OK, so you use the exchange to buy and sell bitcoins, no problem. But if I were to buy a bitcoin, I would expect to get a bitcoin. The owners of that $100,000,000 worth of bitcoins didn’t get bitcoins; they just got a pinky swear from someone that he would take care of their bitcoins for them.
While I think the bitcoin thing is dumb and founded on an enormous misunderstanding of finance and economics, the holding issue isn’t really that unusual, Chronos.
It’s possible these days to buy gold in large quantities. But what you GET when you do so is a certificate that you own, say, 10 pounds of gold held in bank XYZ located in NYC or London or whatever. Generally, you don’t actually take possession of the gold itself. So the model of bitcoin ‘holders’ isn’t that far off the reservation.
Except those intermediaries you buy gold through are regulated and subject to audit. That’s a big difference.
You can store them on some service, or you can store them locally in a wallet or even just on paper. The choice is primarily based on convenience and trust (that the chosen mechanism will have a low chance of problems).
I’m guessing, for many, that the “trust” analysis is substantially based on incomplete information.
If QuadrigaCX (or someone with the appropriate password) starts spending those Bitcoins, will it be apparent from the blockchain? Visible only to supersleuths? Not visible at all?
Yes, and it’s a little more than a pinky swear, but **Chronos **has adeptly spotted the issue that many investors have failed to see. 
Plus, the reason that you have people hold onto your gold for you is that gold is heavy and hard to ship around and easy to steal. You can’t just e-mail a bar of gold.
I see three reasons someone would want to own bitcoins rather than have money in a regular bank: investment, ideology, and anonymity. Those are valid reasons, even if using bitcoin for any of those might seem foolish to most of us.
I think the reasons why centralized exchanges, or de facto banks, became necessary for bitcoin despite one of its primary goals being to avoid centralization are:
- Keeping track of your own bitcoins (or wallet) has its own risks, and is perceived as being difficult.
- Converting bitcoin to US dollars or other currency requires trust, so exchanges are needed.
- Very few people actually use bitcoin to buy anything.
There are many news articles about people losing millions of dollars worth of bitcoins because they threw away a computer, or had a hard drive fail. Most people don’t have a good computer backup strategy, and it’s easy to forget a password. We are used to trusting financial institutions, and only have a vague idea of what types of protections the regulations provide us, and that those regulations don’t apply to cryptocurrency exchanges. When a non-savvy person decides to buy some bitcoins, they evaluate the risk of losing it if they have a problem with their computer, versus the risk of a bitcoin “bank” losing it. They think the bank has a much higher stake in utilizing proper backups and security, so they trust them. Even if it’s just some random guy on the internet. That random guy has thousands of customers and millions in assets, so they must be doing something right.
There’s also the fact that to even convert your dollars to bitcoin you most likely had to go through an exchange in the first place. It’s easier to leave the bitcoin where it is, rather than research how to install a wallet and transfer your bitcoin back out of the exchange. Most people will probably be thinking that they are just going to convert it back to dollars anyway, so why go through the hassle?
I don’t speak from experience, because I haven’t owned a bitcoin or plan to, but from what I’ve read actually using bitcoin isn’t very intuitive. You have a wallet, which is basically just a program to manage your addresses and keys. That wallet generates something like a hundred addresses. The goal is to use a different address for each transaction to help keep things anonymous. Each address will have its own balance, and you can generate more addresses or consolidate as you see fit (but consolidation will incur a transaction fee and remove some of the anonymity). These addresses are just numbers, and each has its own private key that the wallet manages. If you lose the password to the wallet, or it gets corrupted, your bitcoins are gone.
To send money to someone you need the recipient to give you their address, which again is just a bunch of numbers, and you have to go to your wallet, choose one of your addresses or combination that has enough to cover it, plus the transaction fee, and have your wallet generate the transaction to send to the network. Using an exchange for transactions hides a lot of the complexity.
That’s a lot of hassle and worry to go through if I just want to buy a loaf a bread. In addition, transaction fees have been high in the past. Someone in this thread back in 2017 said transaction fees were at $1. It’s currently $0.10, but in January it peaked at almost $0.40. If I want to buy a loaf a bread, that’s more than my credit card is charging for the transaction.
For a cryptocurrency to gain widespread use for actually buying things the usability and transaction cost problems will need to be solved. It’s a bit of a chicken or egg problem. If bitcoin isn’t really being used to buy things there’s little reason for people not to just leave the money in the “bank”.
TLDR: Many cryptocurrency owners don’t really care about the ideology behind decentralization enough to overcome the technical challenges.
I feel a little sorry for bitcoin owners who had their bitcoins in exchanges like QuadrigaCX or MtGox and lost their money, but really not all that sorry. I said in my previous post that those who kept their bitcoins in exchanges didn’t care about the ideology of decentralization, but what the core bitcoin believers really care about is deregulation. If you buy into an investment, with everyone else buying that investment having an ethos of “buyer beware”, and then you weren’t aware enough to not trust some guy on the internet, then you kind of deserved it. That may be blaming the victim, and QuadrigaCX is certainly who to blame in this case, but anyone investing in financial instruments should at least educate themselves a little about who they are giving their money to.
That’s why we have regulation. To protect us, at least a little, from fraud or negligence. It’s almost like we as a society have learned something over thousands of years. In this case, with bitcoin, many people are reassured that because the blockchain itself (it’s math!) insures trust between untrusted parties, that anything having to do with it is therefor trusted by default.
I think you understand this just fine. Having an off-line (cold) store is a good security practice. Having only one person with access, or one physical copy which could easily become inaccessible is a horrible, negligent practice. Any information security professional, or indeed anyone with any common sense, could see how this could go horribly wrong. The fact that QuadrigaCX did this with millions of dollars of customers’ money is inexcusable. This is indeed why we have laws.
There’s a more in-depth article than the Ars Technica one at: https://www.coindesk.com/quadriga-creditor-protection-filing. It includes more details and the affidavit that all the details are based on.
It seems the owner died of Crohn’s disease in India. That does sound like conspiracy theory fodder, but they included a death certificate so he’s probably really dead. I would think it would be fairly easy to trace the blockchain transactions to and from their cold wallet, and if you see transactions out after his reported death, or a bunch of movement shortly before, everyone would know something isn’t right.
Interesting comments - thanks all.
A couple of things that occurred to me as I was reading.
One is, as others pointed out, calling this a “currency” isn’t really accurate. It behaves more like an e-security, where people invest in it for speculative purposes.
Over time, my guess is that the policy of government regulation of securities is going to be applied to these crypto-currency “banks”, in response to cases like this one. Consumer protection laws don’t care so much about “buyer beware”. They care about regulating the conduct of people who hold large amounts of other people’s valuables, whether that’s money, gold, shares and bonds, or valuable bytes.
If one negligent person’s death means the customers lose $180,000,000 in assets, “Regulation is coming.” Libertarian ideology be damned.
The other thing I’m not quite sure about - as a practical matter, does this bitcoin bank have to have access to the “cold wallet” every day, to make transactions to the " hot wallet"? Or is it only something needed every couple of weeks or months?
In other words, could this business model work if the “cold wallet” laptop is kept in a bank vault and only taken out now and then? Or do they need to be able to access it daily?
Because if it’s the latter, they need to have their own physical security system equivalent to protecting an asset worth over $100,000,000.
I assume making 99 copies of the wallet and placing them variously in 99 vaults or computers was no problem.
The problem is the secret password. He could have shared the password with George and Gerry but what if one of them absconds?
Perhaps some multi-key password is needed for cases like this. One key might be held by a trusted lawyer who won’t turn his key unless he confirms that primary guy is dead or incapacitated.
M-of-N secret sharing and signature schemes are no problem, and IIRC such transactions are even built into the Bitcoin protocol, which hardly uses the latest and greatest bleeding-edge ideas from the world of cryptography.
It’s not technical issues that would keep digital money from being as secure as any commodities, currencies, or derivatives handled by a legitimate bank or trading firm. Wasn’t there some random web site called “The Jolly Roger’s Pirate Bank” or some such name, offering Ponzi schemes and Nigerian deals, yet people were still surprised, outraged even, when he took all their money and disappeared?
I understand that. But what I’m wondering about is if they need to have the cold wallet physically with them every day to carry out their business transactions for the clients. Because if that’s the case, having 98 other copies secure is irrelevant; it’s the 99th one that they need to use every day that is the security weakness.
OK, it’s an interesting question.
I’m not aware of any exchange that has provided this information publicly, or any other reliable source of this information.
Did anybody publish the address of QuadrigaCX’s cold storage to verify the story themselves? Is it in the creditor protection filing? (I didn’t search very hard myself but why isn’t this info routinely published in these stories about these mishaps?)
What we do have is endless speculation.
This old Reddit thread is typical of the kind of speculation that you will find. Somebody speculates that some address is the cold storage address of some exchange and then speculates about the meaning of the transactions in that address.
This is the address which that thread speculates on.
So here is my speculation:
No, an exchange cold storage address would typically see a fairly continuous stream of transactions TO that address but very rarely any transactions out of that address. Perhaps once a year or less.
This is because an exchange typically sees a fairly predictable, regular cash flow so they would know quite well how much to keep in the hot wallets.
So no, the private key(s) to the cold storage address(es) would be needed extremely rarely.
I think the aforementioned address does look like a cold storage address. I see only a stream of small transaction INTO it on the first page. You don’t need the private key to transfer TO an address.
It’s not quite clear whether their lack of access is due to not having a password for the wallet as such, or not having a password to the computer.
In either case, I wouldn’t bet on the security of any system which is in the physical possession of someone with an unlimited time to crack it, (including whatever advances in computing power are likely over the next 10, 15, 20 years) and plenty of incentive. It may not be broken in time to save the business, but sooner or later.
I think a good example is Venmo (and similar services).
I can pay someone money just by pulling my phone out and sending it to their username, and they can see that I did so.
Behind the scenes, it’s much more complicated than that, but a user doesn’t have to understand all of it. Most of the various bitcoin related businesses are trying to be something like Venmo for bitcoin. So all you have to do is open an app and send a thing and it’s easy and simple and so on.
Obviously, they haven’t gotten there. There are many structural, political, technological, etc. problems that I would bet against them getting there. But several years ago, it wasn’t a crazy idea to think that they might get there.
I have not read this whole thread but have yet to hear anyone state what I think is most important about Bitcoin - its potential use by criminal organizations.
I don’t know the global totals moved by such sophisticated rings, but it’s gotta be big. Maybe not trillions, but many, many billions. And that interest by itself will maintain cryptocurrency.
But if you’ve got an app to manage bitcoins, then there’s no reason that all of the behind-the-scene stuff couldn’t be happening to a wallet stored on your own device, secured by your own password (or fingerprint or face recognition or whatever).
I’m not sure if I understand your Venmo example, iamthewalrus3=. Are you saying you can transfer bitcoin now by an app on your phone?
If so, that certainly is a valuable feature, but I’ve had that capability from my bank app for years, so it doesn’t seem groundbreaking?
Well, sure, but not with bitcoin qua bitcoin which requires storing the entire history (100s of GB) on every terminal, and so on. I keep emphasizing in this thread that Bitcoin was a nice academic exercise, but even in the original paper it is clear the authors know the parameters are not scalable to a global payment system like Visa, Swift, or Paypal.
You could overlay a consumer micropayment system over bitcoin, but in that case you may as well avoid the bit-coin altogether.