We need to talk about the dangers of custody on exchanges
When it comes to long-term custody, exchanges just aren’t worth it — and frankly, it’s absurd to ignore the risks they pose as custodians
Artwork by Crystal Le
A decade has passed since the infamous hack of major exchange Mt. Gox. The exchange’s subsequent collapse lost 7% of all bitcoin at the time — the equivalent of approximately 45 billion dollars today. It was one of the first events to threaten the very existence of the crypto ecosystem, but certainly not the last.
The industry hasn’t learnt from this catastrophe — rather quite the opposite.
We’ve seen plenty more similar incidents in recent years. In 2023 alone, the industry suffered losses exceeding $1.8 billion due to hacks. Large platforms like Binance have given in to pressure from institutional players when it comes to holding assets with independent custodians, but not retail customers. In February, FixedFloat, a decentralized and non-KYC crypto exchange, lost over $26 million in an alleged hack.
A devastating loss for individuals, but a mere footnote in the industry’s ongoing saga. In fact, the global crypto community has lost at least $200 million — and counting — in 2024 alone.
There seems to be a real industry-wide reluctance to address the dangers of using exchanges for custody. But why? It’s not like there isn’t an abundance of cautionary tales.
Are we doomed to repeat history?
Are we learning any lessons from the many exchange-related issues that we have seen over the last 10 years?
Users are hopping from one exchange to another, using them as custodians of their assets rather than their primary purpose as a trading platform — but with even the largest players in the industry failing to provide a consistent and secure offering, they are running out of options.
Read more from our opinion section: Stablecoins bots are a feature, not a bug
Beyond hacks, there is a major crisis of trust in exchanges, exacerbated by fraudulent actors and malpractice (let’s not forget Binances’ recent $4.3 billion AML charges). And no one needs reminding of the FTX debacle, with victims citing “irreparable harm,” substantial financial loss and emotional toll ahead of Sam Bankman-Fried’s sentencing of 25 years in prison for his crimes.
While exchanges are, of course, important for managing, trading and off-and-on-ramping assets, they simply aren’t a suitable option for custody.
Global regulatory bodies like the Financial Stability Board (FSB) are sounding alarm bells, yet the broader industry appears to be turning a blind eye — despite the seemingly obvious message that separating exchange from custody is the biggest issue in crypto.
Separating exchange from custody is the biggest issue in crypto
What are the alternatives?
While self-custody offers a level of autonomy, it also leads to major security vulnerabilities. Factors like human error, cyber attacks and limited regulation all contribute to the mismanagement of assets with disastrous consequences.
Cold wallets, often hailed as a safer alternative, lack the sophistication needed to ward off security threats. Despite not being connected to the internet, they still have rampant security issues, with AI and phishing becoming more sophisticated. It’s an old-fashioned, archaic way to store funds, serving as the modern-day equivalent of stashing money under a mattress — not exactly high-tech security.
Why the bull run equates to a hacker’s field day
With bitcoin hitting all-time highs in March, the inflow of users into the space is arguably the highest seen in years. The trading frenzy, price speculation and surge of new users presents a ripe opportunity for hackers.
Many newcomers look for the simplest and easiest websites or largely unregulated exchanges as the “entry point” to crypto and completely overlook due diligence when opening exchange accounts. People remain largely unaware of the inherent risks associated with entrusting their assets to a trustless, unregulated system. They also, understandably so, lack comprehension of the rules, or lack thereof, that “regulated” VASPs posturing as banks are subject to.
How can users feel safe using and holding crypto? How can they use the value of their crypto to interact with the traditional financial services and payments industry when there are growing restrictions in transfers or transactions between exchanges and banks?
Should you hold your crypto on exchanges?
Unlike exchanges, which often attract consumers who neglect due diligence, regulated institutions that operate to the regulated standard of a “crypto bank” with secure rails offer a more trustworthy alternative for storing assets.
These institutions combine the stability and security of traditional banking with the innovation and potential of cryptocurrencies, eliminating the various risks associated with exchanges.
It’s clear that when it comes to long-term custody, exchanges just aren’t worth it, and frankly, it’s absurd to ignore the risks they pose as custodians.
We have to start taking security seriously in this industry by funneling users through truly regulated and above-board solutions. It’s either that, or risk repeating history…again.
Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.
Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.
Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.
The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.
