On Friday’s reader case, our intrepid reader Condos&Crypto said that stumbling across our site prevented her from taking the proceeds of her house sale and dumping it all into cryptocurrencies like Bitcoin. In the past, I’ve always recommended against having significant exposure to crypto, but that wasn’t because I had strong feelings one way or another, it was because I didn’t understand cryptocurrencies all that well.
So over the past year, I’ve been following the whole cryptocurrency space and learning more about this thing, and what I’ve learned has horrified me to the point that I won’t touch crypto at ALL anymore.
And I’m not just talking about the hacking issues. We know that Bitcoin exchanges can and will get hacked. But the answer, I believed, was that the user had to understand how to securely hold your crypto using an offline or “cold” wallet. That means storing the private key offline on a USB key or even printed on a piece of paper and kept in a safety deposit box.
Anyone who lost money in any exchange hacks did so because they kept their coins on the exhange. If you only moved coins into the exchange “hot” wallets when you made a trade and then immediately moved them offline to your “cold” wallet, I reasoned, you could be reasonably protected from hackers.
Then the QuadrigaCX Incident happened.
The QuadrigaCX Incident
For those not plugged into the crypto world, QuadrigaCX is, or rather was, the biggest Bitcoin exchange in Canada. I’ve used them before to exchange small amounts of Bitcoin when I was playing around with the tech, and everything seemed fine. My transactions went through, nothing seemed amiss, and I wouldn’t have thought twice of using their platform again in the future.
Then in December 2018, their CEO, Gerald Cotten, died suddenly while on honeymoon in India. And Gerald Cotten was the only one who had the private keys to QuadrigaCX’s wallets that held their entire bitcoin inventory. And that meant QuadrigaCX instantly lost control of their entire Bitcoin inventory.
The irony here was that this didn’t happen because QuadrigaCX had bad security, but rather that Cotten was too paranoid about it. Previous hacks in the crypto space were caused because multiple people had access to the private keys and hackers were able to compromise one of them. The Mt. Gox hack, for example, happened because someone managed to install malware onto the laptop of an auditor. Once the keys are compromised, the wallets can be emptied and there’s nothing you can do about it.
To prevent this, Cotten made sure he was the only one with the key, and he kept it on his laptop which he kept encrypted with a password only he knew. So when he died, nobody could get into that laptop to get the keys back out. So in a way, I guess his security was actually pretty good. Yay?
Everyone who had any money stored in QuadrigaCX lost it. Every single one. Right now, investigators are still sifting through the remains of the company, but it looks like total losses range from $190 million to $250 million.
Bitcoin Exchanges Are Not Regulated
When I was nosing around the crypto landscape, I remembered QuadrigaCX being one of the more legit-looking ones since they were supposedly registered with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), as well as with the BC Securities Commission. So how could something like this happen to a company that was regulated as a financial institution?
Turns out, it wasn’t regulated as a financial instutution, because QuadrigaCX was able to argue that because they were exchanging digital tokens rather than stocks, ETFs, or derivatives, they weren’t a financial institution and therefore weren’t subject to any regulations of any kind.
This is actually a common thread I’ve noticed inside the crypto space. They love to tout how much money they’re making, yet when it comes time to comply with laws and regulations, they argue that it’s not real money and therefore the laws that govern banks and brokerage firms don’t apply to them. The reason for this is that crypto enthusiasts are, by and large, intensely anti-government.
Bitcoin, after all, was created in the midst of 2009’s global financial collapse. Trust in governments and banks was in the toilet, and the idea of a digital currency that could be anonymously traded and not subject to any government or bank was extremely appealing.
But as a result, the financial protections that we all take for granted when we deposit our paychecks into our savings accounts don’t apply here. No bank would have been allowed to have the entire organization controlled by one guy with a password that only they know. And when banks do collapse, there are safeguards like the CIPF/CDIC (or the American Equivalent, SIPC/FDIC) that make sure customers can get their money back. No such protection exists for crypto exchanges. If the money’s gone, you’re out of luck.
And what made it worse is that when their CEO died, QuadrigaCX initially tried to conceal the news that they, you know, couldn’t exchange bitcoins anymore for MONTHS. So anyone who deposited their coins in, traded it, and tried to withdraw their money were faced with an unexplained delay. That delay, as it turns out, was caused by the fact that the exchange had no control over their coins, and therefore their money was already gone.
So my clever solution of holding bitcoins in an offline cold wallet and only transferring it into a hot wallet to trade would not have helped. If I had transferred coins into the exchange after their CEO died (and again, there was no way of knowing this had happened), all my money would have been immediately gone and there’s nothing I would have been able to do about it.
These Exchanges are Sketchy A.F.
And on top of all that noise, following the investigation of the QuadrigaCX incident in the news has convinced me that these exchanges are, to use the technical terminlology, Sketchy As Fuck. How sketchy you ask? Let me put it this way: I’m not even convinced that this CEO guy’s actually dead!
First of all, Gerald Cotton died in India, a country known for being able to easily obtain fake death certificates. Think I’m joking? Here’s an article literally titled Want a Fake Death Cerficiate? from the Times of India.
Then the death certificate issued misspelt his name as “Cottan.” But fine, typos happen.
Then it was revealed that he changed his will to leave all his assets to his wife just 12 days before he died. Suspicious sure, but not exactly a smoking gun.
Oh yeah, and then there’s the small matter that the investigators trying to reconstruct the cold wallets from blockchain analysis discovered that the wallets had been emptied prior to Cotten’s death. Even if they get the keys back, there’s nothing left.
Add to that a recent Globe and Mail report that found out that Cotton’s partner and co-founder Michael Patryn was using a fake name. His real name is apparently Omar Dhanani, who, and I quote “was a member of an online marketplace called Shadowcrew.com that trafficked in stolen credit card numbers and identities.” Plus he was convicted in the US for money laundering and served 18 months in prison.
At that point, I was like “You know what? I’m out.”
Crypto only has value if you can trade it on an exchange. And these exchanges are completely unregulated, constantly hacked, and are apparently run by convicted felons. There’s no way I can see to safely trade in this space that would prevent me from getting all my shit stolen, so I have concluded that the only safe amount of Bitcoin to hold is none.
Cryptocoins are NOT an investment
So my yearlong experiment into the crypto space has come to an end. You can debate all day whether you think BTC will go up, down, or sideways, but at the end of the day that debate is pointless. The idea that these things could ever be used as a real currency or taken seriously as an investment is laughable. When the exchanges aren’t being hacked left and right, they’re failing all on their own due to their owner’s hubris and lack of respect for financial regulations and government oversight. At most I owned a few hundred dollars worth of crypto during my experiment, and I’m glad to be rid of even that.
If anyone reading is thinking of buying crypto: Don’t. And if anyone has any money already in crypto: Dump it. But do it in small transactions, spread across as many different exchanges as you can, and verify that each withdrawal actually makes it into your bank account before you proceed with your next sell. Good luck.
Hi there. Thanks for stopping by. We use affiliate links to keep this site free, so if you believe in what we're trying to do here, consider supporting us by clicking! Thx ;)
Build a Portfolio Like Ours: Check out our FREE Investment Workshop!
Travel the World: Get covid-19 coverage for only $42 USD/month with SafetyWing Nomad Insurance
Multi-currency Travel Card: Get a multi-currency debit card when travelling to minimize forex fees! Read our review here, or Click here to get your first $500 exchanged for free!
Earn 10% Cash-back: Earn an extra 10% back for a limited time with a Tangerine World Mastercard! Click here to sign up!