One of the biggest crypto exchange has sent ethereum’s days destroyed spiking after moving 988,888 just now, worth about $204 million, for a fee of 6 cents.
“We will be moving some funds between our cold wallets. A tell tale sign of a new cold wallet on Binance is two small transfers from and BACK TO an existing wallet, then a large transaction. No need to be alarmed. Funds are #SAFU,” Changpeng Zhao, Binance’s CEO, said yesterday.
Why these funds are being moved is unclear, but after an in and out test transaction, 100,000 eth were sent to the new address and then 888,888.
8 being a lucky number in China, suggesting Zhao might have been a bit nervous while sending all this eth to the blockchain ether.
According to Santiment data, this is the biggest “withdrawal” from an exchange since February this year when Poloniex moved close to 2 million eth after being acquired by Circle.
With days destroyed (the longer the coin has not moved, the more “days”) spiking too as some of the funds had stayed at the previous address for about a year.
The operation of moving these funds must have been quite immense and intense. One slip up, and all could be gone.
Usually, thus, significant precautions are taken, with the simplest one being the chopping up of the private key through Shamir’s Secret Sharing, placing one key say at the back of the shoe, one at some vault in Switzerland, another with the grandmother wherever.
With the movement of funds impossible unless the majority of these dispersed keys are put back together.
Once they are moved, then a new system might need to be set up because there will probably be leakage somewhere. The two biggest known cold wallet movements until recently were MT Gox in 2011 and Bitfinex sometime in perhaps 2014-15. Both were hacked afterwards.
Meaning, logically, such movement is only taken if there is some necessity. Whether there was in Binance’s case, we do not know. They recently said there was some database problem, so they had to re-synchronize, but if there is anything more under the surface is anyone’s guess.
That’s because exchanges now have probably matured to they point they probably brush under the carpet any hack they are able and willing to cover with their profits.
Revealing it to the public would only lower confidence, with the question regarding hot wallets being not if they will be hacked, but when. So making it a business expense.
As such, a prudent businessman would firstly limit the amount needed in the hot wallet to maybe 5%, and would put aside enough of the profits to cover that 5% so that when the inevitable happens, it’s as if nothing happened as far as end users are concerned.
Arguably then a very prudent businessman would move the cold storage just to be extra safe, or would do so even if there is no hack and just a database problem so as to be very cautious even at the whiff of any potentiality.
Yet here we are seeing two different approaches. Binance has all the coins in one address. One key, perhaps spread across continents, although considering the speed of cold storage movement from announcement on October 20th to moving the next day, maybe more spread across cities.
While another, perhaps smart approach, is showcased by Coinbase. We can’t find their cold wallet. That’s because they don’t have one cold wallet sitting with a million eth. Instead they seem to have many cold wallets sitting with perhaps 5,000 to 10,000 eth.
Now you chop the keys of each of these addresses, add the risk of being caught, add the difficulties of cashing out, add the many easier things your “talents” can gain you, and basically the design is fairly impossible to hack, with the only drawback here being managing it all.
For that, Coinbase is able to claim the title as the only prominent crypto exchange/broker that has been around for so long and has experienced no hack at least as far as we are aware.
Part of which applies to Binance too. They have never been hacked as far as we know. Yet they have been around for less than a year.
There have been some pretty eventful events during that time to earn them quite a bit of trust, but whether it is a good idea to flaunt your cold wallet to the many smart hackers whose eyes might be seeing a jackpot right now, or whether it is better to chop that one million into many pieces, only time will know.