Yesterday irregular trades of a relatively obscure altcoin on Binance caused a halt of all trading and withdrawals on the popular crypto exchange. Trading has now resumed and Binance has taken further steps to protect crypto consumers from such events in the future.
The altcoin in question, Syscoin, aims to build out a decentralized marketplace for all types of goods using its native blockchain. However, to date the platform is still in development and the coin prior to the incident in question had a market capitalization that put it outside of the top 100 cryptocurrencies.
So when the price of Syscoin on Binance yesterday appeared to spike up as high as 96 bitcoin (~$640,000 USD at the time) it’s no wonder that Binance and others realized something suspicious was happening.
— Bitcoin Shark! (@BitcoinShark1) July 3, 2018
As news of the unusual trading patterns broke, crypto Twitter reacted in its typically sardonic manner.
i for one, would like to welcome our new $SYS overlords
— #33kByJuly3018Moku //not_giving_away_ETH\ (@CarpeNoctom) July 3, 2018
Binance’s risk management system detected these irregular trades and took swift action. It halted all trading (in Syscoin and other coins on the platform) as well as withdrawals and other account functions to perform maintenance and investigate the issue.
The Syscoin team also investigated the odd behaviour and what it called “atypical blockchain activity” but later indicated that the Syscoin blockchain was ‘safe’.
Normal service has now resumed on Binance and the exchange has also rolled back all irregular trades.
Binance is the World’s Largest Exchange so it’s the Most Attractive Target
Binance, according to data from CoinLib is the largest crypto exchange which isn’t exclusively devoted to bitcoin, with a 24-hour trading volume approaching $1.6 billion USD. Binance also has one of the widest range of trading pairs with over 350 trading pairs available to its customers.
This makes it an extremely attractive target for hackers and scammers given the popularity of the platform and the centralized assets it controls for its users. This isn’t the first time the exchange has been targeted and likely won’t be the last.
The source of the issue this time appears to be related to abuse of the API (Application Programming Interface) for the exchange which lets users access Binance’s services through software. As such, Binance has removed all of the existing API keys and asked users to regenerate their key to access the API. It has also reminded users of standard practices to protect their API keys in the future in the case that the user’s access was unwittingly used by malicious actors.
These attacks are exemplary of how the major issues and hacks in crypto tend to be on the centralized exchanges as opposed to on the underlying blockchain protocols and networks.
One of the primary differentiation’s for most cryptocurrencies from traditional distributed systems is the inherent lack of a central authority or component of the system. Exchanges, which are the on and off ramps for users of cryptocurrencies are one of the notable exceptions to this decentralization.
However, there has been a growing focus in the crypto community on creating Decentralized Exchanges (DEXs). Binance is no exception to this movement as they also announced in March the development of a decentralized exchange of their own. Further decentralizing all aspects of the ecosystem is another needed step in the ongoing maturation of the industry.
These new services will enable trustless operation and ensure users maintain control over their own assets. This will be needed for the crypto market to expand beyond those technically savvy enough to understand all the security considerations in the new digital economy.
Binance to Set Aside Funds to Protect Consumers From Future Incidents
Beyond the immediate measures taken to prevent further exploitation of the Binance API, the exchange also announced several measures to protect its consumers from future incidents.
Any users affected by the specific issue related to Syscoin will be offered zero-fee trading over the next week and all Binance users will be offered a 70% discount on fees to compensate for the suspension in services.
However, the most interesting and proactive measure to ensure future consumer protection announced by Binance was the creation of a “Secure Asset Fund for Users (SAFU)”. This fund will allocate 10% of all trading fees from the platform and will be used to protect customers’ funds from any similar incidents in the future.
According to a LinkedIn post in March from its CEO, Changpeng Zhaom, Binance is extremely profitable. Zhaom indicated in the post that the exchange made profits of over $200 million USD in the second quarter of its existence.
Given this level of profitability, 10% of trading fees being allocated to the new customer protection fund could create quite a warchest to remunerate consumers in the future.
These actions show that the reputable members of the crypto industry are leading the way to provide confidence to consumers despite the lack of formal regulations.
Binance’s profitability demonstrates that there’s room for the exchange to set aside some of these profits to help reassure customers. Binance is clearly trying to take the lead in demonstrating its responsibility in protecting consumers and this is exactly the type of move that will build customer loyalty as the cryptocurrency ecosystem continues to evolve.