Risk #1: No exchange can be 100% bulletproof against hackers

Every time a cryptocurrency exchange uses a private key for one of its wallets to accommodate a customer withdrawal, there’s a risk it could be compromised.

The risk is tiny, even infinitesimal. But it’s not zero. So, when you multiply that risk by millions of transactions, suddenly it’s not so tiny after all. Robust security policies and procedures can greatly reduce the risk. But they can never extinguish it. Reason: The process for withdrawing cryptocurrency from an exchange requires the use of a private key via an online process. That’s inherently risky. Technology is always evolving, but clever hackers are constantly on alert for new ways to score.

The Hacker News

Risk #2: Too many exchanges are not audited

Security experts at the exchanges know that, no matter what they do, they could ultimately be vulnerable to Risk #1. So as backup plan, they normally keep only a small fraction of their total funds in the online wallets they use to transact with customers. It’s like a neighborhood grocery store that keeps just enough change in the cash register to cover the business on an average day, plus maybe some extra to cover any spikes. The bulk of the money is moved offsite. In the crypto world, the equivalent mechanism is called “cold storage.” Are cold storage wallets safer than online wallets? Sure. In-and-out transactions are less frequent. So, there are a lot fewer chances for private keys to be compromised. And, needless to say, if they’re not even connected to the internet, it’s much harder for hackers to gain access in the first place. However, this solution to risk #1 also creates risk #2: Most exchanges aren’t audited, and there is no way to know how much crypto they have, or how much they are supposed to have. We know about some wallets that belong to exchanges, but the full picture is rarely disclosed. Here’s the issue in a nutshell:

The distributed ledgers that support cryptocurrencies are transparent and fully auditable. But once the assets are sent to an exchange, only the exchange staffers know how much they actually hold.

You’d think customers would demand more disclosure. But most are satisfied just so long as their transactions are executed efficiently, and they can get their crypto out on demand. In the meantime, the opacity of exchanges can conceal a multitude of sins. This researcher claims Quadriga never even held the Bitcoin it supposedly lost, and depended on inflows from new customers to cover withdrawal requests by existing customers. Investigators recently interviewed by the Wall Street Journal reached a similar conclusion. It suggests Quadriga was a crypto version of the Ponzi scheme that convicted fraudster Bernie Madoff ran for decades.

How to protect yourself

For most crypto investors, doing business without an exchange is almost impossible. Accordingly …

  • Always remember, no exchange is 100% hack-proof.
  •  Seek to keep the bulk of your crypto holdings safely stashed away in offline, cold-storage wallets of your own — those that only you have the private keys to.
  • With all crypto investing, never risk more than you can afford to lose.

Your Remaining Votes (within 24hrs) : 10 of 10
20 votes, average: 4.95 out of 520 votes, average: 4.95 out of 520 votes, average: 4.95 out of 520 votes, average: 4.95 out of 520 votes, average: 4.95 out of 5 (20 votes, average: 4.95 out of 5)
You need to be a registered member to rate this.
(3795 total tokens earned)


  1. James Diegel

    One of the best first things to learn in this space I reckon. In time hopefully, the non-legit exchanges will fade away – and although likely more will pop up in their place for the time being, hopefully as this wild west we reside in develops, only the very best will make up a majority of the share. In addition, hopefully good decentralized exchanges will advance in their ease of use and break up the monotony of a majority of transactions taking place in this still risky environment;)

  2. Zeus69

    Great post on exchanges and their legitimacy. A lot of these exchanges IMO reflect the modern banking systems that rip people off of their hard earned cash. Banksters and scammers my 2 pet hates in this world.
    Thanks for the share bud.
    Mark (Zeus69)