DAO-saster

Bitcoin has been front page in the crypto-world and mainstream news alike. Because of this, some may not be abreast of what has been happening with our old friend, The DAO.

A quick recap: The Holy Trinity, DAO Epic Fail, DAO’s Audacity & Vitalik the Hedge Fund Manager.

Recently, a group both known as the White Hat Group (WHG), and The Robin Hood Group (apparently NOT the Ethereum Foundation), have been counter-attacking the DAO to ‘recover’ the remaining ETC against the black hat. They have since been successful with over 7m ETC recovered. Now, they have been receiving legal threats from DAO investors to have those funds distributed. The WHG took it upon themselves to send some of the funds to Kraken and Poloniex in a valiant effort to exchange the ETC for ETH, only to have their accounts frozen. Why not simply return the ETC to the original token holders?

In an attempt to clear the air, Bity SA (the original legal team advising Slock.it) announced collaborationwith the group, stating several arbitrary reasons why they are selling ETC for ETH (e.g. claims of 51% attacks on ETC). All of these have been shot down quite well.

After what appeared to be an initial pathetic conversion of ETC to ETH & BTC (Jack Sparrow’s Blog shows they sold for 20% below market value), Bity announces a change in strategy: just send the original ETC back to DAO token holders. What a vain effort.

What have we learnt? That the ETH foundation and all groups associated, loosely or otherwise, do not appear to have the wisdom of foresight. We understand this is relatively new technology, but how about reaching out to the community first and spend some rigor in the execution? The DAO could have been the start of something exciting, but instead it has turned into a massive fail sending the community back months if not years of confidence and trust.

BFX Valuation: Corporate Buy-Back

Corporations routinely issue equity and debt in the primary market; if subsequently the equity or debt trades low enough on the secondary market, corporates will buy-back these securities.

If Bitfinex is ever able to repay BFX holders par or a fraction of par, it would be a PR win. Yet, said win would be very expensive. Bitfinex will need $64.8 million of retained earnings to pay back holders in full. That could take years or even over a decade depending on your assumptions of Bitfinex’s future earnings.

Humans have short financial memories. Eight years after the worst financial crisis since the Great Depression, subprime mortgages and auto loans are back with a vengeance. Yield-starved investors can’t get enough. If Bitfinex wants to receive the greatest return from paying back token holders, they need to pay them back sooner rather than later.

The fastest and cheapest way to retire the BFX token liability is to purchase the tokens on the open market at a fraction of face value.

Total BFX Tokens Issued 72 million
Bitfinex BFX Reserves 7.2 million
Net BFX Tokens Outstanding 64.8 million

The following table lists the cost of buying back BFX tokens.

BFX/USD Price USD Buyback Cost (million) USD Savings (million)
$0.20 $12.96 $51.84
$0.30 $19.44 $45.36
$0.40 $25.92 $38.88
$0.50 $32.40 $32.40

This illustrates how financially attractive it is to buy back the debt at a discount to par.

Any competent CFO would advocate attempting to retire the debt at a discount. Bitfinex CSO, Phil Potter, stated that Bitfinex would not be participating in the secondary market. Yet, they would be unwise not to.

Some traders believe it ethically wrong for Bitfinex to buy its own debt. Companies buy back their debt all the time. However, in the public markets, companies must produce audited financial results. Debt holders and the management then share similar information. Each party can make informed trading decision. As it stands only Bitfinex management can make an informed decision about the future likelihood of repayment. This information asymmetry is the source of contention.

Does Bitfinex have the cash on hand to pay for its BFX purchases? We don’t know. Bitfinex provided no details about their financial position. We know that they disadvantaged creditors to reserve cash for operations. They may have more cash on hand than $7.2 million. Furthermore Bitfinex earns revenue each day – perversely, even on BFX Token trading. A portion of that could be used to continuously purchase tokens.

Under these assumptions, BFX Tokens resemble a binary option: either they will be worth 0 or par in the future. As an individual investor, does it make sense to get involved? The below table shows the risk / return ratio for going long BFX Future Contract. I assume that BFX is either worth par or 0 by the expiry date.

BFX/USD Price Max Loss Max Gain Max Gain / Max Loss
$0.20 $0.20 $0.80 4x
$0.30 $0.30 $0.70 2.33x
$0.40 $0.40 $0.60 1.5x
$0.50 $0.50 $0.50 1x

The risk / return is generally asymmetric. This is an attractive trade. Using leveraged BitMEX BFX futures contracts where your loss is limited by the initial margin, this trade becomes even more attractive as your downside is capped.

BFX Valuation: Conversion To Bitfinex Equity


There’s another potential way to value this Token: iFinex equity. Bitfinex has intimated many times that these Tokens may eventually be redeemable for shares in Bitfinex’s parent company.

Many traders are hoping and praying Bitfinex converts BFX tokens into equity in one or more Bitfinex entities. To them, BFX tokens represent a cheap way to gain exposure to a large Bitcoin exchange.

Unfortunately, this is pure fantasy. Follow the incentives: why would Bitfinex management dilute themselves unnecessarily? BFX tokens have no legal standing. They have no legal obligation to conduct an equity conversion.

Even if Bitfinex equity given was non-voting, why would management want to deal with thousands of small vocal investors? These new minority shareholders could prove to be a big obstacle in obtaining institutional financing. They also could bring legal challenges to decisions made by management. Many jurisdictions are getting serious about the rights of minority shareholders.

I don’t consider it in Bitfinex’s interest to further complicate their capital structure. A BFX to Bitfinex equity conversion is pure Afghan hopium.

BFX Valuation: Venture Capital Financing

How about financing, then? Bitfinex could get out of the woods with a large-enough raise. Bitfinex stated that they are shopping themselves to potential investors. If they received outside investment, a portion of funds raised could go towards repaying BFX holders.

Any serious potential investor in Bitfinex will have more data about the true financial position of Bitfinex than we do. They will be able to make a more informed decision as to the viability and future profitability of the business.

BFX tokens carry no legal standing. However if Bitfinex receives a large round of investment and refuses to compensate BFX token holders, customers will cry bloody murder.

To further complicate matters, consider these excerpts from the BFX Token terms:

  • The token has been issued to you without reduction of or other release or waiver of any claims you may have against the Bitfinex Group.

Yet, in the transference terms:

  • By transferring a token to another person, all transferors thereby assign to the respective transferees any claims that the transferor has against the Bitfinex Group on account of the Losses.

Do users who have sold their BFX tokens still have a claim? If a court decides that they do, the total loss could grow to well over the original $72 million.

Regardless of the industry, investors fund growth, not debt quagmires. Unattractively, a large portion of money invested in Bitfinex will go straight towards debt repayment.

Further complicating matters is the uncertainty of the legality of Bitfinex’s actions. According to Phil Potter, Bitfinex is provisioning for future lawsuits. Phil has been in the game a long time, and knows how expensive a legal battle with one or more alphabet letter government agencies can be.

With an equity investment, potential investors could be signing themselves up for an expensive and protracted legal battle. Unless Bitfinex management is willing to accept significant dilution, I doubt white knights wielding shining term sheets will appear to rescue BFX holders.

BFX Valuation: Discounted Cash Flows

Here’s one attempt at a valuation: let’s look at Discounted Cash Flows, or DCF.

BFX does not pay a dividend, nor does it have a maturity date. Bitfinex did not opine as to what percentage of revenue or profit would be earmarked towards paying BFX token holders.

A DCF analysis consists of estimating future cash flows, then discounting them to the present. Dividing 0 by infinity doesn’t work.

The DCF analysis yields a value of $0. Using these assumptions, shorting BFX tokens is attractive.

BitMEX listed the only Bitcoin denominated derivative on the BFX/USD exchange rate. The contract pays 0.1 XBT at the Token’s potential maximum value of $1.

Because the BFX Future Contract is a derivative, traders do not need to borrow BFX to go short. Traders need only sell BFX Futures Contracts to obtain a short BFX/USD exposure.

If you believe it is not possible or in Bitfinex’s interest to pay out BFX Tokens, shorting here is very attractive.

A Spoonful Of Sugar

A spoonful of sugar helps the medicine go down.

Last week, Bitfinex depositors received a toxic medical cocktail in the form of a 36% haircut. To make the situation more palatable, Bitfinex dispensed sugar – in the form of a “BFX Token”. Each Token is essentially an infinite-term $1 IOU.

In the Terms and Conditions of the BFX Token, Bitfinex explicitly stated that it has no legal obligation to redeem the token at par, pay dividends, or convert into Bitfinex equity. Bitfinex also did not provide any financial statements, or provide any further clarity on how the 36% haircut was calculated.

The only information we do have came from a TeamSpeak interview that Chief Strategy Officer Phil Potter provided. He said that Bitfinex “reserved” (an interesting word choice; what’s a few million USD between friends) 10% of the allotment of BFX tokens to cover potential lawsuits and other operational expenses.

Approximately 72 million BFX tokens were issued. According to Phil, Bitfinex kept $7.2 million under its control. Was this $7.2 million of customer funds, or was this $7.2 million of Bitfinex retained earnings that was not subject to the tax? We don’t know for sure. Zane Tackett, Bitfinex’s social media manager, claims it is simply retained free cash. But why should Bitfinex keep the profits and their customers take the loss?

Senior management at Bitfinex confirmed that not everyone received a haircut, or the haircut was deeper than it would have otherwise been because they “reserved” customer or company cash so they could continue operations.

Many have compared this favorably to a bankruptcy proceeding. Yes, in a bankruptcy proceeding, courts allow companies to use cash on hand to continue operations. Crucially, before such an allowance is made, the court has full knowledge of the financial position of the company via audited financial statements.

Bitfinex has not released any information about their financial health, audited or otherwise. Failing to provide this information to its creditors further fuels speculation of nefarious activities occurring at Bitfinex. Given the global spotlight on them and the broader Bitcoin industry, silence is not doing them or the community any favours.

Bitfinex crammed BFX tokens down the throats of its creditors, and allowed the shiny new bauble to trade. This is a classic PR move; block, deflect, and distract.

The BFX market opened at 10% (I will quote all prices as a % of par, par value is $1), and now stands at 40%. Regardless of what you believe to be the intrinsic value of the token, there are those willing to buy and sell BFX on the open market. How should a trader value BFX tokens, and what are some possible trades?

Announcing The Launch of BFX 2.5x Leveraged Futures

BFX is a notional credit of Bitfinex after the “security breach”, with each token’s face value as 1 USD.

In BitMEX we believe in a free market empowers people and improves price discovery. As a result, BitMEX is pleased to announce the launch of BFXQ16. BFXQ16 allows users who may not hold BFX Tokens or have an account with Bitfinex to trade and speculate on the recovery value of BFX Tokens, while exposing themselves to less counterparty risk by using leverage.

BFXQ16 Contract Details:

  • Payoff: 0.1 XBT per 1 USD
  • The underlying is the Bitfinex BFX/USD exchange rate
  • Margin, profit, and loss are all in Bitcoin
  • Leverage of 2.5x
  • Expires 26 Aug 12:00 UTC, settles on 30 minute TWAP of BFX/USD
  • More details

Traders can go long or short BFXUSD using only Bitcoin. No BFX, USD or Bitfinex account is required.

To begin trading, deposit Bitcoin to your BitMEX account. Then you can place buy or sell orders on BFXUSD.

Bitcoin Price Action Last Week


Last week, before announcement of the hack we spoke of a structural support of $450 if Bitcoin pushed below levels of $580. This indeed seems to have happened with Bitstamp bouncing sharply off $465, around the long-term resistance level we saw for almost 6 months from December last year (see blue line above).

We are now trading in the $580-$610 support / resistance levels that were mentioned last week (red line above). The move downwards was a direct response to the announcement of a 120k Bitcoin hack at Bitfinex. As more details have come to light, price has rallied back, almost brushing off the theft and is now trading at its 12H 200-period moving average.

This bounce shows strong confidence that the cryptocurrency will survive, despite several news outlets questioning the future of the technology after this unfortunate incident. Indeed, Bitcoin will survive. The magnitude of the loss was only a fraction of the Mt.Gox hack. Unfortunately this incident will tarnish the public’s perception of the technology, and could slow down the flow of fresh funds into the industry. This could delay any near-term mooning.

Looking in the short-medium term price outlook, MACD and RSI are trading lowish and indicate that if we can push past the $610 resistance level then we could move forward back towards the $680 range once more.

What will be interesting is what happens to price when Bitfinex reopens for trading. Already there is struggle across exchanges for a price leader, with large deviations in price across exchanges and currency pairs. It’s assumed that there will be a premium on XBT/USD when Bitfinex reopens due to the bankrun-exit of funds, but will that price-push translate to other exchanges? I hesitate to think so as it is an isolated event to Bitfinex, however as traders move Bitcoin off that exchange to send to other exchanges, we may see a small down blip due to conversion of Bitcoin back to USD before we move up again.

Look for a short-term short scalp with entry between $590 – $600 upon Bitfinex reopen, add tight stops above the resistance of $610.

Using Derivatives To Reduce Counterparty Risk

Why did Bitfinex hold over 200,000 XBT prior to being hacked? For people who want to buy and hold Bitcoin, they should never leave their funds on an exchange.

Ideally, the duration of counterparty risk exposure for simple buy and hold trades should be a few hours. Once a fiat deposit has been credited, buying Bitcoin or another digital asset takes minutes. After you receive Bitcoin, you should withdraw it.

Bitfinex and other spot exchanges hold so much Bitcoin because most of their users are casual or heavy speculators.

If you want to speculate in Bitcoin or other digital assets without exposing 100% of your capital to counterparty risk, using derivatives is prudent. Derivatives do not require physical settlement of any asset, rather they are bilateral contracts enforced by the exchange.

Because there is no physical settlement like margin trading, the leverage offered can be much higher. BitMEX offers leverage of up to 100x.

Assume you have 100 XBT of capital. You wish to speculate on the future price of Bitcoin. The BitMEX Bitcoin / USD swap product, XBTUSD, features 50x leverage. This means that with only 2 XBT deposited on BitMEX you can trade the full amount of your 100 XBT capital. If you’re willing to trade with such leverage, 98 XBT can be held safely in cold storage. More realistically, given price swings, we would recommend holding at least 10% (10 XBT) equity. Contrast that with Bitfinex where 33 XBT would be required to trade a 100 XBT position.

BitMEX allows you to keep the majority of your personal Bitcoin in cold storage, but still trade large positions. And, of course, the Bitcoins on BitMEX are also kept in cold storage.

Pricing Bitfinex Default Risk

Bitfinex’s secret sauce was their P2P margin lending platform. Users could borrow and lend USD, XBT, LTC, ETH and recently ETC. The ability to support leveraged trading with a liquid borrow market is what vaulted Bitfinex to the top spot.

The USD lending book was the largest. Approximately $38 million was lent out with an additional $4 million of unused cash. The interest rates were very high when compared to USD sitting in a bank account earning 0% interest.

Many users deposited USD at Bitfinex and lent it out to earn 30% to 40% per annum (pa) returns. This was not a risk free trade. USD lenders now acutely understand the meaning of counterparty risk.

With bank deposit rates at 0%, the 30% pa return could be seen to represent the default risk of Bitfinex plus the rate of unsecured USD funding.

It is scary how closely the average pa funding rate was to the final 36% haircut number.

If Bitfinex is to resurrect itself, it will need a healthy and liquid USD loan book. Given the haircut lenders just received, what is the minimum interest rate they should accept going forward?

We can calculate Bitfinex’s new default risk this with some confidence.

If their self-reported numbers are to be believed, Bitfinex now has 125,424 XBT ($75.75 million) and $52.83 million of all other assets. That brings their total deposit base to $128.58 million. Bitfinex’s cold storage amounts to 58.91% of all assets. That is the capital at risk of being hacked, and will now serve as the proxy for the default severity if Bitfinex was hacked once more.

Without a plan to secure the existing funds in daily use, the probability of another hack is high. Going forward, USD lenders should not accept less than 58.91% interest pa, or 0.16% per day.

Another measure of Bitfinex default risk is the premium at which digital currencies trade vs. competing exchanges. Given that Bitcoin is their marquee product, traders should watch the Bitfinex Bitcoin premium closely.

Bitcoin will trade at a premium on Bitfinex, because traders are afraid that their USD withdrawals will not get processed, or by the time they do (it takes 5 to 7 days to withdraw USD) the exchange has experienced another credit event, or their Taiwanese bank has received a court injunction to freeze all assets.

If Bitcoin withdrawals are functioning properly, traders can withdraw their money immediately. The time preference will result in a premium.

In the lead up to the collapse of MtGox, Bitcoin traded at a 10% to 20% premium. Traders who believe USD withdrawals will function correctly (and those who have a special relationship with Bitfinex) will buy Bitcoin cheap on a competing exchange. They can then sell it for more on Bitfinex, then wire the USD out of Bitfinex. Wash, rinse, repeat.

The premium represents the five to seven day default risk of Bitfinex. For USD lenders to arrive at a minimum lending rate, they should divide the Bitfinex Bitcoin premium by 5 to 7 to arrive at a minimum daily rate.

You’ve Been ButtFinessed

This post appeared in the August 8, 2016 issue of the Crypto Trader Digest. The full Digest goes into more detail about BitMEX security practices & quantifying Bitfinex counterparty risk. Please see the full digest for more.

It was the hack heard ’round the world and the second largest in Bitcoin history.  On August 2nd, 119,756 Bitcoin was stolen from Bitfinex.

How did this happen? Negligence. This event laid bare Bitfinex’s many operational and technological deficiencies.

Didn’t Bitfinex Have Cold Multi-Signature Wallets?

Believe it or not: no! If you asked them last week, they would give you a carefully-worded statement: they “store users’ bitcoin in individual, multi-sig protected segregated wallets.”

Notice the missing word. These are hot wallets!

Some history:

In the spring of 2015, approximately 1,500 Bitcoin were stolen from Bitfinex’s hot wallet. As a result they implemented a multi-signature wallet solution: BitGo(ne With The Wind). Each user had their own segregated and supposedly secure wallet.

Bitfinex held two keys, one hot, one cold backup. BitGo held another as a way to enforce spending limits. 2 of 3 keys were needed to sign any transaction. Bitfinex management was very confident this would eliminate the possibility of a large scale theft of customer’s Bitcoin.

However in the aftermath of the incident, it has become clear that rather than making the exchange more secure, the Bitfinex and BitGo partnership turned Bitfinex into one giant hot wallet.

BitGo blindly signed any transaction emitting from Bitfinex. That’s right: rather than making a secure, audited wallet with spending limits and failsafes, Bitfinex paid BitGo a bunch of money to make its exchange the most insecure Bitcoin operation on the planet. The only innovation was using two hot keys instead of one.

As any educated Bitcoin user could tell you: if the keys are hot, they are at risk. Simply adding another hot key doesn’t help.

Now suddenly concerned about proper security, Bitfinex has moved their remaining Bitcoin to their cold wallet.

How Were They Hacked?

To this day, Bitfinex still hasn’t released an explanation as to how they were hacked. If Bitfinex intends to attract new deposits, it is vital to know how Bitfinex plans to remove this attack vector.

Instead, it appears Bitfinex has no idea how they were compromised. In fact, they are simply engaging in security theatre. Their relaunch announcement announces a full reset of all passwords, 2FA, and API Keys. This makes sense if Bitfinex’s database was compromised, but that’s not the same as stolen private keys.

Was their whole network compromised, or just a single server? Do they not even segregate signing machines and their main database? Have they fixed the issue? How do they know for sure that their servers are secure? Did they rebuild them from scratch? Has anybody audited this? Without disclosure, we can only speculate.

The community needs to know how they were hacked and how they will prevent it in the future if they want to have any chance of regaining confidence.

36% Haircut

Bitfinex did not have enough retained earnings or new invested capital to plug the 120,000 Bitcoin hole. Instead they chose to socialise losses across all depositors. The tax is 36.067%.

That’s an awfully specific number. Anecdotally, it doesn’t appear to even have been properly applied, with some users claiming larger haircuts, and USA users taking the fast 0% route out via Synapse Pay.

So how was it calculated?

Well, it appears that Bitfinex isn’t helping out. Zane Tackett, Bitfinex’s community manager and spokesperson, insinuated that Bitfinex itself will not contribute one Satoshi or USD to helping to reduce the tax.

Click here for a recording of the interview with Zane on TeamSpeak.

Bitfinex now refutes this, but refuses to provide details. Without a third-party audit, any of these words are meaningless.

How much could they reasonably contribute? Bitfinex was one of the most profitable Bitcoin companies. They charge between 0.10% to 0.20% per transaction on the platform for both buyer and seller, a total of 0.30% in the best case.

In the last 6 months, 4.28 million Bitcoin were traded on Bitfinex (Bitcoinity). Assuming they net 0.20% per transaction (since they offer affiliate programs and some market makers trade for free) then we can estimate a top-line revenue of 8,560 XBT per 6mo. At an average of roughly $400 per Bitcoin for the year, that’s $6.82 million.

That of course doesn’t count significant ETH, ETC, and LTC revenues, margin funding, or larger historical revenues.

Bitfinex has about 25 employees. Bitfinex wants the community to believe that they earn no profit, or that their average employees make nearly $300,000/yr. That’s better average employee compensation than Goldman Sachs.

Edit: The above section has been amended given new information. BFX appears to have nearly 25 employees. The previous calculations were very rough and did not include overhead, which would reduce salary amounts, but also did not include altcoin or margin funding revenue, which would increase them. Our point – that salaries & overhead are very high or money is being intentionally withheld – still stands.

Wait, 36%? The Math Doesn’t Add Up

35emx395afKAKAr72VoePVbu3FJvxLPVny

39coweGgC8CPZ6hYL1BBEfc1zqbSfHsprW

The two Bitcoin addresses above are believed to be Bitfinex’s cold storage. They now have at least 125,424 XBT under their control. Pre-hack they had a total of 245,180 XBT. They lost 119,756 XBT; that amounts to a 48.84% loss.

The claimed haircut was 36.067% on all assets, which would mean that they had 332,038 XBT (119,756 XBT / 0.36067) total assets, worth $200.92 million at $604 XBT/USD. Total assets are all XBT, USD, LTC, ETH, and ETC customer deposits.

Let’s subtract the current cold storage holdings and the lost Bitcoin from 332,655 XBT.

332,038 XBT - 119,756 XBT (the hack) - 125,424 XBT (cold storage) = 86,857 XBT or $52.46 million @ $604 XBT/USD

At the time of the hack, $38 million was loaned out with $4 million of unused loans. Subtract $42 million from $52.46 million: $10.46 million. They have more in ETH alone. Bitfinex wants the community to believe that they essentially had zero customer USD, LTC, and ETC. That is obviously pure fiction.

So how did they calculate it? There are two reasons I believe this number is so low. Firstly, Bitfinex did not ButtFinesse themselves. Company funds used for lending in the USD, XBT, LTC, ETH, and ETC markets were not taxed. Secondly, some USD-holding US customers were not taxed: those using Synapse Pay were allowed to withdraw 100%.

Bitfinex is afraid of US-pound-me-in-the-ass prison, or a company-ending-fine from one of the many alphabet letter agencies in the US. The most likely scenario that a large amount of US customer funds were not taxed so that the fiction of segregated accounts could be preserved.

If Bitfinex believes that my math and accounting are incorrect, I challenge them to post financial statements and a detailed walk through of how the 36% tax rate was calculated.

Didn’t BitGo Offer Insurance?

Repeat after me, Bitcoin insurance does not exist. When we started BitMEX, we attempted to obtain it. Nobody offers terms that any exchange could reasonably agree to.

BitGo was very proud to announce they were insuring deposits. But that insurance apparently lapsed in January 2016, without any notice to Bitfinex users. When it was active, it apparently didn’t even apply to Bitfinex users themselves (despite “segregated” wallets), just the exchange! It was a “Watershed” moment for Bitcoin, but like Bitfinex deposits, it just didn’t last.

This didn’t just happen to Bitfinex users. Bitpay thought they had insurance. But they found that any Bitcoin insurance policy is worth less than toilet paper. I hope you can find some soft printer paper so you can wipe your sore ass with it.

If any custodian of Bitcoin claims to have insurance, demand to see the actual signed policy. If the company won’t produce the policy and directly state it applies to you, you know it’s worthless.

What’s a BFX Token Worth?

Zero. Let me repeat, zip.

Bitfinex collateralised the 120,000 Bitcoin loss in the form of a BFX token. In lieu of their USD, XBT, LTC, ETH, or ETC that was taxed, users received BFX tokens. The token will be tradable in the future to all, except to US citizens, because the US has laws preventing this kind of insanity.

BFX tokens have a par value of $1. At some point in the future, Bitfinex will pay back token holders par using exchange revenue.

If Bitfinex will not contribute meaningfully to lower the tax rate, why should anyone believe the BFX token will ever have any value?

Bitfinex also floated the idea that BFX tokens might convert into Bitfinex equity. That assumes Bitfinex will exist in a few years. If they can’t even tell us how they were hacked, do you have confidence they won’t be hacked again?

Make no mistake: this is the easiest option for Bitfinex, not for you. If they are very, very lucky, they may just get away scot-free for the egregious act of losing someone else’s $70M. Let me repeat this: if they have their way, they will take zero personal responsibility or loss. They’ll just turn the money-printing exchange back on; that is, if users keep trading.

Should You Trade There Again?

Given what you know and don’t know, will you trade on Bitfinex once more?

Would you trade on Mt. Gox again if it reopened?

We won’t. Immediately after Bitfinex halted trading, Bitfinex was removed from the Kaiko BitMEX Index. We have no plans to re-add them to the index even if they restart trading.

This means the index needs to be adjusted. In conjunction with Kaiko, we are polling BitMEX traders about Bitfinex’s replacement. As of writing, the current index constituents are 50% Bitstamp and 50% OKCoin USD. Feel free to reach out to let us know your preference and opinion.

BitMEX Security

Before I tar and feather Bitfinex and BitGo in the next section, I want to reiterate that we are serious about security. Here are the ways in which BitMEX secures customer funds:

Hot Wallet

We don’t have one. We never have since our start in 2014. It is the biggest attack vector for Bitcoin exchanges. Removing this vector greatly reduces the likelihood of losing customer funds.

Hot wallets are convenient but have major pitfalls. Because there is no human intervention involved in the signing of transactions, it is the preferred place by which hackers steal Bitcoin. By the time exchange operators discover a breach in their hot wallet, the Bitcoin is long gone and cannot be recovered.

SatoshiLabs claims that over 1 million Bitcoin have been stolen in hot wallet thefts, the largest being BFX & Mt. Gox. We will not take this risk and users should shun exchanges that hold significant user funds in hot wallets.

Hot wallets can be used smartly, with daily limits & manual refill review. Such rigor is rare but BitMEX plans to implement such a hybrid system by the end of the year. It will not be quickly done – we do not take such a buildout lightly.

End To End Multi-Signature Wallets

All BitMEX customer funds are held in multi-signature wallets. We were the first-ever exchange to hold 100% of customer funds in multisig wallets. We do not use or trust any third-party solutions.

At BitMEX, 2 of 3 partners must sign each withdrawal. If that condition isn’t met, then funds cannot be spent. All signing happens on offline machines.

All transactions are manually reviewed and signed by the partners. Because our withdrawal process is manual, we only do it once per day at 13:00 UTC.

Continuous Audit

The BitMEX trading engine is written in KDB+/q, the premier number crunching platform used by major banks & trading desks. It is extremely fast – and rather than use that headroom for vanity numbers like “1,000,000 executions per second”, we use it for safety. The BitMEX trading engine continuously audits itself at every execution. All user balances always sum zero.

This is a big deal – it means that if a single Satoshi goes missing, is transferred improperly, or a hacker simply spoofs a balance by editing the database (as may have been used in the Mt. Gox hack), the trading engine immediately shuts down.

We don’t just audit our internal database for consistency. We use both internal and external Blockchain services to ensure all balances have a source that we control.

From source to destination, all balances on BitMEX are traced on every execution. If a single satoshi goes missing, trading automatically halts.

Does that sound inconvenient if there’s a bug or rounding error? Yes, it is. Because of this continuous audit, BitMEX doesn’t have rounding errors, balances are always accurate, and the math always adds up. We believe all companies handling other people’s money should have the same rigor.