Comment by HenryBemis
20 hours ago
Taking a step back from this attack, it looks like the new crypto-reality is far far far immature security-wise & compliance-wise ("compliance to what??" you can ask me).
While it is nearly impossible to steal $100mn from one of the mega-banks, those <expletive> crypto bros, a bunch of failed morons (self-proven by all these hacks), manage to lose people's money. Now.. I am not defending the banking system (and its ethics/morals), but damn-it they do a f-a-r better job at IT Audit/IT Compliance/IT Sec (my bread and b utter for decades).
Being in the thick of it, I can tell you the compliance side is pushing towards what exists in traditional finance, be IT, money laundering, accounting practices etc. At least in Europe and to a lesser extent the US. If you go working at new banks (say Revolut or N26) or at growing asset-managing crypto companies in Europe you'll find the landscape to be extremely similar.
As far as I'm concerned, if you're parking money with a company based in an area that has lax regulation you're holding the gun that'll shoot your foot. I have a hard time seeing something like this happen at Bitpanda or Kraken, though you never know.
Classic “you get what you pay for”.
The difference is that conventional banks can roll back transactions. The normal banking system is essentially a consensus mechanism "A: I owe you this amount. A: I just transferred you this amount, ok? B: Yup, accepted, thanks." If something goes wrong, A can say "A: Woops, I made a mistake. Reverse please, here are the laws stating in this case I have the right. B: Alright, I must comply.". In cryptocurrencies, by design, "the code is law". And this law does not predict reversing transactions. So you can lose any amount of currency due to an illegal act or even some simple error, like transferring to a dead address.
> those <expletive> crypto bros, a bunch of failed morons (self-proven by all these hacks)
Bankers are a bunch of idiots, too. I know this to be true because that one investment bank collapsed a bunch of years ago.
In all seriousness though, ETH is just a commodity; a bearer instrument; a thing. It's similar to gold or cash in some ways. If you store it properly, you're fine. If you give it to someone untrustworthy who loses it, of course that's a problem.
Well-regulated banks can start holding crypto on behalf of customers as soon as they're given the regulatory go-ahead. They've stored gold in vaults for thousands of years; they can store crypto in digital vaults too.
I’d be shit scared of a trad-fi institution holding crypto. I doubt they have the operational muscle, instinct, and know-how to properly safeguard it. Unless they partner with someone who does, which is what they’d likely do.
> Unless they partner with someone who does, which is what they’d likely do.
They're already doing it. Most crypto or crypto-adjacent product you'll see traditional firms is relying on a provider white-labelling crypto exposure.
I'm not sure how you'd do compliance, though. At least not universally. You could (which I suppose is your point) implement compliance requirements for crypto companies operating facilities on your soil. That doesn't really do anything for decentralized systems though
Compliance has a centralizing effect, for example the American OFAC sanctions list. You can do business outside of it but you're cutting yourself out of a lot of institutional money. In the end while there's a lot of money being made in sanctions-evasion, money-laundering and whatnot, at the macro level the industry prefers trying to cozy up to Blackrock and Vanguard than to narcos.