Cryptopia Cracked: Are Centralized Exchanges the Way to Go?

Published on by Cointele | Published on

Mentioned in this article
This is why breaches like that of Cryptopia are vital to pay attention to, as they also highlight the often-adversarial role that exchanges play with their customers.

The hack of New Zealand exchange platform Cryptopia was reported in January after several days of on-and-off maintenance, when it finally announced on Jan. 15 that, at the time, around $16 million had been stolen from over 76,000 different wallet addresses.

Badly run exchanges demonstrate the need for decentralizationSo, why did it take so long for Cryptopia to acknowledge the threat and then to deal with it appropriately? How could it have let its customers' private keys become exposed?

According to Hacken's blockchain security team, "The Cryptopia hack is quite different from other exchange and wallet hacks. First of all, the funds were transferred from ethereum accounts. Hackers need to sign the transaction with an account's private key to be able to transfer ether or tokens to their personal account. It could have happened that hacker somehow gained access to Cryptopia's private key storage. The fact that a hacker gained access to private keys is confirmed by the fact that transfers continued several days after the breach was discovered."

Centralized exchanges are able to rely on the legal system to some extent when it comes to repaying stakeholders, but it isn't always the most elegant or satisfying solution, given that they still exist on the fringes of traditional finance.

This is clearly demonstrable in other exchange hacks, all of which occurred on centralized exchanges exclusively.

Do exchanges remain vulnerable despite efforts?The recent Binance hack to the tune of $40 million was also catalyzed by error, but these instances could also be preventable if exchanges didn't insist on being responsible for keeping customer funds safe.

According to him, the industry is leaning that way regardless, noting that "We think all the exchanges should go to a process where they can almost self-regulate, right? They do what the regulators want beforehand," as a way of creating more transparency and improving the overall ecosystem.

From weak smart contracts to phishing and insecure storage methods, it's clear that centralized exchanges need to adjust their approach and, at the very least, pour their profits into a security apparatus that will hopefully keep the platform safe.

As exchanges learn from their rivals' lessons and the market matures, it will likely weed out those exchanges that refuse to improve and leave only those that prioritize transparency and user safety.

x