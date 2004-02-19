from the wanted:-one-ouija-board dept.
A cryptocurrency exchange in Canada has lost control of at least $137 million of its customers' assets following the sudden death of its founder, who was the only person known to have access the the offline wallet that stored the digital coins. British Columbia-based QuadrigaCX is unable to access most or all of another $53 million because it's tied up in disputes with third parties.
The dramatic misstep was reported in a sworn affidavit that was obtained by CoinDesk. The affidavit was filed Thursday by Jennifer Robertson, widow of QuadrigaCX's sole director and officer Gerry Cotten. Robertson testified that Cotten died of Crohn's disease in India in December at the age of 30.
Following standard security practices by many holders of cryptocurrency, QuadrigaCX stored the vast majority of its cryptocurrency holdings in a "cold wallet," meaning a digital wallet that wasn't connected to the Internet. The measure is designed to prevent hacks that regularly drain hot wallets of millions of dollars (Ars has reported on three such thefts here, here, and here.)
Thursday's court filing, however, demonstrates that cold wallets are by no means a surefire way to secure digital coins. Robertson testified that Cotten stored the cold wallet on an encrypted laptop that only he could decrypt. Based on company records, she said the cold wallet stored $180 million in Canadian dollars ($137 million in US dollars), all of which is currently inaccessible to QuadrigaCX and more than 100,000 customers.
"The laptop computer from which Gerry carried out the Companies' business is encrypted, and I do not know the password or recovery key," Robertson wrote. "Despite repeated and diligent searches, I have not been able to find them written down anywhere."
The expert, she added, has already accessed Cotten's personal and work email accounts and is now trying to gain access to an encrypted email account. Cotten also used an encrypted messaging system, but the chances of successfully reading the communications appear dim because, the expert has reported, "messages would disappear from the encrypted messaging system after a short period."
(Score: 1, Funny) by Anonymous Coward on Monday February 04, @07:59PM
Finally! You can take it with you! Downside: its cryptocurrency, not actual money.
(Score: 2) by BsAtHome on Monday February 04, @08:01PM (1 child)
The first rule of backup is to have backup people for your backup people.
The second rule of backup is to have backup backup people for your backup backup people.
Then you start building redundancies and eliminate other single point of failures.
(Score: 2) by krishnoid on Monday February 04, @08:02PM
Or insurance. And insurance, probably.
(Score: 2) by Captival on Monday February 04, @08:08PM
With hundreds of millions on the line, they can't hire one good hacker to get into this laptop? I wouldn't be surprised if they're covering up some embezzling, or even the guy faked his own death.
(Score: 2) by Unixnut on Monday February 04, @08:10PM
This applies to crypto, non-crypto and other exchanges.
Just like "on the Cloud" is a synonym for "someone elses computer", "On the exchange" is a synonym for "someone elses bank account/wallet".
Now, crypto exchanges are a bit more risky that non crypto ones, because you can't just print/magic up a bunch of Bitcoin and distribute it to those whose deposits have been lost, like you can with fiat currencies (unless you are in Cyprus, where you just have money go missing from your account), which is why it is all the more important to keep cryptos in your own wallet, under your control.
I keep the bare minimum of money on exchanges, just enough for the trades I am doing, and anything left over is money I can afford to lose, and this applies to both Crypto and normal exchanges, and I would recommend it as good practice to others.