Changpeng Zhao, the co-founder and CEO of cryptocurrency exchange Binance, suggested that for most, keeping crypto assets on an exchange is safer than keeping the keys themselves.
Zhao gave his comments in a tweet on Jan. 19 after famous crypto skeptic and gold bug Peter Schiff complained that he lost access to his Bitcoin (BTC). Invoking the phrase “SAFU” — a slanger term in the crypto community for “safe,” Zhao said:
“Many hardcore crypto [organizations] advocate storing your own keys. But the truth is, today most people are not able to secure a key even from themselves (losing it). A trusted centralized exchange is #SAFUer for most people. The numbers speak for themselves. Need to work on wallets.”
Zhao explained that he believes a centralized exchange to be safer option for most people. One Twitter user noted that the suggestion is particularly bad coming from Binance’s CEO, given that the platform has previously been hacked.
In early May 2019, Binance experienced a major security breach resulting in the theft of 7,000 BTC, equivalent to over $40.7 million at the time.
The burden of keeping keys safe
Ethereum co-founder Vitalik Buterin disagreed with the idea — popular among cryptocurrency proponents — that users should be responsible for safekeeping their keys and the system’s designer has no responsibility to avoid loss of funds caused by key mismanagement. He said:
“Disappointed at people replying to this with ‘crypto is what it is, it's your job to be super-careful and write down backup seeds in three places.’ We can and should create better wallet tech to make security easier.”
Buterin mentioned the idea of “social recovery,” a system that would allow multiple people you trust to use their keys in combination to enable the recovery of funds.
However, one commentator noted that social recovery systems have serious drawbacks, given that it makes multiple people targets to possible attacks. Additionally, social recovery requires a certain degree of trust for the people involved in the process.
Cryptocurrency’s complicated relationship with hacking
The prevalent immutability of the ledgers that manage most crypto assets is a big draw for many hackers, more so than traditional bank accounts. A bank transfer can be reversed while a cryptocurrency transaction in most cases cannot be, and thus the cybercriminal gets to keep their ill-gotten proceeds.
Bad actors trying to steal crypto assets are increasing their efforts. As Cointelegraph recently reported, the crypto-stealing viruses employed by the Lazarus hacker group, which is allegedly sponsored by the North Korean government, were recently updated, demonstrating ongoing and adapting efforts.
In reaction to the growing popularity of SIM swapping — a technique that allows the attacker to redirect the mobile traffic of the victim to a device under his control — United States lawmakers have appealed to the Federal Communications Commission to hold telecoms providers accountable for the consequences of successful attacks.