News Updates December 26, 2022

1. Sam Bankman-Fried found ‘chilling’ in JFK airport lounge on $250M bail bond

Based on the pictures, crypto community members confirmed that SBF’s location was the Greenwich (Business Class) lounge in American Airlines’ Terminal 8.

The momentary arrest of former FTX CEO Sam Bankman-Fried (SBF) can be attributed to the efforts taken by the crypto community to aid investigations and track down the whereabouts of the infamous entrepreneur. While SBF eventually escaped prison time via a $250 million bail bond, the community continues to monitor his every move publicly.

Just three days after being released on a personal recognizance bond, a crypto community member allegedly spotted SBF “chilling” in a John F. Kennedy International Airport lounge. The supporting images were shared on Twitter by litcapital, which shows SBF sitting on a lounge chair with access to a laptop and mobile phone.

Based on the pictures, other community members confirmed that SBF’s location was the Greenwich (Business Class) lounge in American Airlines’ Terminal 8. According to the primary source, SBF was accompanied by his parents, FBI agents and lawyers.

Subsequent images showed SBF on an American Airlines flight disguised with a beanie and seated next to a suited executive.

The images reignited discussions around how SBF told Maxine Waters, chair of the United States House Financial Services Committee, that he had no access to his personal or professional data despite having access to his laptop and mobile device.

Moreover, some also wondered how SBF was able to afford the business-class tickets amid FTX’s bankruptcy proceedings. “Great to see customer funds are still being put to good use!” said a community member.

A recent court filing revealed that defunct crypto exchange FTX paid a retainer of $12 million to Sullivan & Cromwell LLP (S&C) right before filing for Chapter 11 bankruptcy.

Since Aug. 26, 2022, FTX made payments worth nearly $3.5 million to S&C to avail their legal services.

2. Hackers drain $8M in assets from Bitkeep wallets in latest DeFi exploit

The BitKeep team confirmed that some APK package downloads have been hijacked by attackers and installed by users.

While many are still enjoying the holiday season, hackers are hard at work, draining around $8 million in an ongoing BitKeep wallet exploit. 

On Dec. 26, some users of the multichain crypto wallet BitKeep reported that their funds were being drained and transferred while they were not using their wallets. In their official Telegram group, the BitKeep team confirmed that some APK package downloads have been hijacked by some attackers and have been installed with code that was implanted by hackers. They wrote:

“If your funds are stolen, the application you download or update may be an unknown version (unofficial release version) hijacked.”

As the hack continued, the BitKeep team urged its users to transfer their funds to a wallet that came from official sources like Google Play and the Apple App Store. Apart from this, the team also asked community members to use newly created wallet addresses as their previous addresses may already be “leaked to hackers.” To help with the investigation, the BitKeep team asked affected users to submit the relevant materials through a Google form they provided.

One suspected hacker wallet address already has more than $5 million in digital assets. While the amount exploited is still not final and the attackers are still currently transferring funds to multiple wallet addresses, blockchain security and analytics firm PeckShield highlighted that there’s been more than $8 million in Tether, USDT, DIA, BNB AND ETHEREUM. 

On Oct. 17, the BitKeep wallet also suffered an exploit with the attacker taking off with $1 million worth of BNB. The exploit was conducted through a service that enabled token swaps. The wallet firm suspended the service and pledged to reimburse all the affected users.

3. Bitcoin price volatility due within days, new take says as BTC flatlines at $16.8K

Bitcoin hodlers may not have much longer to wait before BTC price action gets interesting again.

Bitcoin hodlers are enjoying another day of zero volatility on Dec. 26 as hopeful forecasts se signs of a trend change.

Opinions diverge further over BTC price bottom

Data from Cointelegraph Markets Pro and TradingView confirmed more sideways action near $16,800 for BTC/USD on Boxing Day.

The pair took the holiday period in stride, with reduced volumes having no impact on an already deflated market experiencing its lowest volatility on record.

With few trading opportunities in the last week of “Do Nothing December,” analysts attempted to ready the ship for potential headwinds to come.

“If BTC fails to reclaims ~$17,150 as support before the end of the year… Then $BTC will establish the $13900-$17150 range as its new playground,” Rekt Capital tweeted in a fresh update.

“Therefore at worst, BTC could drop to the Range Low of $13900, Which translates to a -20% drop from current prices.”

Rekt Capital was referring to a previous theory involving support levels on the one-month BTC/USD chart.

Fresh downside remained a popular bet among commentators, with Il Capo of Crypto as insistent as ever about a new macro low being yet to come.

“I think most bears are expecting 10k, ignoring all the support before that level. 11k-13k is a very strong support that should hold,” he reasoned.

Responding, however, another popular trading account, Profit Blue, stuck to their warnings that $10,000 would mark the Bitcoin bear market bottom.

Analyst counts down to volatility return

In terms of breaking the agonizing low-volatility status quo, meanwhile, trader Elizy had a potential silver lining for market participants.

4. What are proof-of-reserves audits, and how do they work?

Crypto custodians generate public attestations about their cryptocurrency holdings through proof-of-reserves audits to demonstrate their solvency to depositors.

With the rising interest in digital assets from institutional and retail investors, custody options have also experienced parallel growth. As a result, different kinds of custody choices have evolved as the market changes, and new providers are working to establish the structures and controls that are most effective for particular markets and offerings.

Self-custody, exchange wallets and third-party custodians are the various choices available for users to safeguard their cryptocurrencies. Custodians in the world of digital assets function similarly to traditional financial markets in that their primary duty is to take care of and protect their clients’ assets by holding the private key on behalf of the asset holder, preventing unauthorized access. 

However, despite such efforts, events such as the collapse of FTX (a cryptocurrency exchange and crypto hedge fund) and the liquidation of Three Arrows Capital (a cryptocurrency hedge fund) shocked the cryptocurrency industry. They made people question the reliability and integrity of crypto custodians.

To ensure the financial soundness of custodians, a proof-of-reserves (PoR) audit confirms that the company’s on-chain holdings are identical to the client assets listed on the balance sheet, reassuring customers that the business is solvent and liquid enough to continue business with them.

This article will discuss what is a proof-of-reserves audit, why proofs of reserves are important, how to access the proof of reserves, and how to verify proofs of reserves.

What is a proof-of-reserves?

In traditional finance, reserves are a company’s profits kept aside to utilize in unforeseen circumstances. In contrast, in the crypto space, a proof of reserves refers to an independent audit conducted by a third party to confirm that the entity being audited has sufficient reserves to support all of its depositors’ balances.

The auditing procedure can be divided into three distinct steps:

Proof of liabilities

The exchange’s liabilities are the outstanding cryptocurrency balances due to its clients. The sum of all customer account balances is used to compute the exchange’s total liabilities. To determine solvency, the computed amount is later contrasted with the total reserves. The proof of liabilities component also calculates the hash of the fraction factor and the root of a Merkle tree.

The user account information is used to construct a Merkle tree using the cryptographic hash of the customer’s identity, and the amount owing to the customer would be used to generate a leaf of the tree. The nodes in the following tier of the tree are created by pairing the leaves together and hashing them; to build the tree’s root, nodes are merged and hashed.

Proof of reserves

The assets that the exchange has stored on the blockchain as cryptocurrencies are called reserves. The total assets are computed by summing up the balances of crypto addresses if the exchange possesses the private keys of those addresses. 

By providing the public key linked to a cryptocurrency’s address and signing it with the private key, the exchange may prove that they are the rightful owner of the crypto address. For additional security, the exchange should also sign a nonce (such as the hash of the most recent block that was added to the blockchain), a value that may be used to validate the signature. The outputs of the proof of reserves are the sum and the hash of the address balances.

contains custodial data and has several branches that are authenticated using hash codes.

The auditor then collects individual user contributions by utilizing the distinctive signatures of each account holder.

The next step involves authenticating whether customers’ assets are held on a full-reserve basis — i.e., the individual contributors’ reported balances are at least equal to those obtained from the Merkle tree. It is done by comparing the digital signatures to the Merkle tree records.

Limitations of a proof-of-reserves

Despite the above advantages, proof-of-reserves audit has some disadvantages that cannot be overlooked. The critical issue with a PoR audit is that its correctness depends upon the auditor’s competence. Also, a fraudulent audit result may be produced by a third-party auditor in collaboration with the custodian under consideration.

In addition, a cryptocurrency exchange may manipulate the facts, as the correctness of verified balances is only valid during the time of audit. The legitimacy of the proof-of-reserves audit can also be impacted by the loss of private keys or users’ funds. Moreover, a PoR audit cannot determine if the money was borrowed to pass the audit.

5. Japan’s New Bill: FSA To Lift Ban on Stablecoins in 2023.

Reportedly, the Financial Services Agency (FSA) of Japan announced that the ban on the domestic distribution of Stablecoins issued overseas would be effectively lifted in 2023.

Significantly, Japan’s efforts in regulating crypto trade could be traced back almost five years back. However, the regulations on the supply of stablecoins in particular had their origin recently.

In June, Japan’s parliament issued a bill to limit the supply of Stablecoins to licensed banks, registered agents, and trust companies in Japan. Mainly, the regulation is aimed at protecting investors and the financial system from risks related to the rapid adoption of Stablecoins.

Notably, the Stablecoins bill was an aftermath of the significant decline in the value of cryptocurrencies following the Terra token collapse.

According to the “Revised Payment Services Act,” which has taken effect in May 2021, the Cabinet Office Ordinances have decided to implement the new regulations on the crypto market, in relation to the stablecoins.

Among the guidelines provided as per the Revised Payment Services Act, it has been given that once the bill is implemented, the issuer of domestic stablecoins would be required to prepare collateral assets. In addition, as mentioned in the earlier bill, the issuers would be restricted to “banks, fund transfer service providers, and trust companies”.

Moreover, while considering the Stablecoins issued overseas, the distributors in Japan are required to protect their assets. Also, the upper limit of remittance is supposed to be 1 million yen per transaction, as per the bill.

Though the specific target of the overseas Stablecoins is unknown, according to the tweet of the reporter Colin Wu, the concerned Stablecoins would be USDC, USDT, etc:

Further, the report suggested that the FSA would collect opinions and suggestions for more guidelines for Stablecoins. So far, the agency has included strategies for promoting security and transparency like recording transaction information.