in her high-profile case involving child trafficking.
Bankman-Fried is currently being held at Fox Hill Prison. This is the only prison in The Bahamas. A U.S. State Department report from 2021 stated that Fox Hill conditions were “harsh,” overcrowded, and had poor nutrition. Correctional officers were accused of physically abusing detainees.
Caroline Ellison, the former CEO of Alameda Research (a sister company to FTX), has also created a defense team. In an ongoing federal investigation, Ellison will be represented by Stephanie Avakian (a former top crypto regulator at the United States SEC). Avakian is currently the chair of WilmerHale’s Securities and Financial Services department. She expanded the oversight of cryptocurrency at the Enforcement Division in her role at SEC.
In Hong Kong, virtual asset service providers will have a new licensing system, which will require them to adhere to strict anti-money laundering (AML) guidelines.
Hong Kong’s legislative body has approved a new amendment to the anti-money laundering and terrorist financing system. The legislation now includes virtual asset service providers.
On June 1, 2023, this new legislation will go into effect, and it will establish a licensing system for virtual asset service providers. Crypto exchange service providers will be subject to the same legislation that currently applies to traditional financial institutions.
Virtual exchanges that want to open a Hong Kong business must follow strict AML(Anti-Money Laundering) guidelines and comply with investor protection laws before being granted a license to operate. Hong Kong, unlike other regulators around the globe, has used the FTX crash to reduce regulatory risks associated with centralized exchanges.
Regulators around the globe have been criticized for failing to protect retail investors after the FTX crypto exchange collapse. A growing demand has emerged to bring crypto exchanges under the law and to require strict AML and investor protection.
Hong Kong Monetary Authority to impose regulations
Hong Kong has actively worked toward the establishment of a well-thought regulatory framework for its nascent cryptocurrency market. The Hong Kong government published a policy in October entitled “Policy Declaration on the Development of Virtual Assets.” It included a regulatory framework as well as risk-based regulatory guidance. To evaluate and improve the technology underlying virtual assets, the government suggested several pilot projects.
Investors may also benefit from some protection regulations. This nation has become the leader in the urgent issue of investor protection because of the recent legislation amendment.
At a recent conference, Eddie Yue, chief executive of the Hong Kong Monetary Authority, suggested that there might soon be investor protection regulations in the country.
Banks are discussing the future of FinTech
Central bank governors from all over the world have attended a conference in Thailand to discuss the role and future of central banks in the face of evolving financial technology. The conference was hosted by both the Bank of Thailand and the Bank for International Settlements.
Panel discussion on digitalized monetary systems featured Eddie Yue (chief executive of Hong Kong Monetary Authority), Changyong Rhee (governor of the Bank of Korea), Adrian Orr (governor of the Reserve Bank of New Zealand), Cecilia Skingsley (Bank for International Settlements) discussing the rise of digital assets, central banks digital currencies, and the potential risks associated with this new technology.
The chief of the Hong Kong Monetary Authority discussed the benefits and innovations of blockchain technology, as well as its potential impact on central banks. Yue stated that stablecoins and CBDCs would offer more efficient and economical ways to transact in the long term. He noted, however, that any new technology comes with certain risks. These risks could be operational.
Yue pointed out that blockchain is decentralized by its very nature. It is, therefore, much more difficult to mitigate on-chain risk. Regulators should therefore focus on activities off-chain. He explained:
“We can start with regulating off-chain activities like regulating virtual asset exchanges. Hong Kong will soon introduce not just AML (anti-money laundering) aspect but also investor protection.”
This was before the Hong Kong government issued the regulations for crypto exchanges, which align with the international consensus on regulating stablecoins.
Changyong Rhee (the Bank of Korea governor) was less optimistic about blockchain technology’s future, particularly in the monetary sector, in light of recent crypto contagions. He stated that he wasn’t sure if “we are actually seeing the benefits of this technological advancement recently.”
“I was more positive before, but after seeing the Luna, Terra, and now the FTX issues. I don’t know [if] we will see the real benefit of this new technology, at least for monetary policy,” said Rhee.
The biggest Russian bank has announced that it will create its own blockchain and it will incorporate it with Ethereum to expand into DeFi and Web3 markets. The Russian government plans to create its own crypto exchange.
Sber (formerly known as Sberbank) officially announced new opportunities on its proprietary blockchain platform. This includes compatibility with smart contracts and applications on Ethereum. The bank stated that this would enable developers to transfer smart contracts and entire projects between Sber’s blockchain and other public blockchain networks.
Sber’s latest additions include integration with MetaMask, a major software cryptocurrency wallet that interacts with the Ethereum blockchain. According to the announcement, users can now make transactions with tokens and smart contracts placed on Sber’s blockchain platform.
Alexander Nam, head of the blockchain lab, said that “Sber Blockchain Lab collaborates closely with external developers. I am happy that our community will now be able to run DeFi apps on Sber’s infrastructure.” The new integrated features will allow Sber to bring together developers, financial institutions, and corporations to explore the practical applications of blockchain, Web3 and decentralized finance (DeFi).
Sberbank, as previously reported, has been actively developing blockchain products in recent years, submitting an application to the Bank of Russia in order to launch a platform on blockchain for its “Sbercoin” stablecoin in 2021. Sber finally announced its first digital currency transaction after receiving approval from the central bank in spring 2022. The government of Russia is Sber’s majority shareholder, owning 50% + 1 share.
Sber’s announcement was made shortly after Russian President Vladimir Putin demanded an open, blockchain-based settlement network. He condemned the monopoly of global financial payments systems and expressed confidence that digital currencies-based technology would allow for greater independence from banks. Putin’s government, however, does not allow citizens to use crypto for payment. In early 2020, it imposed a blanket ban against payments using Bitcoin.
Russian lawmakers discussed possible legal amendments to enable the government to launch a national cryptocurrency exchange. The Bank of Russia and the Ministry of Finance support this effort, which is known for being a source of much disagreement in regulating the local crypto market.
Russia wants to launch its own crypto exchange
Russian lawmakers are currently working on amendments that would allow for the launch of a national cryptocurrency exchange. The effort is supported by both the Ministry of Finance as well as the Central Bank of Russia.
Local media reported that members of Russia’s lower chamber, the Duma, have been meeting with market participants to discuss amendments to its existing cryptocurrency legislation “On digital financial assets.” First, the amendments that would establish a legal framework to allow for a national currency exchange will be presented to the central bank.
Sergey Altuhov was a member of the Committee of Economic Policy of Duma, and he highlighted the fiscal sensibility of these measures:
“It makes no sense to deny the existence of cryptocurrencies, the problem is they circulate in a large stream outside of state regulation. These are billions of tax rubles of lost tax revenues to the federal budget.”
In June 2022, Anatoly Aksakov (head of Duma’s Committee on Financial Market), suggested a Russian national crypto exchange could be launched under the Moscow Exchange, as this is seen as a “respectable organization with a long tradition.” In September, the Moscow Exchange created a bill on behalf of the central bank to allow the trading of digital financial assets.
A bill that would allow cryptocurrency mining and the sale of cryptocurrency mined was presented to Duma earlier this month. Although the bill will create a Russian platform to sell cryptocurrency, local miners can also use foreign platforms. The Russian regulations and currency controls would not apply to transactions in this case. However, they would need to be reported to Russia’s tax service.
Belgia’s financial regulator has confirmed that Bitcoin, Ether, and other cryptocurrencies issued only by computer code are not securities.
However, this contradicts the views of Gary Gensler, Chairman of the U.S. Securities Exchange Commission, who has a different set of conditions to determine which crypto assets can be deemed a security.
Belgium releases a report about the classification of crypto
This explanation was provided by Belgium’s Financial Services and Markets Authority (FSMA) in a report released on November 22, 2022. This clarification was necessary due to the increased demand for information about how Belgium’s financial laws and regulations related to digital assets.
Although not legally binding according to Belgian or European Union law, the FSMA stated that cryptocurrencies would be classified as security if issued by an individual or organization:
The report states as follows:
“If there is no issuer, as in cases where instruments are created by a computer code and this is not done in execution of an agreement between issuer and investor (for example, Bitcoin or Ether), then in principle the Prospectus Regulation, the Prospectus Law and the MiFID rules of conduct do not apply.”
Belgian regulators noted that cryptocurrencies, even if they aren’t classified as securities, may still be subjected to other regulations if used by a company as a medium for exchange.
“Nevertheless, if the instruments have a payment or exchange function, other regulations may apply to the instruments or the persons who provide certain services relating to those instruments.”
Belgians regulators classify all digital coins, not just blockchain-based crypto
FSMA noted that the stepwise plan was neutral to technology, suggesting that it doesn’t matter whether digital assets are created and facilitated through a blockchain or other traditional methods.
In July 2022, the FSMA drafted the first report. This was to answer frequently asked questions from Belgian-based offerers and issuers of digital assets.
FSMA stated that the stepwise approach would be used as a guideline for the European Parliament’s Markets in Crypto Assets Regulations (MiCA), which will take effect at the beginning of 2024.
The clear guidelines of Belgium are contrary to the U.S. Securities Exchange Commission’s (SEC) “regulation by enforcement” approach. This is currently competing for control over digital asset regulations together with the U.S. Commodity Futures Trading Commission.
Gary Gensler, the chairman of SEC, has always considered BTC a commodity. However, he recently suggested that post-Merge Ether or other staked coins may be considered a security under the Howey test.
Belgium isn’t a big adopter of digital assets yet. A recent study by blockchain data platform Chainalysis ranked Belgium 94th on its Global Crypto Adoption Index.
But Bitcoin seems to have a lot of public support in Belgium.
A Belgian politician received his salary in crypto
Christophe De Beukelaer was the first European politician to convert his salary to Bitcoin. He started doing this at the beginning of 2022. He hopes to increase awareness about Bitcoin, and other alternative monetary models, to encourage financial literacy and get people talking.
De Beukelaer was first introduced to Bitcoin and blockchain in 2017. He foresees a future where Bitcoin and other cryptocurrencies will be an alternative to traditional financial systems.
“The political people don’t have the time to travel. They are busy running the daily administrations of cities and countries. But they don’t stop to ask, “OK, what’s the next step?” What are the major changes that will take place in the next 10, 20, or 50 years? That’s what you do.
The Brussels politician acknowledged that there is a lack of awareness about cryptocurrency and Bitcoin. He also said that if Europe doesn’t get its hands dirty in space, then “Asia (or] the U.S.A. will decide everything.”
He believes that being paid in Bitcoin can raise awareness and add credibility to the space.
Binance and other big centralized exchanges plan to use the Proof of Reserves as an auditing technique to reassure their customers of the safety of their funds.
As trust in its accounting of billions in assets disappeared, crypto exchange FTX went bankrupt at the beginning of November 2022.
Some critics have slammed the existence of centralized exchanges, such as FTX. Its CEO, Sam Bankman-Fried, posted many messages on Twitter trying to convince his customers that he had made a terrible but honest mistake that he would try to repair. However, CEX customers are now all wondering just how safe their assets are on any of these exchanges. And the truth is that without total transparency from the exchanges, the FTX collapse could happen again at any given time.
The controversy has brought back the debate about a possible solution. It is called proof of reserves, or PoR. This method shows, without any doubt or ambiguity, how many tokens are on each exchange that uses the technique. Proof of reserves, if in place at FTX, could have, in theory, stopped customers’ money from being moved to places it shouldn’t. In this case, the assets wouldn’t have moved to Bankman-Fried trading firm Alameda Research.
Binance, the largest cryptocurrency exchange in the world by volume, has shared its wallet accounts and said it would conduct a proof of reserves snapshot within the next few weeks. Other CEXs that made similar statements include Gate.io, KuCoin, Poloniex, Bitget, Huobi, OKX, Deribit and Bybit.
What is proof of reserves?
Proof of reserves is an audit technique that confirms assets in custody. It is used by stablecoin issuers Paxos to show they have enough assets backing their tokens. Exchanges like BitMEX use the technique to prove that customer deposits correspond with assets in custody.
Sergey Nazarov, the co-founder of Chainlinks Labs, stated that the use of this auditing solution could have made it possible to avoid all of this: “It would have been quite a solvable problem if there had been more transparency in the balance sheet.” Chainlink offers the proof of reserves (PoR) auditing mechanism as a product. Their PoR solution already powers multiple stablecoins and gold coins.
How does proof of reserves work?
An entity can prove its assets reserves in a variety of ways. These include traditional third-party audits that are performed by companies such as Armanino, to Merkle tree proofs (cryptographic verification using data structures called Merkle branches).
There are also methods that blockchain analytics companies employ. Chainlink is an example of a company that separates proof-of-reserve implementation into two categories: on-chain and off-chain.
An off-chain alternative is a third-party provider, such as Chainlink, that receives API access (application programming interface) from an exchange. This allows the auditor or custodian to verify the exchange’s holdings.
Off-chain proof of reserves (Chainlink)
On-chain routing is a proof of-reserves smart contract on one network (usually Ethereum). It receives data feeds from Chainlink’s Oracle network (on a block-by-block basis) about a provider’s on-chain wallet balances in another network (e.g., Bitcoin). This empowers users and allows them to check whether the company or the exchange actually has the assets they claim to have.
On-chain proof of reserves (Chainlink)
Should proof of reserves be used?
Investment brokers that offer services to retail customers are already producing regular reports to show the client’s assets and liabilities. But this is done because of the harsher regulations that are already in place for them. For the most part, cryptocurrency exchanges remain unregulated financial services, and customers have nobody to lean on when it comes to a lack of liquidity or bankruptcy.
A first step may be self-regulating services that may regain the trust of customers. Authorities might also be willing to adapt their regulations to the crypto industry when existing exchanges collaborate.
Over the last few years, many exchanges have collapsed, causing crypto investors to lose a lot of money. While many never got their funds back, this also caused existing services to practice much better security and transparency.