The Week: Bakkt Cleared for Launch and yet More ETF Delays

Over the past week, Bakkt announced it will be launching its bitcoin futures platform on September 23 following several delays, Coinbase acquired institutional custody business Xapo for $55 million, the SEC delayed its decision on three Bitcoin ETF proposals until autumn, Binance paid out a bounty to a white hat hacker who hijacked its Binance Jersey Twitter account, and a Florida federal judge called out inconsistencies in Craig Wright’s court statements in the Kleiman vs Wright case.

Bakkt Confirms September Launch Date

There are few narratives that arouse as much excitement among crypto investors as the notion that the institutional ‘herd’ is coming. The first major illustration of this, the launch of the CME’s futures product in December 2017, failed to create the upward trajectory speculators had hoped for.

Market analysts will therefore be watching with eager anticipation when Bakkt, a platform backed by ICE, Microsoft and Starbucks, commences trading in late-September. A notable difference between CME and Bakkt is that the latter requires those trading its one-day contracts to take physical delivery of the underlying asset (bitcoin), thus potentially creating greater buying pressure.

Coinbase Acquires Xapo

Adding further fuel to the institutional narrative, Coinbase this week completed the purchase of custody service Xapo. Founded in 2013 by early Bitcoin evangelist Wences Casares, Xapo is known for storing its customers’ private keys in a military-grade bunker under the Swiss mountains. Following the deal, the keys for Xapo’s institutional clients will be transferred to Coinbase’s service giving the San Francisco-based business a total of approximately 514,000 bitcoins under custody.

Coinbase Discloses Security Issue

It wasn’t all positive news for Coinbase this week. The company revealed a ‘bug’ that had disclosed the sign-up information of more than 3,400 of its customers in plain text on the firm’s internal web server logs. The company is confident that the vulnerability has now been fixed and confirmed that all affected customers have been notified.

The announcement comes amid ongoing rumours of a data breach at competitor Binance, highlighting the challenges even the largest companies in the space are having in keeping customer information secure.

Security Lessons From a BBC Journalist’s Crypto Experience

Crypto has an image crisis. Still a shadowy topic for the general public, the exposure many have had to the space is through reading discouraging news pieces on mainstream media. Bubbles, scams, hacks and nefarious activities are all examples of the headlines typically attached to Bitcoin and other crypto assets.

The source of this phenomenon isn’t contingent to uninformed general news reporters – even more established technology writers have contributed to the public’s negative perceptions. Few have a personal experience to back up their contempt for crypto, unlike BBC journalist Monty Mumford.

Mumford, the BBC’s technology of business reporter, used his platform to recount the story of how he lost £25,000 worth of Ethereum due to a hack. He shares his story of buying a sizable amount of the asset as a long-term hold, following which he moved the funds into a hot wallet and kept his private keys stored in his Gmail drafts for easy access.

When he checked in on his funds after some time left dormant, he realised they had been moved from his wallet - firstly to a ‘consolidation wallet’ controlled by his hacker and then to Binance. Despite the involvement of US-based bounty hunters CipherBlade, Sussex police’s cybercrime unit and the Malta-based exchange itself, his attempts to track down the hacker proved fruitless.

The experience has, understandably, left a bitter taste in Monty’s mouth. He describes the space as ‘utterly terrifying’ and a ‘savage bazaar’, and implores the reader to ‘learn from his mistakes’ should they consider purchasing cryptocurrencies,

What’s left unclear from Monty’s piece is the cause of the lost funds. He acknowledges the possibility that keylogging malware could have been used to identify his private key.

Other plausible explanations would be that his Gmail was compromised – either by a mysterious hacker or by someone who knew he had invested in crypto – or else it’s possible that he had pasted his private key into a phishing site rather than his third-party wallet (MyEtherWallet’s) interface. In any case, the result is the same – Monty now no longer controls his funds, nor has any recourse for getting any of the money back.

Even the most ardent supporters of individual financial sovereignty and responsibility would feel sympathy for Monty’s plight. Indeed, it serves as a reminder to all in the space of the risks inherent in handling money-over-IP.

Rather than feeling fearful, however, readers holding sums of crypto – no matter how large or small – should use this as a prompt to consider their own personal security practices. While the risks are manifold, and the best-fit solution is unique to each individual’s own situation, there are five principles for self-custody to bear in mind:

  1. Don’t make yourself a target – Whether on Twitter or the office elevator, keep your crypto holdings to yourself.
  2. Don’t store your private keys on cloud-based platforms – Some readers may recall a famous incident where ICO evangelist Ian Balina’s Evernote account, containing his private keys, was hacked during a livestream. Storing your keys online means you’re trusting the provider to keep them secure – a service they’ve never agreed to provide, nor would they guarantee.
  3. Use multi-factor authentication; Just like the front door of your home, the more security steps a hacker has to contend with, the lower the likelihood of a breach.
  4. Have backups in separate locations; Oftentimes, the biggest threat to your funds isn’t sitting in front of a computer screen in Pyongyang. Many people have lost access to funds through their own blunders. If you accidentally delete a file or throw away a piece of paper containing your keys, make sure you have a backup in place.
  5. Consider a hardware wallet; There’s no such thing as 100% security. Hardware wallets, such as Ledger or Trezor, provide some peace of mind over where exactly keys are being stored and who has access to them.

Always remember: being your own bank also means being your own chief security officer. Monty learned this the hard way. Let’s just hope that his ordeal means others don’t have to.

Tweets of the Week

The Token Analyst provides further insight into the claims that Bitcoin’s recent drop was linked to the selling of funds from a prominent Chinese Ponzi scheme:

The ‘RektPlebs’ Telegram account is a collection of the distresses retail investors have experienced due to ill-advised crypto investments. Who would have thought Goldman Sachs would warrant a place on the feed?

Nic Carter comments on Bitcoin’s own Appellation d’Origine Contrôlée:

The Week’s Best Content:

Recommendation 1 – Plan B is now Plan A

Digital Asset Research conducts further investigation into Plan B’s influential quantitative analysis on Bitcoin’s future price trajectory.

Recommendation 2 – Bitcoin & Ethereum: A Rational Conversation Between Two Bulls

Delphi Digital’s Tom Shaughnessy pulls off the near-impossible by hosting a civil and balanced debate between evangelists from the Bitcoin and Ethereum camps.

Recommendation 3 – Navigating the crypto investment universe

MetaStable Capital’s Hasseb Qureshi offers a ‘birdseye’ view on investing in the crypto space.

Don’t Miss:

Web3 Summit 2019

Funkhaus, Berlin

19-21 August

Each year, a collection of developers, researchers and others interested in the latest developments gather in Berlin to discuss the future of the decentralised web. This year’s event features presentations by Gavin Wood (Parity), Ryan Selkis (Messari) and Meltem Demirrors (CoinShares).

If you are unable to make it to Berlin, recordings from the event will be posted on the event site.