Gemini, a cryptocurrency exchange founded by the Winklevoss twins, aims to improve user privacy with a major privacy token, Zcash (ZEC).
Starting Sept. 29, Gemini will support shielded withdrawals of ZEC, which allows users to hide their transaction data.
Gemini representatives said that the new feature is the “first time shielded ZEC withdrawals are available on a regulated exchange.” The new option comes in line with Gemini’s mission to strengthen financial privacy and “empower the individual through crypto,” Gemini executives said.
Launched in 2016, Zcash is a major privacy-focused cryptocurrency, enabling two user privacy levels through two types of addresses — transparent, or t-addresses, and shielded, or z-addresses. In contrast to transparent addresses, shielded ZEC addresses are designed to encrypt and hide transaction data like sender, receiver, as well as the amount sent.
According to Gemini, the exchange will store ZEC in t-addresses. In order to complete a withdrawal of shielded ZEC, users can simply withdraw their ZEC to a z-address. Exchange users are already able to deposit ZEC from a z-address into their accounts.
Gemini did not specify whether the exchange received any special regulatory approvals to introduce shielded ZEC withdrawals. However, the reps said that the new feature “demonstrates that with the right controls in place and the proper education, regulators can get comfortable with privacy-enabling cryptos.”
Gemini’s addition of shielded ZEC withdrawals comes amid regulatory uncertainty over Zcash.
As previously reported, some global exchanges like Japanese Liquid had to delist Zcash to be compliant with regulations. Over the course of 2019, a number of crypto services like OKEx and Upbit cut support for Zcash alongside major privacy coin Monero (XMR), citing concerns over their anonymous nature. In August 2019, major American crypto exchange Coinbase announced the termination of Zcash custody for customers based in the United Kingdom.
Author: Published 16 hours ago
1inch, a Non-Custodial Crypto Exchange Aggregator, Partners Hacken to Improve Platform Security
1inch.exchange, a decentralized or non-custodial crypto exchange (DEX) aggregator, notes that they’re always working on making improvements to the overall security of their service. The 1inch team confirmed that they’ve teamed up with Hacken, an established provider of cybersecurity solutions.
The 1inch team stated:
“We … have always been taking security very seriously. Now, it is time to take the protection of our users to a new level, and we are happy to be doing this in collaboration with Hacken.”
The 1inch developers claim that Hacken has a great track record in the cybersecurity space and its team members are also experts in code and infrastructure auditing.
1inch plans to enhance the security of its platform and offer greater consumer protection by working cooperatively with Hacken in several key areas, such as auditing code, APIs and infrastructure.
Sergej Kunz, co-founder and CEO at 1inch, stated:
“We are thrilled to welcome Hacken as our security associate. Thanks to this collaboration, our service will become safer for users. Together with Hacken, we’ll be able to take security in the (decentralized finance) DeFi space to a complete new level.”
As mentioned in a blog post by 1inch, the Hacken team mainly focuses on serving as a cryptocurrency exchange auditor. It’s a cybersecurity consulting firm that was launched in August 2017.
As noted in the announcement, Hacken provides several services including blockchain security consulting, web/mobile penetration testing, coordination of bug bounty programs, crypto exchange ratings and cybersecurity education.
As reported recently, Hacken revealed that it would be integrating Chainlink’s “decentralized” oracles so that data is more accessible to decentralized apps (dApps).
The Hacken team had noted recently:
“Our integration with Chainlink’s … decentralized oracle network will enable smart contracts from any blockchain to access Hacken’s security data. Developers can … leverage Chainlink’s existing pool of secure node operators to build in security buffers that protect user funds and/or ensure more secure and reliable transaction/protocol automation based on Hacken data feeds.”
They also mentioned:
“Providing cybersecurity data about DeFi smart contract audits is a crucial part of maturing the DeFi industry. Anonymous developers and yield farming spinoffs can drive speculation, often without regard for security. For average users, information about security and trusted audits is difficult to access, especially in real-time. Hacken aims to supply this data to users on-demand to foster stronger security in DeFi as a whole, ultimately reducing information asymmetry and increasing transparency.
Author: News Bureau
Alpha Sigma Capital Invests in Derivatives Crypto-exchange ACDX
Hong Kong, Sept. 29, 2020 (GLOBE NEWSWIRE) — (via Blockchain Wire) Alpha Sigma Capital (ASC), a pioneering digital asset fund investing in emerging cryptocurrencies and blockchain companies has partnered with ACDX, a new cryptocurrency derivatives exchange company founded and lead by former OKEx COO, Andy Cheung.
The company recently completed its private sale and launched a convertible note sale that is accessible on Uniswap. Following the private sale, ACDX saw increasing demand from its community regarding its governance token ACXT, which prompted the convertible note sale on Uniswap.
ACDX’s next-generation exchange will provide innovative crypto derivatives and structured products, some of which have yet to be introduced to crypto markets. The company plans on continually staying ahead of the curve and creating innovative products for both retail and institutional investors to manage their risk and achieve their desired returns. ACDX launched in September 2020 and is accessible internationally including Asia, Europe, and South America. The United States will not have access to the exchange at this time.
Andy Cheung, Founder & Executive Chairman, commented. “ACDX plays the role of a catalyst to foster the cryptocurrency industry development. On the cutting edge of financial technology, we innovate new products and create new markets to better connect traders and help grow projects’ communities.”
“We’re excited to be partnering with the ACDX team and supporting the project and company. The crypto-derivatives market has grown into a multi-billion dollar industry and the Alpha Sigma Capital team recognizes that entrepreneurs like Andy Cheung who continue to set the pace for this burgeoning financial market,” said Enzo Villani, CEO and Chief Investment Officer of Alpha Sigma Capital.
About Alpha Sigma Capital
Active Investing in the Blockchain Economy.™
Alpha Sigma Capital (ASC) is an investment fund focused on emerging blockchain companies that are successfully building their user-base, demonstrating real-world uses for their decentralized ecosystems, and moving blockchain technology towards mass-adoption. ASC is focused on companies leveraging blockchain technology to provide value-add in areas such as fintech, AI, supply chain, and healthcare. You can find more information at www.alphasigma.fund.
ACDX offers a next-generation cryptocurrency derivatives trading platform with cryptocurrency structured products that the industry has not yet seen, such as callable bull/bear contract, warrant contract, accumulator/decumulator, etc. We actively cultivate a company culture that is focused on true innovation across a wide range of easy-to-use, fair, and transparent trading products that suit the needs of current and emerging cryptocurrency traders. For more information visit www.acdx.io
Disclaimer: This press release is for informational purposes only. The information does not constitute investment advice or an offer to invest. Tokens and virtual currencies, in general, are not legal tender, in any country, and are not backed by any government as legal tender, nor should they be treated as such. Andy Cheung is a Strategic Advisor to Alpha Sigma Capital.
Partner, Administration and Investor Relations
Alpha Sigma Capital
Alpha Sigma Capital Fund, LP
El Segundo, California, UNITED STATES
Author: Alpha Sigma Capital Fund, LP
Is the KuCoin Hack Bigger than $150M? On the Downside of Centralized Exchanges
There has been a marked decline in both the number of cryptocurrency exchange hacks and the amount of capital that has been stolen through this flavor of cybercrime. In 2018, $875 million was stolen in six major hacks; in 2019, an additional $282 million was pilfered in 11 hacks.
So far this year, there have been six cryptocurrency exchange hacks. While the exact amount of stolen capital from all of these hacks has not yet been totalled, estimates show that the total amount of crypto stolen is somewhere between $220 and $300 million.
The Most Diverse Audience to Date at FMLS 2020 – Where Finance Meets Innovation
The largest and most recent of these hacks took place on Friday, September 26th around 19:05 UTC, when KuCoin announced that at least $150 million worth of Bitcoin and Ethereum-based ERC-20 tokens had been pilfered from the exchange’s “hot” (online) wallets.
Larry Cermak, Director of Research at The Block, said that the amount stolen could be as much as $280 million.
So I did some accounting of the KuCoin hack based on the wallets very likely associated and based on my estimation, there was nearly $280 million of assets stolen, not $150M. This would make it the third-largest hack in history and 7 times larger than the Binance hack last year.. pic.twitter.com/iESWm1EGPh
— Larry Cermak (@lawmaster) September 28, 2020
The exchange said that users do not need to worry about losing money: “rest assured, if any user fund is affected by this incident, it will be covered completely by KuCoin and our insurance fund,” a statement declared.
However, the hack was an unfortunate reminder that although the crypto industry has come a long way when it comes to centralized exchange hacks, there is still a degree of risk involved in using them.
ByBit chief executive Ben Zhou told CoinTelegraph that as long as centralized exchanges exist, hackers will always be able to exploit them as a single point of failure.
Zhou explained that this is because essentially, centralized exchanges are web applications that are vulnerable in the same ways that all other centralized web applications are vulnerable.
And, as such, it only takes a single point of failure in order to compromise a whole system: it can only take one hacked email, one compromised employee, or one hacked account.
Case in point: remember the Twitter Bitcoin scam debacle that took place in July?
Quick recap: several months ago, a 17-year-old boy in Florida managed to hack into the Twitter accounts of a number of high-profile celebrities and world leaders. He used this immense amount of stolen power to post messages inviting Bitcoin holders to send coins to addresses with the promise that their money would be doubled and returned.
(Spoiler alert: it wasn’t.)
But how was this 17-year-old kid able to mastermind his way into these Twitter accounts (including those of Elon Musk, Barack Obama, and Joe Biden)?
Clever though he was, the hacker wasn’t some kind of programming wiz. Rather, he allegedly convinced a Twitter employee that he worked in the Twitter IT department, and was therefore able to trick that employee into giving him the credentials.
Of course, Twitter’s security measures have since been criticized as being very poor at the time of the attack. Additionally, it’s likely that reputable cryptocurrency exchanges–even those operating without being licensed by a government–have better security measures than Twitter did at the time it was hacked.
Still, the fact that centralized cryptocurrency exchanges are vulnerable to cyberattacks remains: there are simply too many points of failure.
Additionally, a lack of standardized security measures on cryptocurrency exchanges from jurisdiction to jurisdiction means that entrusting funds to a centralized exchange can be a dangerous game of roulette.
For example, centralized cryptocurrency exchanges operating in jurisdictions that specifically regulate cryptocurrency exchanges are often subject to sets of requirements that ensure their safety.
In Japan, for instance, cryptocurrency exchanges must fulfill a set of requirements in order to obtain operational licenses. These requirements include things like the employment of third-party custodial services to keep custody of their users’ assets.
Additionally, if Japan-based exchanges use “hot” wallets, they are obligated to hold “the same kind and the same quantities of crypto assets” in cold storage in order to repay their users should the hot wallet funds be compromised.
Beyond these regulated jurisdictions, however, cryptocurrency exchanges are only good as their word.
And sometimes, the word is good enough–KuCoin, for example, said that “if any user fund is affected by this incident, it will be covered completely by KuCoin,” after it was hacked for more than $150 million earlier this week.
The Block’s Larry Cermak cast doubt on this claim on Twitter: “…it’s quite odd to me that KuCoin is confident they can cover these amounts with the insurance fund,” he said. “My opinion is that there is almost no chance this is recoverable.”
Yes, some of these tokens have been frozen, forked, and blacklisted. And the amounts above don’t reflect that. But it’s quite odd to me that KuCoin is confident they can cover these amounts with the insurance fund. My opinion is that there is almost no chance this is recoverable
— Larry Cermak (@lawmaster) September 28, 2020
FBS Announces New Trading Instruments in FBS Trader AppGo to article >>
And while some jurisdictions require exchanges keep a certain amount of money in their insurance funds at all times, it’s unclear which jurisdiction is responsible for regulating KuCoin.
CoinTelegraph reported that KuCoin said in 2018 that it was headquartered in Singapore. However, KuCoin is not licensed in Singapore, and did not file with the Monetary Authority of Singapore earlier this year to request a deferral of the requirement to operate without a payments license, which would have allowed the exchange to operate in Singapore through July.
Therefore, without a license or a deferral, KuCoin cannot legally operate in Singapore. It remains unclear whether KuCoin is still headquartered in Singapore or if the exchange is based elsewhere; on its website, KuCoin’s company profile states it “operates in the Seychelles.”
Still, while KuCoin’s reputation as a popular and well-kept cryptocurrency exchange–along with promises to return any stolen user funds–are enough to reassure affected users that they will, in fact, be reimbursed, this isn’t always the case for other centralized cryptocurrency exchanges.
We all knew an exchange hack was coming. It appears as though KuCoin is going to take it on the chin and users won’t lose funds.
I trade a lot on the Ku and have more coins there than I should.
Big wake up call regardless if funds are #safu or not.
— EllioTrades (@elliotrades) September 26, 2020
A lack of best practices enforced by standardized licensing and regulation requirements also means that cryptocurrency exchanges could be making themselves more vulnerable than was necessary in the first place.
For example, Charles Guillemet, chief technical officer of Ledger, a leading crypto security company, said in a statement shared with Finance Magnates that “it seems incredible that KuCoin would keep upwards of $150-220M in hot storage.”
“This runs a high risk when it comes to governance and management of liquidity. Exchanges must encourage risk mitigation tactics like using a hardware wallet and educating users to only allocate less than 10% of their crypto assets to hot wallets.”
In other words, it may have been unnecessary for KuCoin to be keeping hat much money in internet-connected digital locations in the first place.
This highlights an important challenge that cryptocurrency exchanges have to deal with every day: straddling the line between providing enough liquidity for traders and keeping funds safe.
ByBit chief executive Ben Zhou commented to CoinTelegraph that there are benefits and drawbacks to both systems: cold wallet systems are more secure since hot wallets are connected to the internet, which makes them more vulnerable to hacking. On the other hand, deploying a cold wallet system does not allow users to make large withdrawals from an exchange immediately, which could be a problem for institutional traders.
Therefore, there may not be any one right answer when it comes to how cryptocurrency exchanges should design their custody systems. One thing is for sure, though: any system needs to be built with intention, and tested–heavily.
“This can be accomplished by applying best practices for application lifecycle management, hiring knowledgeable and reputable security consultants for penetration testing and running bounty programs within the white hat community to identify any potential vulnerabilities,” ByBit’s Ben Zhou commented.
While centralized cryptocurrency exchanges remain vulnerable, however, it’s not clear if their alternative–decentralized exchanges (DEXs)–are a viable alternative at this point.
The Kucoin hack feels like a tipping point.
The crypto markets shrugged off a $150mm loss like “well that was dumb but we should have been trading on decentralized exchanges this year anyway.”
+ blockchain bridges
+ oracle, wallet infra
+ privacy solutions
— Ryan Selkis (@twobitidiot) September 28, 2020
Still, trading volume on decentralized exchanges is increasing. Citing data from blockchain analytics firm Dune, Brave New Coin reported in August that “trading volume on decentralized crypto exchanges (DEXs) has surged in the last year — and is up over 1500% since January 1st.”
Over the long term, as hacks continue to take place on centralized exchanges, interest in DEXs is expected to continue to grow. As DEXs become more popular (and more reliable) over time, we could eventually see DEXs turn into formidable competitors for their centralized counterparts.
The pain of hacks on centralized exchanges, & even if just FUD, will lead people to consider moving more funds on-chain.
As a result, #DeFi will continue to grow as DEXs like #Uniswap become easier to adopt with https://t.co/n2fMpw0Qq8 & other emerging DEX assistants.#KuCoin pic.twitter.com/2id3g3cdsf
— AstroTools.io (@Astro_Tools) September 26, 2020
Until then, however, centralized exchanges–warts and all–will continue to be the norm.
Finance Magnates reached out to KuCoin for commentary on this story. KuCoin was not immediately available for comment. Comments will be added as they are received.