- Empire
- Posts
- 🕵️ How to rob a bitcoin bank
🕵️ How to rob a bitcoin bank
Just how safe is the $51 billion sitting in bitcoin ETFs?
Brought to you by:
Happy Fri-yay!
No, but really, we made it through the (short) week. Congrats.
Today we’re diving right into custodian safety, and David’s cooked up a few Easter eggs for you all. As always, we’re curious to get your take on what’s happening, so let us know in the poll below.
Have a great weekend.
— Katherine Ross
🛶 Staying afloat
The FBI has a warning for crypto: North Korean hackers are on the prowl.
“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months. This research included pre-operational preparations suggesting North Korean actors may attempt malicious cyber activities against companies associated with cryptocurrency ETFs or other cryptocurrency-related financial products,” the FBI said earlier this week in a bulletin.
On social media, it led to a discussion started by Eleanor Terrett of Fox News on whether or not Coinbase — the custodian of 8 of the 11 bitcoin ETFs (including BlackRock’s) — could be a “single point of failure.”
It doesn’t bode well that nearly all crypto ETF issuers have the same custodian for all their $BTC and $ETH. This makes @coinbase a potential single point of failure and that’s scary.
— Eleanor Terrett (@EleanorTerrett)
3:24 PM • Sep 4, 2024
As it stands, all 11 ETFs have over $51 billion worth of bitcoin according to Bitcoin Treasuries, so it’s a fair concern to wonder what could happen if something — or someone — attacks custodians or the issuers themselves.
"The world’s largest financial institutions rely on Coinbase for a reason — we have a proven track record, state-of-the-art technology, and deep expertise in crypto custody. Crypto is a unique technology with unique needs,” a Coinbase spokesperson told me.
“Coinbase has built its reputation as the most trusted and secure platform for safeguarding digital assets, and operates under the same regulatory frameworks as other major institutions like the DTCC, ensuring that we meet the highest standards of security and oversight. Our commitment to security remains unwavering, and we’re proud to serve as the trusted custodian for the majority of crypto ETFs, ensuring the safety and integrity of these assets."
The company’s Chief Legal Officer Paul Grewal reiterated that point on social media, saying that it’s the “opposite of scary.”
I think it's whatever the opposite of scary is. A wide range of the world’s largest and pickiest institutions trust us as the most effective way to keep their clients’ digital assets safe. coinbase.com/blog/how-we-ke…
— paulgrewal.eth (@iampaulgrewal)
4:06 PM • Sep 4, 2024
If you remember, there were snippets of discussions at the end of last year through the beginning of this year when all of the ETF filings revealed that most of the issuers had picked Coinbase.
In March, the company itself addressed the safety of custodying the assets.
And yesterday, MetaMask’s lead security researcher Taylor Monahan entered the chat.
Coinbase is NOT different bc they’ve *eliminated* the risk though.
Bc they haven’t. Bc they can’t. NO ONE CAN.
This shit is wild. The incentives are too much. The hackers have too many resources.
They will literally burn 0 days to get at Coinbase. They *have* burned 0 days.
— Tay 💖 (@tayvano_)
4:10 AM • Sep 5, 2024
Monahan pointed out, in a thread on X, that Coinbase owns the “reality” of the situation: There are bad actors out there, and they will try to attack prominent crypto firms (or crypto people, as Nick Drakon formerly of Revelo revealed in his own thread Thursday.)
According to Monahan, Coinbase adheres to a “get hacked but don’t get rekt” mindset.
“No matter what Coinbase does internally for their systems, they cannot wholesale prevent one of their customers from willfully initiating a transfer given they provide the required authentication,” she warned, saying that the risk could come from the issuers themselves.
She compared the security to a ship, which is to say you don’t want water getting in. But sometimes it does.
More good stuff: My friend Luke (who actually built systems at Coinbase and AWS and others) gave this analogy: secure systems are built like ships.
Even if the hull is breached, the water should only flood a few compartments. The ship shouldn't sink.
x.com/i/web/status/1…
— Tay 💖 (@tayvano_)
4:24 PM • Sep 5, 2024
“Water is CONSTANTLY seeping into the hull of the ship. Like...always,” Monahan said.”The ship expects this though. You just have float switch sump pumps in the basins that are auto triggered when the water reaches a certain level.”
Monahan’s analogy is a good one, reminding folks that it’s all about awareness and staying on top of the situation. So perhaps instead of “keep calm and carry on,” crypto folks should adopt “keep calm and stay aware.”
— Katherine Ross
P.S. Can you do us a favor? Help us tailor Empire to best fit your interests. Fill out this survey.
Blockworks Research is conducting a survey to gain insight into the institutional staking landscape. This data will help industry leaders adopt their strategies as the industry matures.
If you're an institutional staker, we want to hear from you (and if you’re new to Blockworks Research, get 20% off of our service while you’re at it!)
On this week’s Weekly Round Up episode of Empire, Jason Yanowitz and Santiago Santos broke down a myriad of topics — most of which you, dear reader, will be familiar with if you open this newsletter each morning.
But I want to focus on just one: The quiet quitting theory from Ikiagi’s Travis Kling. Yanowitz speculated that this is something that happens in every industry, while Santos said he thinks this happens every cycle.
“It’s the hallmark of a trough,” Santos said. “The question is, is this time any different? And is this a sign of something that’s more enduring?”
Those questions are a bit broad to answer right here, right now, but I think Santos might have been answering them himself when he noted that BlackRock’s Larry Fink isn’t quiet quitting by any means. But it’s natural for some investors to burn out.
There’s an opportunity if you look closely, investors perhaps just need to be “disciplined” and “patient,” Santos said.
“I’ve seen this movie many, many times,” he added. Grab some popcorn then, I guess.
And now you know.
Images credit: Financial Times & World Economic Forum (C.C. BY 2.0), modified by Blockworks
BlackRock chief Larry Fink’s evolution into crypto evangelist didn’t happen overnight.
It also happened much longer ago than it seems. Fink has since October 2017 made public comments about crypto 14 times, and only three of those could be considered negative.
The latest of those comments was in late 2021, when he said he was probably more in the “Jamie Dimon camp” when it comes to bitcoin. The JPMorgan boss has called bitcoin a fraud, a Ponzi scheme on top of other classic critiques over the years.
Moments where Fink and BlackRock have either commented on or interacted with the crypto space are plotted on the chart above.
Fink’s happy faces — which have indeed been consistent over the past year — represent positive headlines, and the stern faces were either negative or neutral. I don’t expect we’ll see many of the latter moving forward.
— Katherine Ross & David Canellis
Hear executive leaders from Galaxy, BlackRock and Coinbase on what they think about the future of crypto in the US.
Last week, we asked: “Would you tokenize your home?”
23% of you said: “This isn’t 2021,” while 15% replied “I’m not sold, perhaps, would it make me rich?” We really felt that.
Over half of you opted out by requesting to see the results. Jokes on you, that button didn’t work, so we’ve removed it altogether.
This week, in light of Telegram flip-flopping by enabling moderation of private chats, we’re asking: “What’s keeping you on Telegram?”
What’s keeping you on Telegram? |