The Curious Case of Custodial Crypto Exchanges

Web3Auth
5 min readApr 24, 2023

--

12th November, 2022:

“These are my hard-earned savings.”

“FTX US was supposed to return my $25,000 via ACH to my bank account. They have not done so and are not responding to customer service messages.”

20th October, 2021:

“This is my life savings”

“On Sunday October 17 at 11:00pm my FTX crypto account was either hacked or stolen by the exchange. I had over $120,000.00 in this account. They have not given me any information on what has happened to my account, it’s just gone. Please help me, this is my life savings.”

These are only a couple of hundreds of heartbreaking consumer complaints filed against the notorious crypto exchange FTX, on the United States Federal Trade Commission’s (FTC) portal.

Shakedowns and shutdowns

Cryptocurrencies are attractive. There is no denying that. At the peak, the market was valued at about $3 trillion in 2021, larger than the GDP of about 186 countries.

With the potential it has, the industry has attracted investors and enthusiasts alike, from all walks of life. This even includes major league superstars and celebrities from sports such as football, basketball, and tennis. Zippia Research suggests that there are about 420 million crypto users transacting across the world as of 2023.

But it has not been all rainbows for this industry, especially over the last 2 years.

  • Among scores of other investors, even some of these superstar athletes have fallen prey to the likes of the FTX scandal, losing millions of dollars. It is estimated that the FTX scandal alone caused the loss of about $8 billion in consumer assets.
  • Three Arrows Capital once managed close to $10 billion of crypto assets, but owed $3.5 billion to its creditors following its shutdown.
  • In 2014, Mt. Gox, once the world’s largest crypto exchange, suffered a hack and declared bankruptcy after losing 850,000 BTC, which was worth over $450 million at the time. It remains to be one of the largest cryptocurrency exchange hacks in history.
  • The founder of crypto exchange Bitzlato was accused of laundering over $700 million in crypto money over 4 years. Three months ago, he was arrested in Miami.

According to TechCrunch, in 2022, each quarter had its own fair share of multimillion-dollar crypto losses, some larger than the others. However, the fourth quarter witnessed most of them, with almost $1.62 billion in 55 incidents — accounting for close to half of the total losses in the year.

Immunefi reports that as of the first quarter of 2023, the web3 ecosystem saw a total loss of almost $437.5 in crypto assets while $418.5 million was lost to 59 different hacking incidents and $19 million was lost to 15 fraud incidents.

Among the many different sources of cryptocurrency losses in the market are money laundering, malware and phishing attacks, ransomware and scams, stolen funds, and darknet markets.

However, it is worth noting that most of these losses occurred on custodial crypto exchanges and platforms.

What ails you, custodial?

The popular euphemism ‘Not your keys, not your Crypto’ is rooted from the numerous custodial exchange shutdowns of late.

The name suggests it. Custodial exchanges are the sole custodians when it comes to storing the private keys of the users as well as their crypto assets. These private keys are typically generated and stored by the exchanges themselves, and they are used to sign transactions on behalf of the users. Users cannot request or access these keys in any way whatsoever, but must trust the exchanges to safely manage their funds.

As per a CNBC report, a popular crypto exchange in its earnings report made this statement — “In the event of bankruptcy, the crypto assets we hold in custody on behalf of our customers could be subject to bankruptcy proceedings. Users would be labeled as ‘general unsecured creditors,’ and their funds would become inaccessible.”

To be fair, they are not wrong. These exchanges are quite large in scale and magnitude, and they hold massive amounts of crypto in one place. Naturally, they make for a perfect playground for hackers, leading to irreversible risks of permanent loss of users’ assets.

Temporary technical glitches are a different matter altogether, however. The deposits and withdrawals are paused only for a brief period. Given the scale and volume of crypto assets, the prospect of permanent loss is simply unfathomable.

Daniel Saval, a lawyer from Kobre and Kim told CNBC, “Users may be surprised to learn that, in a bankruptcy scenario, the crypto and funds held in their accounts may not be considered their own property.”

That’s right.

  • Custodial exchanges have the power and freedom to hold or freeze users’ crypto assets, simply owing to the unregulated nature of cryptocurrencies in general.
  • Some exchanges may not support all varieties of cryptocurrencies on their platforms, or the trading options are limited on the platforms. This could pose a significant disadvantage to those users who would rather prefer to trade across a wide spectrum of crypto.
  • Moreover, custodial exchanges pose a risk of theft and exploitation of personal user identities, as users are required to submit their know-your-customer (KYC) data for registration.
  • Another point to note is that users must have a stable internet connection to access their accounts.

Self-custody is a fundamental feature of decentralized cryptocurrencies like Bitcoin (BTC). However, it does not apply to centralized and custodial exchanges. The sole reason why users may prefer to store their assets in custodial platforms is the use of ease, a familiar user experience that resembles that of a Web2-like environment.

But lately, the sentiment seems to be looking bleak. It begs the question — is it worth losing massive value in crypto assets only in exchange for a simpler user experience?

The time and necessity for self-custodial platforms and wallets has arrived, but with a seamless user experience both for onboarding and signing transactions.

But what does the future hold? Or rather, what should crypto storage look like?

Frequently asked questions (FAQs)

  • What are custodial crypto exchanges?

Custodial exchanges are the sole custodians when it comes to storing the private keys of the users as well as their crypto assets. These private keys are typically generated and stored by the exchanges themselves, and they are used to sign transactions on behalf of the users. Users cannot request or access these keys in any way whatsoever, but must trust the exchanges to safely manage their funds. GDAX, Coinbase, Binance, Kraken, Bitfinex, Poloniex, are some of the names that belong to this category.

  • What is self-custody?

No parties or subsets of parties can access the user’s public and private key pair. The user has full access over their public and private key pair. Self-custody represents that a user has full control over their key and their assets and custodial means that a third party handles a user’s key and assets on their behalf.

--

--