On June 20, the Bitcoin world came to a halt for some traders — twice in 24 hours, in fact — when popular Hong Kong exchange Bitfinex, owned and operated by iFinex Inc. (Bvi), unexpectedly went offline, preventing trading at the exchange for several hours.
Disclaimer: This article was provided by the Vanbex Group. Bitcoinist is not affiliated with the firms represented by the Vanbex Group and is not responsible for their products and/or services.
Bitfinex Outages Raise Important Questions
When Bitfinex went offline the first time, which was during the afternoon, the exchange took to Twitter, stating: “Trading has been paused while we investigate an infrastructure issue,” assuring followers that “The issue does not involve funds or system security.”
Bitfinex eventually cited server migration issues and server instability as reasons for the outage of the U.S. dollar (USD) side of the exchange to eventually come back online later that night.
“The longer you are down the more people worry their coins are gone,” one Twitter user, @CamsHouseLive, responded.
His sentiment is not unfounded. Bitcoin exchanges have a history of security breaches, fraud and technical glitches with Mt. Gox setting that stage in 2014, when, as the world’s leading exchange at the time, was forced to shut down after a reported theft of 850,000 bitcoins.
Creditors are still working with bitcoin exchange Kraken in hopes of getting back money lost at Gox.
The event eventually led to the arrest of Mt. Gox CEO Mark Karpelès in 2015, with no significant developments in the case since he was charged with embezzlement.
Other well-known exchanges such as ShapeShift, Bitstamp and Cryptsy have also been victims of hacking, trading outages or stolen funds, reinforcing the notion that cryptocurrency exchanges are inherently unsafe and unstable.
However, exchanges have worked tirelessly to improve technology and security standards.
“Nobody steps away from a computer now without locking their screen,” ShapeShift CEO Erik Voorhees said in an interview with Bitcoin.com, following the highly-publicized hacks that took place in April.
“Keys and access are being much more compartmentalized, and 2-factor [authentication] is being integrated in every possible manner, among other things.”
Other exchanges have established their own precautions to protect against outside threats.
Crix.io CEO, Dmitry Koval, says that exchanges have to focus on several key aspects to make sure their customers’ funds are safe. Some of these essential areas include:
- Web application security
- Private key storage
- Security audit procedures
Crix works to provide the best security possible, implementing “the most reliable architecture by using best-in-class technical components,” said Koval.
In addition to 10 mostly-redundant virtual servers handling different software aspects of the exchange, Crix has all of its virtual infrastructure installed at HP servers and Netapp storage.
“The equipment is resided in [a] tier 3 datacenter,” Koval explains. “Overall, the architecture is designed to withstand high loads.”
But government and regulatory oversight are also factors.
Kevin Batteh, partner at Delta Strategy Group, a full-service government affairs firm based in Washington, D.C., said he couldn’t imagine a scenario where an exchange, Bitfinex or otherwise, would self-inflict such damage.
“When running an exchange the most important thing is volume — that’s how you get paid,” said Batteh. “An exchange going down is not a good way to keep customers.”
Trust is a key part, he added. Without it, a trader is less likely to place an investment. Regulation plays a further role in this as well, as a regulated exchange affords a level of comfort to the trader.
“As a regulated institute, required systems and safeguards would be in place,” said Batteh, who referenced the Nasdaq outage in 2013.
During that particular outage, the U.S. Securities and Exchange Commission immediately inquired as to what occurred, and demanded a “blow-by-blow account of the trading disruption” from the exchanges involved and moved to determine if the failure had to do with technological standards, as was then reported by Reuters.
Of course the framework would be different for cryptocurrency exchanges and the like, said Batteh.
Koval said there is some role for government, but warns that the bitcoin exchange industry may not be able to handle the stress placed upon it by mainstream regulatory standards.
“Too heavy [a] regulatory burden can make it impossible to operate,” Koval says.
One option, though, is ensuring that exchanges are solvent, so at the very least traders can be sure that they can get their money out if their exchange goes under.
“From a regulatory perspective,” notes Koval, “monitoring the exchange’s solvency is of higher priority than setting the responsibility for technical outages at this stage.”
Koval further stressed that the market is the strongest protector of traders’ coins at the moment.
There is a market-driven balance. “If one exchange is not able to provide continuous service, traders will go to another one.”