
Coincheck Says It Lost Crypto Coins Valued at About $400M - Bitcoin_McPonzi
https://www.bloomberg.com/news/articles/2018-01-26/cryptocurrencies-drop-after-japanese-exchange-halts-withdrawals
======
ReverseCold
Other discussion on the topic:

[https://news.ycombinator.com/item?id=16240874](https://news.ycombinator.com/item?id=16240874)

------
cryptozeus
Is it may be just may be possible that these exchanges are stealing their own
money ...you it not being regulated and all ??

~~~
danschumann
My thoughts exactly.

------
themagician
I feel like this is the ultimate fate of every exchange that holds coins.

~~~
JumpCrisscross
> _this is the ultimate fate of every exchange that holds coins_

I do too. There is a reason modern markets feature segregation between
exchanges, clearing/settlement, and customer-facing (and funds-handling)
brokers.

~~~
totalZero
There are indeed some definite advantages to the structure of modern markets,
as you say.

Securities markets, even structured as they are, would totally eat their
customers if they were unregulated. It's fear of the SEC and FINRA ending
their careers that keeps most of them in line. You could add three more
participants to the crypto trading process and it would still be a minefield,
because any one of those participants may misbehave absent regulations.

Modern markets involve a brokerage that acts as a custodian of your account
holdings, separate from the exchange itself. However, that alone doesn't
prevent churning, violation of account terms, opening of unauthorized
accounts, recommendation of excessively risky trades, misuse of capital that
leaves little liquidity to ballast the whole firm, etc.

Keep in mind that it's the FDIC that insures your personal bank deposits, and
that there are regulatorily approved clearinghouses to remove counterparty
risk from many derivatives markets. These things wouldn't exist without
regulators.

~~~
themagician
I'm not sure any amount of regulation would really solve the problem. At the
end of the day someone is going to be able to see the private keys. And that's
all they have to do—see it. Anyone with access to a private key can steal it
at any time.

It's almost the same as being able to rob a bank just by being able to look in
the vault. You just need a peak, and escaping with the pot is as easy as
pretty a button.

------
Jedi72
I wonder what the multiplier of real money to crypto money was. They say $400M
was lost but if $10M of fiat was put in and the price goes 40x (because one
guy who threw in $50 cashed out at the high price) was there really $400M
lost, or just the original $10M?

~~~
jgalt212
an interesting point you raise. I read recently that practically 100% of the
principal for Madoff ponzi schema was recovered. 0% of the fictitious gains,
mind you, but 100% of the original money invested.

~~~
Y7ZCQtNo39
About 73% of the principal has been recovered as of December 2017. [1]

[1] [https://www.bloomberg.com/news/articles/2017-12-18/madoff-
vi...](https://www.bloomberg.com/news/articles/2017-12-18/madoff-victims-near-
full-recovery-of-principal-with-new-payout)

------
tabeth
I was curious if anyone has done the real life equivalent of this. According
to thrillistthe great bank heist (from a single bank) in history was like 70M.
[1]

Funny how an over a magnitude more money just goes missing.

[1]

[https://www.thrillist.com/culture/most-successful-bank-
robbe...](https://www.thrillist.com/culture/most-successful-bank-robberies-of-
all-time-biggest-heists-in-history)

~~~
ikeboy
[http://bgr.com/2015/02/16/300-million-bank-theft-
hackers/](http://bgr.com/2015/02/16/300-million-bank-theft-hackers/)

~~~
tabeth
100 banks to get $300M - $900M is still a lot better than a single exchange
losing half a billion.

~~~
ikeboy
Well no, their customers lost it. Unless you think the unregulated exchange is
going to make them whole.

~~~
tabeth
Can't say I understand. Didn't the exchange's customer also lose it?

~~~
ikeboy
Money being taken from a bank generally does not get taken from the customers
of that bank, unless the bank fails.

Money being taken from an exchange generally leads to customers losing it, so
one could split the loss among them, the same way you split the loss among
banks above

------
tannranger
this is the future of money. amazing.

~~~
craftyguy
No, this is pretty much the proverb "a fool and his money are soon parted" in
action

------
dingo_bat
"lost"

~~~
Spivak
The addresses of the exchange are known and everyone can see the money that
goes in and out. It would be quite difficult to actually steal the money.

~~~
dilap
would it? what keeps them from just making up a new address and stealing the
$? and then transferring that cash to some anon coin? (genuine question; not
versed in this at all.)

~~~
Giroflex
Sending to that new address would be public.

~~~
Y7ZCQtNo39
Yeah, but it's hard to say whether the transaction to the new address was done
by a fraudster or the exchange.

They can claim their private key was stolen, and it wasn't the exchange's
owner, but we have no way of knowing for certain.

------
InclinedPlane
"Someone should really regulate this whole system, it's getting ridiculous."

~~~
__s
People should really understand that trustless systems mean not trusting an
exchange. If the coins aren't in your own wallet, you don't own them

An exchange is not a bank

~~~
ceejayoz
Of course, then you have to trust your own infosec. I don't, personally. Too
many ways to fuck it up, and the bad guys only need to get it right once.

~~~
AlexCoventry
Dedicated hardware and encrypted backups go a long way.

~~~
ceejayoz
Sure, until this happens:
[http://www.dailymail.co.uk/news/article-5323601/Bitcoin-
robb...](http://www.dailymail.co.uk/news/article-5323601/Bitcoin-robbers-
alerted-fortune-prolific-trading.html)

Harder to do that to an exchange.

------
politician
This is why a technology like AirSwap [1,2] is the future of exchanges. You
hold your own coins because the exchanges are just waiting to rob you.

[1] [https://swap.tech/whitepaper/](https://swap.tech/whitepaper/)

[2] [https://medium.com/@jon.doe.ethereum/airswap-a-
centralized-e...](https://medium.com/@jon.doe.ethereum/airswap-a-centralized-
exchange-tragedy-8c7c09a52d79)

~~~
viach
There is also a thing called AtomicSwap
[https://en.m.wikipedia.org/wiki/Atomic_swap](https://en.m.wikipedia.org/wiki/Atomic_swap)

------
tednash
Are any exchanges actually built on robust decentralised infrastructure yet?

------
politician
"custodial risk"

