Proof of Keys: Several Exchanges Said to Be “Failing” Bitcoin Ownership Event

HitBTC are apparently not the only ones who are “failing” the Proof of Keys event today. The event is intended to prove the Bitoin solvency of each exchange. Every user is encouraged to withdraw all Bitcoin to private keys that they control. However, according to Trace Mayer and the Proof of Keys’ event’s official page, in addition to HitBTC, several exchanges had issues leading up to or on the day of the event (today).

Not All Exchanges Actually Caught

Not all of the exchanges listed in the “failures” section of the official Proof of Keys site are currently having withdrawal issues. Coinbase pointed out that the issue reported back at the end of December was fixed not long after it was initially reported.

Bitfinex was back up and running about an hour after it reported outages this morning:

HitBTC has failed to comment via Twitter about ongoing withdrawal issues within it. As the below video, which was linked in lieu of CCN’s reporting on the Proof of Keys site, points out, HitBTC may actually have solvency issues:, which is not an exchange but allows people to acquire and use Bitcoin via Amazon Prime, has not responded to the following “withdrawal issue” a user is experiencing:

Clearly, some extra details on this issue would be interesting, such as the amount of Bitcoin being withdrawn. Even a small Bitcoin business would be capable of faking it with a small amount of cryptocurrency. Questions arise when large withdrawals are denied or “issues” arise around them.

Proof of Keys Not Yet Impactful Enough to Measure Solvency

Ultimately, for the full weight of the probing event to be felt by trusted third-party cryptocurrency exchanges, everyone with Bitcoin in any exchange would have to participate. This would essentially leave all exchange wallets empty except for money they have earned through trading fees. Whether this is even possible is a question – could the Bitcoin network process that many transactions in a 24-hour period?

There is the issue of the English-centric nature of Trace Mayer and his following, as well. A huge amount of Bitcoin is traded in Chinese exchanges or in global exchanges like Binance. These people are less likely to subscribe to Trace Mayer. Being dedicated traders they may not even see the actual value in symbolically proving their coin ownership.

One thing is for sure: several exchanges are provably falsifying their trading volume for advertising purposes. CCN recently reported on one particularly egregious example in the case of Bithumb. One less-notable figure in the crypto community alleges that nearly all exchanges have to be lying about their volume due to the actual nature and size of the market.

If exchanges are willing to somewhat nakedly lie about their trading volume, is it possible they’re also lying about having funds securely on hand? History shows that it’s far from impossible. The first major incident of bubble popping and bloodshed in cryptocurrency was Mt. Gox, which became insolvent and tried to cover it for many moons before eventually getting caught. Founder Mark Karpeles may be looking at a ten-year prison sentence as a result.

Solvency is a seriously important issue in a financial system which is designed such that you must control the private keys in order to truly control the money. The Proof of Keys event is designed to remind the trading community that while decentralized exchanges are emerging, the majority of the volume still takes place on exchanges which have full control of the money traded. Bitcoin itself is designed to remove the need for trust in financial transactions. Perhaps the only hope can be that the event grows in popularity in years to come and that exchanges which do not “fail” it in any way are lauded.

Author: P. H. Madore
Image Credit

New Exchange Security Ranking Released, Hackers Target

In a new ranking of cryptocurrency exchanges by the level of security they provide, the US-based crypto exchange Kraken comes out as number 1, judging from criteria like reliability of key storage, technical security, as well as how it handles user’s personal data. The ranking comes out just as news broke that hackers may have been able to hijack bitcoin transactions made on cryptocurrency exchange

The assessment tool that ranks exchanges by the security they offer was developed by cyber security firm Group-IB as a way to determine the appropriate insurance premiums for users who wish to insure their holdings on exchanges through a service known as CryptoIns.

As a result of Kraken’s high score, users of that platform received the lowest insurance premiums when they insure their crypto holdings. Following Kraken came the major crypto exchanges Bittrex and Coinbase Pro with the second lowest insurance premiums.
Chinese crypto exchanges OKEx and Huobi Pro, as well as Japanese exchange Coincheck, a victim to a major hack in January, were deemed to be among the riskiest exchanges to use, the ranking revealed.

In addition to technical aspects, the ranking looked at how the exchanges handled know-your-customer (KYC) and anti-money laundering (AML) procedures.
“This assessment focuses on open source data — white papers, information about founders, security policies. In some cases, with founders’ consent, the assessment includes penetration testing using social engineering methods aimed at the network compromise through the most vulnerable link at any organization— humans,” Group-IB wrote in an update on its website.

In a previous ranking of exchanges by rating agency ICORating, Kraken again stood out as one of the most secure exchanges, coming in at second place. On the first place was Coinbase Pro, while BitMex secured the number three spot. Other notable exchanges on the list were Binance on 17th place, HitBTC on 18th place, and Bitfinex on 54th place.

The new security ranking comes out just as news broke that hackers have successfully breached the website and inserted malicious code in its site-tracking script.
According to Matthieu Faou, the malware researcher who first noticed the breach, hackers may have been able to hijack bitcoin transactions made on cryptocurrency exchange, as reported by ZDNet on Tuesday. is a service similar to Google Analytics, and companies loads the now-breached site-tracking script to view their website analytics.
“We contacted [StatCounter], but they haven’t replied yet,” Faou told ZDNet.
However, it appears that removed the StatCounter script from its website once it became aware of the breach, although no statement has been issued by the exchange.
“ doesn’t use StatCounter anymore, thus customers should be safe now,” Faou confirmed. It remains unclear how many, if any, bitcoin was actually stolen before the breach was discovered.

Author: Fredrik Vold
Image Credit