Sunday, October 31, 2021

Happy Halloween! 2021 Statuses of Canadian Cryptocurrency Exchanges

After losing funds in Quadriga I’ve been working with affected users and members of the community to prevent similar events. We call ourselves /r/QuadrigaInitiative and meet every Thursday as part of CryptOasis. (You’re welcome to join.) Every year for Halloween we have a comparison of Canadian crypto-asset platforms. See past posts from 2020 and 2019.

Problem Statements

Crypto exchanges pose user risks. Globally, there are hundreds of events!

All past crypto-platform incidents have at least one of three factors in common:

  • Funds stored online.
  • Funds held by one person.
  • No proof of backing.

Insurance Is Inadequate

After many months, I was finally able to view an example crypto-asset insurance contract. (This one is for Ledger Vault “specie insurance”.) As I expected, it was hilarious! Here are a few excerpts:

  • “covering the theft of certain Crypto Assets safekept with the Vault Solution if such theft is resulting from specific events such as physical intrusion by a third party in a Vault data center or in other strategic locations specified in the Specie Policy.”
  • “Such determination shall be made by Ledger in its reasonable discretion.”
  • “neither Ledger, its Affiliates or any of the insurers under the Specie Policy provide any assurance or guarantee to Customer that (i) a theft of Crypto Assets safekept by the Vault Solution will be covered or indemnified under the Specie Policy, (ii) if a theft is covered by the Specie Policy that Customer will be made whole for its loss or will receive any insurance proceeds from the Specie Policy;”

Regulators Being Unreasonable

While this “decision should not be viewed as precedent for other filers”, a sense of the level of complexity and cost for which the OSC is requesting of a simple platform to “buy, sell, hold, deposit and withdraw crypto assets” just “for time-limited relief” “with the objective of fostering innovative businesses in Canada” can be read from their decision on CoinBerry.

And while it may seem like overkill, the end result still gives investors no visibility into whether their funds are backed, requires insurance that’s potentially misleading in what it protects, creates an high level of complexity (and therefore risk) around how customer assets are secured, and continues to allow CoinBerry to not publicly disclose hacking events like August 2020. It places Canadians in a permanent position of trust and dependence on regulators for their ongoing safety, and adds costs, complexity, and expense to every transaction, which will only increase over time.

Canadian regulators in Ontario have now blocked the highest volume exchange, the highest volume coin, and the largest stablecoin. However, Canadians continue to trade Tether using offshore platforms, and the OSC lacks the ability to block KuCoin and Poloniex (not to mention DeFi platforms).

Simplified Solution

Our simplified framework of just 15 policies more than prevent or mitigate the entire history of global crypto-exchange incidents. We can have full certainty of platform security and asset backing through a simplified ruleset, not dependent on a central party at any stage. The proposed industry self-insurance fund is cost effective, not dependent on third parties, and aligns incentives with the interests of Canadian crypto users and platforms. The framework runs transparently on an ongoing basis without regulatory dependence. It’s flexible and adaptable to new technologies and innovations, and offers the possibility to fully protect Canadians against a greater range of platform loss events in the future.

The truth is that regulators need guidance and more Canadians to tell them what they want to see. If you’re tired of sitting back and want to help create a future of innovation and security for Canadian crypto-asset platforms, join us any Thursday at the CryptOasis meetup!

Canadian Platform Transparency Rankings

Without further ado, here are the statuses of Canadian platforms for this year. There is one main metric - the level of visibility to fund backing. We have 4 categories:

  • No External Verification - A platform that doesn’t appear to give any indication of any external auditing or verification. You may want to avoid these platforms, but sometimes these are just because this information is not available easily.
  • Apparent Verification - I was able to dig and locate some sort of claim or indication that they were being verified externally. Of course, most of these don’t mention who specifically is performing the audit/verification, what is actually being checked, and/or anything about the verification process. In one case, this verification is severely out of date.
  • Full Backing Report - In order to meet these criteria, the platform has to have undergone a process where full backing of customer assets was verified by a third party within the past year and a report was published. While compelling, it doesn’t stop a dishonest platform from excluding customers, tricking the verification process, or colluding with the third party in various ways.
  • Full Proof of Reserve - Proof of Reserve are digital proofs that the exchange holds in fact the customer funds. This includes a cryptographic process with public wallet addresses, signing of transactions, and a public hash list or Merkle tree to allow customers to independently validate inclusion, that is, to validate that the exchange in fact held the funds at a given moment.

No External Verification

Bitvo - The Bitvo website hasn’t changed much in the past year. The Bitvo team has “come together to provide Canadians with the best experience (sic) in cryptocurrency exchange.” Bitvo’s cold storage “is located offsite in a third-party financial institution that is only accessible via multiple signatures of a select group of trusted individuals” and is “not connected to the exchange platform or a network”. “As a percentage of customers’ funds, Bitvo holds 95% to 100% of customers’ funds in Cold Storage.”

Bitvo assures customers that they operate “on a full-reserve basis”. Their website talks about how “[s]ecurity and transparency are important in your financial transactions.” It continues to surprise that still nothing explicitly indicates customer accounts to have been verified externally or even internally. This is particularly concerning given the fee structure of Bitvo, where users only pay for withdrawals and are thus incentivized to keep maximal funds on the platform.

“Send us an email, and we’ll get back to you right away.” Bitvo’s trading platform was (and may still be) a whitelabel of AlphaPoint, a service which was previously breached in May of 2019. This may explain why our efforts to get feedback on our framework from their team via email, LinkedIn, and Telegram have gone unanswered while we have valuable feedback from other leading Canadian platforms.

To comply with our framework, we recommend Bitvo confirm their multi-signature arrangement requires at least 3 of 4 signatures. It should be reasonable to use company funds or self-insure the 5% balance they’re using for hot wallets. We have suggested forming an industry insurance fund which may be cheaper and more secure. We recommend a third party to validate that all customer funds are backed on the blockchain or in company accounts. This would include a full hash list enabling customers to confirm that their assets were considered by the validator.

CoinField - According to their security page, CoinField is still the "most secure trading platform in Canada", which they state is because “[m]ultiple layers of gateways are required to allow access to data and to conduct transactions”. They “use Multi-sig wallets that require more than one key to authorize a digital transaction” and “[c]old storage wallets [which] are kept offline in a secure safety deposit box”. However, funds are “only retrievable only if the two founders are present at the same time”. This creates an opportunity for one founder to force/hack the other to perform a withdrawal, and risks if one founder dies, gets arrested, or is incapacitated. Of additional concern is their use of a “one of a kind secret vault that’s been built from scratch”. In general, developing a custom cryptographic solution, without consulting multiple experts, will result in a less secure solution than the widely used best practices. “Coinfield.com will not be liable, in any event whatsoever, for any loss or damage of any kind incurred as a result of the use of this site or the services found at this site.”

“CoinField employs a vibrant mix of 30+ experts from a wide range of backgrounds, and a variety of different skill sets.” CoinField is apparently based in Estonia and may not have a Canadian office. They were “fully regulated” in “193+ countries”, except for the period between October 2019 and June 2020, when they weren’t even registered as an MSB. They are presently “[a]vailable in 186 countries.”. In full analysis of the website, we failed to locate any mention of audits or validation being performed.

We recommend CoinField expand their multi-signature to require at least 3 of 4 signatures. A third party can attest to their setup and validate customer funds are backed on the blockchain or in company accounts, including a full hash list that would enable all customers to confirm that their assets were provided to the validator.

CoinSmart - CoinSmart aims to build “a Crypto Trading Platform you can actually understand”. Their cold storage uses “Bitgo and Fireblocks”. While utilizing cold storage is a best practice, and the use of a third party custodian helps if a platform lacks technical expertise in-house, the key item missing here is multi-signature technology. If large or repeated withdrawals can be run through an automated central system, or triggered by one person, as their terms state, “there is a risk that a similar cyberattack could affect the Services and result in the theft or loss of your crypto assets for which you cannot recover”.

According to their terms, “[t]he digital currencies held in trust in your Crypto Account are fully-paid assets beneficially owned by you and not by CoinSmart.” They will not “loan, hypothecate, pledge, or otherwise encumber any digital currencies in your Account”. According to their about page, they are “accountable to [their] customers, community and to each other” and “committed to being open and transparent with [their] customers”. It seems surprising, therefore, that CoinSmart has not obtained or published any validation or audit by a third party.

We recommend CoinSmart set up or clarify their multi-signature arrangement. A third party can attest to their setup and validate all customer funds are backed on the blockchain or in company accounts, with a full hash list that would enable all customers to confirm that their assets were provided to the validator and are fully represented in the report.

Coinut - The Coinut platform is “[t]rusted by 1,000,000+ global users”, and claims to be "the most secure cryptocurrency exchange". According to the front of the website, they perform a “[r]eal-time internal audit”, however the details are not public for users and there does not appear to be any evidence of any third party involvement. Users have no way to know that they were included, nor the results of the audit. While they have a "[s]emi-manual process of big withdrawals'', it’s unclear if this involves a multi-signature wallet or if they could be vulnerable to an attack involving lots of smaller transactions. From the details observed on a previous version of the site last year, they protect customer assets “by storing cryptocurrencies offline” in a single “offline computer” and "not us[ing] USB drives, as the online computer may be infected with virus". In addition to removing that page, they’ve added a disclaimer on the website: “Please note that you may not be able to recover all the money you paid to Coinut Pte Ltd if Coinut Pte Ltd's business fails.”

We recommend Coinut expand their team by two trusted individuals and set up a multi-signature wallet requiring at least 3 signatures. A third party can attest to their setup and validate all customer funds are backed on the blockchain or in company accounts. This validation would include a full hash list enabling customers to confirm that their assets were mentioned to the validator.

NDAX - “[A] simple, easy and secure platform to instantly buy, and sell Bitcoin, Ethereum and other cryptocurrencies.” Since last year, they no longer call themselves “Canada’s most secure trading platform”. Instead, “NDAX’s security standards are among the highest in the Canadian FinTech industry”. It’s good to see that “[t]ransferring funds out of cold storage requires multiple approvals from NDAX’s senior management team”, however it’s unclear how many approvals are needed. “NDAX’s Ledger Vault is whitelisted” which provides additional protection, meaning that to steal funds, access would be needed to override the whitelist or obtain access to the warm wallets.

They’ve switched from stating they store “95-98% of user funds in an offline, multi-signature wallet” to “a majority of user funds in an offline, multi-signature wallet.” That’s right. Up to 50% of the funds may be in hot storage! “Both NDAX’s hot and cold wallet service providers are System and Organization Controls (SOC) 2, type 1 certified.” SOC 2 is a framework which “defines criteria for managing customer data”. Type 1 certification determines “whether their design is suitable to meet relevant trust principles” and does not indicate anything about “the operational effectiveness of those systems”. SOC 2 is an internal-only report (unlike SOC 3 which can be published). This certification only applies to their “service providers”, not the NDAX platform itself. While “NDAX has implemented Multi-Party Computation (MPC) technology”, there is no indication this applies to hot wallet storage.

While “[d]aily reconciliation of financial assets on and off the platform is performed to record assets’ integrity”, no visibility is provided externally, and no customers have the ability to know whether they were included. Existing funds are protected against “insurable incidents”, which include cold wallet “internal theft and Hardware Security Module (HSM) malfunction”. Without reviewing the insurance contract line by line, it’s nearly impossible to evaluate what level of protection is offered, what stipulations may apply, and the solvency of the insurance provider.

We recommend NDAX require at least 3 of 4 signatures (or clarify). The best practice is to use company funds for hot wallets, or self-insure the full amount. We’ve proposed an industry self-insurance model which may be an easier and more secure alternative. We also recommend getting a third party to attest to their setup and validate that all customer funds are backed on the blockchain or in company accounts, including a full hash list that would enable all customers to confirm that their assets were provided to the validator and are fully represented in the report.

Newton - “Newton is crypto as it should be: buy and sell on any device with access to some of the best prices for cryptocurrency in Canada.” “Most of our cryptocurrency is stored in secure locations with no internet connection.” They mention “[i]nstitutional-grade storage for your digital assets”, and Newton was one of the first to announce “[t]hird-party custody”. Newton’s custody page doesn’t exist anymore, but the old version is here.

Newton stores customer funds with Balance. “Multinational companies trust” Balance. According to Dustin, “Balance does have an insurance policy in place currently as well - we/Balance will have more to say on that soon.” According to the Balance terms, “the digital assets you purchase via the Platform are not protected by any government or other insurance”. "Prospective clients...will hold the entire liability associated with purchasing a Digital Asset Cache™️ and using [Balance] services, potentially including partial or total loss of capital." According to Balance, “[a]ll transfers require the coordinated actions of multiple signatories across our organizations.” It’s not clear if Newton themselves employ a multi-signature, and how many signatures are required. More on Balance can be found in last year's post.

In discussions last year, Newton was working on a feature “allowing you to login to Balance directly to verify your balance and move funds independently of Newton”. I wasn’t able to obtain further information from the Newton team in time for this publication, and searches performed did not find evidence this was launched. It’s unclear if this means that crypto-assets will be stored in distinct wallets, and how a customer could be certain that a given wallet is uniquely theirs.

We would recommend that Newton clarify their multi-signature wallet, and require at least 3 of 4 signatures. We need greater information to assess the insurance and backing visibility. This section may be updated in the future.

Apparent Verification

CoinBerry - “[T]he only Insured, OSC & FINTRAC registered & PIPEDA compliant crypto trading platform trusted by Canadian Municipalities.” After an unexplained incident in August of 2020, CoinBerry now has a “Financial Institution Bond”, of which details are sparse, but it apparently protects “financial losses due to dishonest acts and unethical behavior from Coinberry employees”. Based on that sentence, it may not provide protection against much more common attack vectors of owners, contractors, system security breaches, or impersonation attacks. “200M in insurance coverage” is provided by “Gemini Trust Company LLC™”, to whom CoinBerry has generously transferred cryptographic ownership of “not less than 80% of the total value” of customer funds. Insurance is provided by “Nakamoto, Ltd. (Nakamoto), a captive insurance company licensed by the Bermuda Monetary Authority (BMA)” with limited detail available.

CoinBerry has always stored funds offline in multi-signature wallets, although previous iterations of their system required only 2 staff signatures. Cold storage funds are now stored in “institutional-grade crypto storage”, an "offline, air-gapped Cold Storage system.” They “use a multisignature digital signature scheme (multisig)”, however it's unclear how many signatures are required. “CEO (Tyler Winklevoss) and President (Cameron Winklevoss) are unable to individually or jointly transfer cryptocurrency out of [Gemini's] Cold Storage System.” In addition, “[a]ll employees undergo criminal and credit background checks and are subject to ongoing background checks throughout their employment.”. Of greater concern would be the 20% of funds remaining hot on the platform. “We cannot and do not guarantee or warrant that the Site or the content on the Site are compatible with your computer systems or that the Site or the content will be free of viruses, worms, trojan horses or disabling devices or other code.”

The details of the OSC arrangement can be found here. CoinBerry "has provided and will continue to provide audited annual financial statements in accordance with section 12.10 of NI 31-103." Past audits appear to have been conducted by the accounting firm MNP. Despite a stated goal of “demonstrating a rigorous commitment to trust, security and transparency”, no information is publicly available and customers of the platform have no evidence of the inclusion of their funds. CoinBerry has also so far failed to acknowledge or explain the events of August 2020.

There have been multiple issues with withdrawal delays, including one affecting hundreds of customers last year. Last year, fees were increased from 0.5% to 1%. The fee is now “between 0% and 2.5%”. “We are proud to offer fully transparent pricing with NO hidden charges and NO additional fees.” “Coinberry shall be entitled to charge to any Dormant Account a monthly fee of $5.00, either in Funds or any form of Crypto Assets, plus any other additional costs as Coinberry may, in its absolute discretion, apply.” CoinBerry has publicly expressed agreement that you should not store funds on cryptocurrency exchanges including their own. “You agree to indemnify and hold us, and our subsidiaries, affiliates, officers, agents, co-branders or other partners, and employees, harmless from any claim or demand”.

We recommend CoinBerry clarify their multi-signature structure, to confirm it requires at least 3 of 4 signatures at all levels. The best practice is to use company funds for hot wallets, or self-insure the full amount. We’ve also proposed an industry self-insurance model, a more secure alternative based in Canada, and likely significantly cheaper than present insurance costs. We also recommend getting a third party to attest to their setup and validate that all customer funds are backed on the blockchain or in company accounts, including a full hash list to enable all customers to confirm assets were disclosed to the validator.

CoinSquare - CoinSquare is “[t]he world's home for digital currency”. “Everyone in the world deserves a safe, easy-to-use way to access digital currency markets.” Their “100% proprietary system”, “[b]uilt in-house with proprietary technology”, has so far apparently “never (ever, since 2015) lost a single coin”. “[Y]ou are aware of and accept the risk of, and agree not to hold Coinsquare responsible for any loss resulting from any operational challenges to which the Services may be subject, such as malicious cyberattacks, exploitable security system flaws and other security breaches”.

CoinSquare has grown a lot! It was only last year when they received a multi-million dollar fine for inflated trading volume, and only the year before when CoinSquare mysteriously went offline and suffered “a data breach of personal information contained within approximately 5,000 records of customer relationship management (CRM) data.” They have a “95% cold storage” policy, and their site still doesn’t appear to mention whether multi-sig is being employed or not. Their apparent regular audits are not public (allegedly by an undisclosed “national accounting firm”). They’ve previously described themselves as solvent rather than fully backed, although they now state that “Digital Assets held in trust will be fully-paid assets beneficially owned by you and not by Coinsquare.”

We recommend CoinSquare store use a multi-signature setup which requires at least 3 of 4 signatures. The best practice is to use company funds for the 5% in hot wallets, or self-insure the full amount from funds in cold storage. We’ve also proposed an industry self-insurance model which may be an easier, more comprehensive, and more secure alternative. A third party can attest to their setup and validate that all customer funds are backed on the blockchain or in company accounts, including a full hash list to enable all customers to confirm that their assets were disclosed to the validator.

Kraken - “Kraken is a crypto exchange for everyone.” Kraken recently achieved the momentous accomplishment of becoming the first cryptocurrency exchange to be a regulated bank by completing a charter in the state of Wyoming. Kraken calls itself the “most trusted cryptocurrency exchange” and apparently “provides world class financial stability by maintaining full reserves, healthy banking relationships and the highest standards of legal compliance”. “95% of all deposits are kept in offline, air-gapped, geographically distributed cold storage.” The specific details of whether a multi-signature arrangement is in use are not provided.

According to alleged court papers, Kraken operated illegally in the state of New York. Previous staff have been legally silenced. Kraken’s website features a Proof of Reserve page, stating that “[o]ver the past several weeks, Kraken has successfully developed and completed an industry-leading, independent, cryptographically-verified audit.” But the page was written in 2014 and among the long list of limitations, the process does not enable any validation on the blockchain. Kraken assures users that “[w]e keep full reserves so that you can always withdraw immediately on demand.” However, one of the former employees for Kraken alleges wrongful dismissal and that the bank accounts of Kraken are actually running millions of dollars short of where they should have been.

We recommend Kraken store customer funds in a multi-signature setup with at least 3 of 4 signatures wherever possible, and use company funds for hot wallets, or self-insure the full amount from funds in cold storage. We recommend getting another third party attestation to their setup and validate that all customer funds are backed on the blockchain or in company accounts, as their previous assessment is now 7 years old. This validation would ideally include a full hash list that would enable all customers to confirm that their assets were provided to the validator and are fully represented in the report.

NetCoins - “It's easy to buy and sell with Netcoins”, "Canada's easiest, most trusted way to buy and sell crypto." Mitchell Demeter remains president although he no longer appears on the team page. You may remember him as the one who “co-founded Cointrader Exchange, one of Canada’s earliest online digital currency exchanges”, which shut down after “an internal audit showed “a deficiency of bitcoin" in company wallets that was causing a delay in withdrawals”. There does not appear to be any blog announcement about his removal, although we did find one about how "crypto is plagued with a bad reputation". “At Netcoins we understand that sentiment. We know of people, and heard of countless others, who have lost their investments and been burned by the industry.” “Crypto exchanges must be held accountable.”

Their “customer funds are held in cold storage” “and insured with Bitgo”, with no visibility into what’s covered by the insurance. “Accessing these funds requires a specific number and combination of video calls from our top executives.” (See their team page for the list of people a hacker needs to impersonate.) “We do our best to protect our users by putting all the right bells and whistles (ex: warning signs) within our emails, website and platform.” For example, "At Netcoins, we strongly recommend our users take possession of the crypto they’ve bought through us by transferring them to a crypto wallet that they are in direct possession of." Unfortunately, they appear to be heavily advertising on TV to less experienced users who are less likely to take this advice. BIGG Digital Assets (the parent company of Netcoins) is audited by Manning Elliott LLP, although Netcoins still appears to provide no outside visibility into what portion of funds are backed.

We recommend Netcoins use a multi-signature setup which requires transactions to be signed by the physical possession of keys to prevent the remote impersonation of staff (which is possible through the advancement of deepfakes). We’ve also proposed an industry self-insurance model which is likely an easier, more comprehensive, and more reliable alternative than the policy of Bitgo. A third party attestation to their setup and validation that all customer funds are backed on the blockchain or in company accounts could include a full hash list that would enable all customers to confirm that their assets were provided to the validator.

Full Backing Report

There are still only two exchanges in Canada meeting these criteria.

BitBuy - "Bitbuy is Canada's trusted and secure platform, serving over 350,000+ Canadians." The platform has operated since 2016, and was the very first to get a “Proof of Reserve and Security Audit Report” from third party CipherBlade. Since that time, they’ve continued to get separate third party validations, with the second and third ones from Blockchain Intelligence Group, most recently in June 2021. With now three independent reports from two different third parties, BitBuy maintains the title as the most transparent exchange in Canada.

While the site states that “99% of your crypto is kept secure in our Cold Storage, and covered by a comprehensive insurance policy.”, this contradicts the June 2021 report by Blockchain Intelligence Group, which stated backing levels as low as 96.29% on some crypto-assets and the latest BitBuy validation offers no visibility/hash list for customers to validate their balances were included, similar to the previous validations. As such, BitBuy could have excluded any number of customers and passed all 3 verifications with flying colours. The best security has platforms placing their own funds in hot wallets, or alternatively self-insuring customer hot wallet funds with additional cold storage assets. It is unclear from the BitBuy website whether a multi-signature wallet is in use and how many operator signatures are required to authorize withdrawals.

Mentions of custodian Knox appear to have disappeared from the new BitBuy website. More detail on Knox’s security model can be found in the 2020 post. While their new CoinCover policy is publicly verifiable on the BitBuy website, it gives high-level features only, with no details. At the moment, no one has visibility to the actual policy details of what’s really covered and neither party has any incentive to present that information objectively.

We recommend BitBuy ensure a multi-signature setup requiring at least 3 of 4 signatures from platform operators, and provide more details on their insurance policies. We’ve proposed an industry self-insurance model which is likely easier, more comprehensive, and more reliable. The regular third party validations are in line with our recommendations of once per 6 months for established platforms. It’s also awesome to see the use of two separate validators! Part of our recommendations are to not repeat validators within a 14 month period, and to generate a hash list enabling customers to independently validate their backing, which would ensure that any customer could check their balance was included and validated by multiple independent firms.

ShakePay - “The easiest way for Canadians to buy and sell bitcoin.” “At Shakepay, we make the security of your account, personal information, and money a top priority.” While other platforms are typically upfront about the fees or spread charged, ShakePay lists one price and promotes the service as “commission-free”. The profit model can only be found by clicking through to a separate page. Spread and pricing information is only ever available from within a registered account.

In August 2020 (more than a year ago now), ShakePay completed an assessment provided by CipherBlade. CipherBlade found that reserves appeared to be fully backed including extensive analysis of the transactions and provided data. ShakePay states that the “majority of all digital currencies are stored securely offline”. The CipherBlade report found this ratio was at “93% of Bitcoin and 91% of Ethereum” in cold storage at the time of the report, though it “var[ies] periodically to some degree throughout the day”. The report refers to a “multi-signature wallet interface”, which they later call a “service to access its sending and receiving multi-signature wallets”, which apparently also “does not have control over cryptocurrency in the hot wallets”. Apparently, this “not mentioned” service is “without any known security risks” and there are also “redundancy measures” in place as well.

“The vast majority of digital currencies are held offline on air-gapped, cold storage wallets. A small amount is kept in hot wallets to serve the liquidity needed for everyday transactions.” However, the majority of funds are no longer stored with ShakePay but given to an undisclosed “trust company registered under the NYDFS”. While ShakePay won’t identify the third party, “CipherBlade can confidently conclude that Shakepay controls these cold wallets” even though “they are controlled by [the] cold storage provider” and “the cold storage provider ultimately holds the private keys”. “Multiple people are required to authorize transactions. Neither of the two founders, Jean or Roy, are able to perform withdrawals from our cold storage wallets.” It is unclear how many operator signatures are required for withdrawals.

“Shakepay holds an insurance policy on the digital currencies held in cold storage. This policy covers most damages, theft, and loss of private keys.” Shakepay, for whatever reason, has chosen not to disclose their custody partner. It's unknown in any “quite unlikely” events what “the cold storage provider’s policy and Shakepay’s own policy” would cover. ShakePay does receive “an account statement” “which includes applicable wallet addresses and balances held” and “[d]ata found on the blockchain was also in line with information found on these statements.”. Shakepay does not provide customers any tool to validate inclusion in the report published August 2020.

We recommend Shakepay cold store in a multi-signature setup with at least 3 of 4 signatures from platform operators required (or clarify if this is already the case). Greater details of the insurance policies would be necessary to evaluate them. We’ve proposed an industry self-insurance model which is likely an easier, more comprehensive, and more reliable alternative. We appreciate Shakepay obtaining third party validation, and a new report would provide certainty funds are still backed.

Full Proof of Reserves

More information and definitions of Proof of Reserve, Proof of Liabilities, and Proof of Solvency can be found on Nic Carter’s blog, who has been working on these concepts far longer than I have. He’s confirmed that “what [Canadian exchanges] are doing is not a full PoR”.

All platforms in Canada have failed to provide visibility to the public blockchain entries backing funds on their platform. All claims and verifications have been against customer lists provided by the platform with no ability for any customers to validate they were included.

Summary and Thanks

Thanks so much for reading! I’d like to thank Jay, Jason, and Gustavo for taking many hours to help review the post, and also appreciate Ethan (TxQuick), Dean (BitBuy), Jean (ShakePay), Dustin (Newton) and many others for past discussions. We hope to have more discussions with platform operators and regulators in the future and welcome all feedback!

If you’re tired of sitting back and want to help create a future of innovation and security for Canadian crypto-asset platforms, join us any Thursday evening at the CryptOasis meetup! You can also sign up for our newsletter!


No comments:

Post a Comment