In light of the increasing number of hacks/scams in centralized exchanges, decentralized exchanges (dex) are a viable alternative. Below is a brief summary of the many vulnerabilities associated with centralized exchanges. For a basic understanding of decentralized exchanges, please read this article.

During the 2017 crypto-boom, the number of users on large centralized exchanges like Binance, Bittrex, and CEX.io skyrocketed. Consequently, many of these exchanges quickly halted new user registrations. The reason given was that they needed additional resources and planning to improve their back-end systems. Listed below are the many problems that exist with centralized exchanges.

No Cold Wallets

In October, of 2018, a Canadian cryptocurrency exchange named Maple Change lost nearly $5 Million in customer funds due to a hack. The company representatives announced the following through their Twitter:

They subsequently responded: “We have no more funds to pay anyone back. The exchange must shut down, unfortunately. This includes all of our social media.

In response to this statement, Changpeng Zhao (CZ), CEO of Binance, stated:

“Avoid using exchanges that don’t have anything in their cold wallets. More people get phished or have their PC hacked by a virus than centralized exchanges. We spend way more for security than a normal user. Which is more security will depend on the users, but the choice is up to you.”

Coin Mismanagement

iFinex Inc., the operator of Bitfinex and Tether Limited, is allegedly involved in dubious transactions that violate the state laws of New York, USA. In particular, Attorney General Letitia James recently stated that:

“Our investigation has determined that the operators of the ‘Bitfinex’ trading platform, who also control the ‘tether’ virtual currency, have engaged in a cover-up to hide the apparent loss of $850 million of co-mingled client and corporate funds. New York state has led the way in requiring virtual currency businesses to operate according to the law. And we will continue to stand-up for investors and seek justice on their behalf when misled or cheated by any of these companies.”

In response to this, Bitifinex released a press note which read:

“Earlier today, the New York Attorney General’s office released an order it obtained – without notice or a hearing – in an attempt to compel Bitfinex and Tether to provide certain documents and seeking certain injunctive relief.

The New York Attorney General’s court filings were written in bad faith and are riddled with false assertions, including as to a purported $850 million “loss” at Crypto Capital. On the contrary, we have been informed that these Crypto Capital amounts are not lost but have been, in fact, seized and safeguarded. We are and have been actively working to exercise our rights and remedies and get those funds released. Sadly, the New York Attorney General’s office seems to be intent on undermining those efforts to the detriment of our customers.

Bitfinex and Tether have been fully cooperative with the New York Attorney General’s office, as both companies are with all regulators. The New York Attorney General’s office should focus its efforts on trying to aid and support our recovery efforts.

Both Bitfinex and Tether are financially strong – full stop. And both Bitfinex and Tether are committed to fighting this gross overreach by the New York Attorney General’s office against companies that are good corporate citizens and strong supporters of law enforcement. Bitfinex and Tether will vigorously challenge this, and any and all other actions, by the New York Attorney General’s office.”

Insider Hacks

On January 15, 2019, Cryptopia created a tweet stating that they would be conducting unscheduled maintenance. As it turned out, this service disruption resulted from hackers being able to access customer funds, leaving the exchange with significant losses.

Although New Zealand Police quickly began investigating the hack, the hackers were able to access 76000 wallets and drain additional funds from the exchange. Elementus, a blockchain company based in New York, USA, estimates that roughly $16 Million USD was stolen in total.

What’s more interesting, or rather unfortunate is the fact that Cryptopia enabled deposits and withdrawals on April 15, 2019. Within a month, on May 15, 2019, David Ruscoe and Russell Moore from Grant Thorton New Zealand were appointed as liquidator of Cryptopia Limited.

David Ruscoe stated:

We realize Cryptopia’s customers will want to have this matter resolved as soon as possible. We will conduct a thorough investigation, working with several different stakeholders, including management and shareholders, to find the solution that is in the best interests of customers and stakeholders,”

It should be noted that it is still not clear as to how the Crytopia hack occurred. The fact that the hacker was able to get his/her hands over thousands of wallet-keys is very disturbing. It’s been widely speculated on reddit and twitter that Cryptopia might have saved their wallet-keys on a server that was accessed by the hacker.

No Safe Haven

Binance, one the largest cryptocurrency exchange in the world, suffered a security breach as well. Despite extensive safeguards, hackers were able to withdraw 7000 BTC from Binance. They used a multitude of techniques at once to achieve this goal.

In response, Binance released this statement:

“The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed. Once executed, the withdrawal triggered various alarms in our system. We stopped all withdrawals immediately after that.”

Why DEX?

The most significant disadvantage to using centralized exchanges is the lack of control users have over their tokens. In contrast, a decentralized exchange mitigates all the issues stated above.

Our Waves DEX

XTRABYTES and XFUEL tokens are currently available on our WAVES’ DEX. Being a custom-patched client/platform, our WAVES DEX contains gateways for moving these tokens in and out of coverage wallets. Additional information on how to use WAVES’ DEX (and purchase XFUEL and XTRABYTES tokens) can be found here and accessed here.

X-Change

In the near future, XTRABYTES will release a DEX called exchange X-CHANGE. As described in their concept paper, X-CHANGE will be “built directly into the wallet, thus allowing users to have a trusted, decentralized, and totally secure p2p exchange at their fingertips.”

Furthermore, X-CHANGE will be employing XTRABYTES’ revolutionary Proof-of-Signature consensus algorithm. As a result, it will likely be the fastest and most secure DEX on the market.

