If there was only one lesson to learn from the downfall of crypto exchange FTX, it would be to never keep more crypto on exchange wallets than necessary. For the sake of buying and trading, one can hardly navigate around a CEX, but crypto savings should never be stored in exchange wallets.
Although one can easily get another impression due to easy log-in and handling those big exchanges offer, the funds kept in an exchange wallet are not truly yours as the exchange has custody over the coins. They can make a business decision to block your account, freeze your funds or deny transactions and there is nothing you can do about it.
Among crypto enthusiasts, there is a famous moniker that goes by “Not your keys, not your coin,” but it sounds almost too peaceful as we witness the dire events around Alameda Research, FTX and Binance unfold.
What has happened?
In the 45th calendar week of the year 2022, a news article and a set of tweets set events in motion that can only be described as earthquakes that are shaking the entire crypto world. Let’s go through a quick chronology to get a better grasp of the situation’s gravity:
- Nov 2nd: CoinDesk reveals weaknesses in the balance sheets of Alameda Research, a sister company of crypto exchange FTX. Apparently, a major share of Alameda’s funds consists of FTX’s native token FTT, which is used within the crypto exchange to reduce trading fees or increase referral earnings.
- Nov 6th: Binance CEO Changpeng Zhao publicly states to liquidate Binance’s FTT holdings, accounting for around 23m coins, worth around 580m USD.
- Nov 8th: Investors, supposedly a lot of them private investors, are starting to pull funds from FTX as they sense issues in FTX’s financial health. In total, customers withdrew about 6bn USD worth of assets in assets in 72 hours alone, among them more than 20.000 BTC, leaving FTX with a balance sheet of less than one BTC.
- Nov 8th: In a leaked note from the FTX CEO to its employees, he states that withdrawals are “effectively paused” at their flagship exchange FTX.com which means nothing less than the remaining funds are frozen. In a Telegram support group of FTX, a support employee admitted that non-fiat withdrawals are halted.
- Nov 8th: Binance publishes a non-binding Letter of Interest to buy FTX, under the condition of doing proper Due Diligence first.
- Nov 9th: Binance backs away from the offer to buy FTX after being around 24 hours into their Due Diligence.
The itchy detail: In the due diligence regarding the supposed acquisition of FTX by Binance, news came to light that FTX allegedly used customer deposits to improve the balance sheet of Alemeda Research and to cover up a series of trading losses on the side of Alameda, among them a 500mn USD loan agreement with now bankrupt crypto lender Voyager Digital. So, FTC has allegedly used their customer’s funds for their sister company’s trading business. Although it is not proven (yet,) it is a proper explanation of why they had to pause withdrawals of customers’ funds.
FTT, the TFX token, is down about 90% on Nov 10th vs. Nov 5th. It’s not impossible FTX won’t be able to recover from this. Moreover, it took the crypto realm with it, with BTC and ETH each losing double-digits and a lot of private investors losing sizeable shares of their private funds, if not all of them.
Why are exchanges so unsafe to store your crypto on?
Now that we discovered that not even the big guns in the exchange business are trustworthy guardians for your crypto assets, we first should look at the difference between a custodial and a non-custodial wallet.
What does that mean: when dealing with crypto wallets, you always have one (or more) sets of keys, a private key, and a public key. Whereas the public key represents the public address of your wallet or the equivalent to your email address in your PayPal, the private key is used to sign transactions and thus, roughly equals your PayPal password or your pin in traditional banking.
In custodial wallets that exchanges like FTX, Coinbase, Binance, or Kraken are running, the exchange is holding your private key in their custody and using it to approve transactions in your name. What makes this service convenient, as you have nothing more to remember than a log-in for the exchange (and by that, not any more complicated than with every other online service), is the equivalent of granting your bank all of your passwords and pins and empowering them to send transactions on your behalf as long as you click a button. This makes it inherently dangerous, as the exchange can at any moment decide to not sign any more transactions with your private key and there is nothing you can do about it.
As this is arguably the worst case and would quickly put an exchange that performs in such a way out of business, there are much more shades of grey here: Custodial wallets can block certain transactions or specified groups of users. Remember the Canadian trucker protests in February of 2022? The Canadian Government effectively sanctioned 34 crypto wallet addresses under their Emergencies Act. Still, wallet addresses in themselves may be anonymous, but crypto exchange accounts are not (at least to government authorities), and so wallets can be tied to real persons who are on the government sanctions list. Kraken CEO Jesse Powell has confirmed they would have to comply in such a situation and is cited with the following statement: “If you’re worried about it, don’t keep your funds with any centralized/regulated custodian. We cannot protect you.”
Where to store your crypto instead?
Short answer: In a non-custodial wallet.
They provide a critical advantage to custodial wallets, as here the only custodian of your private key is you and no one else. When opening a non-custodial wallet, you are provided with a seed phrase of 12, 18 or 24 words which is used to decrypt your private key. Only with the seed phrase you can access the wallet from a different device. Popular non-custodial wallets include software solutions like Electrum Wallet for Bitcoin, Metamask for Ethereum-based tokens, or Bitpay for crypto-agnostic solutions.
The most secure version would be using a non-custodial hardware wallet, as here the private key lies encrypted on a piece of hardware that you own. You’re only able to sign transactions when the hardware device is connected to your computer, which makes it one of the most secure ways to store your crypto. Famous representatives are Ledger and Trezor.
As the disturbing events around the downfall of FTX and the freezing of customer accounts are unraveling, one always has to be crystal clear about the following facts when keeping funds in an exchange wallet:
- You don’t have reliable access to your funds in a time of need as the exchange can always decide to halt withdrawals.
- You can’t effectively stop them from gambling with your funds or complying with government sanctions which would leed to your funds being frozen.
In short, you don’t own the crypto you store in an exchange wallet. Period.