Recently, a friend who is new to crypto asked me if keeping their crypto on an exchange made sense. I counseled them that it depended on their level of comfort. It turns out, however, that our concerns were not the same. My concerns centered around custody and control but their main concern was the potential for a hack given their recollection of prior news coverage of successful hacks. As such, our discussion delved into a concern that many crypto novitiates do not always consider. In order to help those just beginning their journeys, I want to introduce the concept of “not your keys, not your coins.”
What this means is that if you, as a self-sovereign financial center, do not control or have access to the private keys of the wallet(s) that store(s) your crypto, that crypto is not yours. To illustrate this risk, I want to revisit last year’s Twitter hack that impacted several celebrities and scammed many people out of their Bitcoin (BTC). At the time, several exchanges took action to block users from sending BTC to the suspected scam address. These actions are anathema to the entire cypherpunk ethos that gave rise to BTC and the other crypto currencies leveraging distributed ledger technology (DLT).
At the heart of cryptocurrencies is a philosophy of circumventing traditional financial institutions. From their inception, and included in the abstract of Satoshi Nakamoto’s seminal paper, the following explanation explains their purpose: “A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.” (emphasis added). This desire, of independence from legacy institutions, can be considered central in a decentralized construct.
Given this desire for independence and non-reliance on centralized institutions, the concept of the sovereign individual and that you are “your own bank” have taken root. To better understand this mentality, and the aforementioned desire to avoid centralized institutions, it is important to remember the environment that led to the creation of BTC, namely the Global Financial Crisis (GFC). At the time, the recession into which the world was plunged was blamed on large financial institutions whose greed led to the propagation of poorly understood risks. In blaming the GFC on these “experts” a subset of the global population became inherently distrustful and adopted the libertarian mindset of autonomy. It was this desire for autonomy, coupled with mistrust of the centralized players that formed the foundation of BTC and DLT.
In this construct, being your own bank means that you are responsible for your own custody and decisions with your assets, but they are YOUR assets. This is not too dissimilar from the old adage of “caveat emptor”. The benefit is that you control your assets completely and are your own custodian. The downside is forfeiting the safety systems to which we have become accustomed, benefits such as fraud protection, reversing transactions, and centralized compliance/review functions.
In the new environment, if you fall for a scam, you alone are responsible, in the legacy environment, if you fall for a scam, you can blame your bank for not preventing you from falling for it. This dynamic is likely what led the exchanges to act in the perceived interest of their users. They acted in-line with legacy habits and received plaudits from the media in the process. Meanwhile, they violated the fundamental crypto principle of the sovereign individual.
The exchanges, while acting in the best interest of their users, violated a fundamental tenet of the assets in which it transacts by limiting the ability to send assets wherever the owner desired. This alone should raise concerns about the true ownership of assets for this action is a short step removed from confiscation. This would be a huge violation of crypto principles as the concept of the sovereign individual also relies on a confiscation-resistant feature of crypto and a role that it is currently fulfilling in certain countries including Venezuela and Lebanon.
Furthermore, their concerns about hacks are not misplaced. Infamous hacks such as Mt. Gox are well known as hackers stole enough BTC that the exchange was forced to cease operations. Less well-known is the Bitfinex hack. In this instance, it appears that hackers only targeted the largest accounts and the exchange’s response in order to continue operations was to haircut all users 36% even if their accounts were initially unaffected. This further highlights the risks to not being in control of your own crypto because you are dependent on a third-party for your security all while pooling your assets in a larger, more attractive pot for hackers.
Keeping all this in mind, my advice to my friend was that they needed to ask themselves one question, a question whose answer would dictate their actions: Do you want to be in control of your assets?
Disclaimer: The above does not constitute a recommendation or solicitation to purchase or sell any securities or cryptocurrencies referenced herein. As of the time of this writing, the author may have positions in some of the abovementioned securities or cryptocurrencies.