mhps: mhps: After all the exchange troubles I believe it’s a matter of time (on the order of a few month to a year) that any exchange is hacked. To mitigate the risk one should minimize time leaving funds on exchanges, and if one has to leave some fund on exchanges, spread to several exchanges.

So true. Like any bank in this world have been robbed more than once, any exchange will likely have been hacked or will be hacked. When it is a large robbery and the bank is insolvent you would expect that this is communicated to the customers. Most of the times this would be obvious anyway. When the bank has large reserves and/or theft is relatively small they would be able to reimburse their customers immediately, takes the loss and continue to do business. In that case there is no immediate need to inform the customers or future customers, but could still be a good courtesy and could even work as an advantage showing that things are under control (as rumors are always floating around).

We should have our exchanges in the same position as banks, they are not that different and the weakest link in the crypto-currency chain as long as we need exchanges to fiat. Security is a trade-off between ease of doing business (work process, cold wallets, etc.) and level of accepted risk. The level of accepted risk should be as high as the exchange reserves. When something occurs the exchange would still be solvent and can continue to do business assuming they could fix the root cause of the theft preventing it would happen again.

It is very unfortunate that CCEDK has been hacked, it is even more unfortunate that they tried to keep it quiet while they knew they won’t be able to return customer funds when requested. Knowingly allowing people to put their funds at risk (there were a few new custodian ready to enter a CCEDK market) didn’t leave JL much time to discuss solutions with Ronny.

From a distance and in hindsight it is always easy to say that things could have been done better. Don’t forget that keeping silence longer could also have worked out far worse (not knowing how bad situation is at CCEDK) and taking others into it which were blissfully unaware.

I hope that we can all benefit from the lessons learned here and will act a little bit wiser in the future. As @mhps already said it is also very clear that spreading the risk across exchanges, but also across tiers as JL advocates is more important than ever going forward. Hope the exchanges will also find a better balance between their exposed risks and reserves.