Root Causes 257: FTX Crypto Exchange Collapses

Episode Transcript

Lightly edited for flow and brevity.

• 

  Tim Callan

  So, there is a big item that got a lot of headlines in the news, which is the recent collapse of FTX. Jason, what’s FTX?

• 

  Jason Soroko

  FTX is a number of things. I will describe the most important aspect of this in a moment but a little bit of background. On this podcast, we have delved into the topic of cryptographic currencies, bitcoin, blockchain technologies, etc. The FTX is a few things but mostly it’s probably to the average person it’s known as a cryptocurrency exchange and what that really means is you can buy and sell cryptocurrencies, trade them, etc. FTX though also had a lot of other side businesses including it was it’s own market maker. It kind of acted like its own exchange as they say in itself in that it kind of acted like the NASDAQ. It wasn’t just the broker. It acted as an entire ecosystem for a lot of aspects of cryptocurrencies.

• 

  Tim Callan

  I sort of always thought of it as a crypto exchange but when you put it in that broader context I think that’s, certainly that’s accurate but I think that’s good to bear in mind.

• 

  Jason Soroko

  Imagine if NASDAQ were also the market maker and also the arbitrageur and also the …FTX was all of these things.

• 

  Tim Callan

  And also the dollar.

• 

  Jason Soroko

  It even had its own token. Which was a thing. So, very, very short story and this is me having no journalistic quality in what I’m about to say, which I’m staying away from it completely – it looks like there may have been, allegedly may have been, some shenanigans in what had caused the entire - - well all of FTX basically to have to declare bankruptcy and that’s bad, bad news.

  So, if you had any kind of money within it, if you owned the shares of the company, it’s a very bad story and I’m sure it’s a very sore pain point to maybe even some of you listening on this podcast. This is not what the podcast is gonna be about. We just had to address the elephant in the room when we are talking about FTX.

  What we are going to address here, Tim, is the PKI part of this. The interesting cryptographic part of this, which is there’s an interesting saying going around on the internet that caught my eye and that’s why, Tim, I wanted to talk about this today. And it’s great. How often do you get to hear about cryptographic keys in the public domain. Just general discourse on Twitter and these kinds of things. It’s great.

• 

  Tim Callan

  Or how often is discussion about crypto actually about crypto?

• 

  Jason Soroko

  This is actually about cryptography. Not even about crypto as the tokens and as the cryptocurrencies but cryptography – crypto as in cryptography and private key and public key technologies. It’s just terrific.

  So here’s how it goes. When a lot of people were a little more unaware about what was going on, it seemed like a lot, a lot of cryptographic currency had just kind of disappeared and what a lot of people then asked was, hey, I thought one of the principles of cryptographic currencies was that cryptocurrencies was that it couldn’t just disappear. It’s on a ledger. It's there.

• 

  Tim Callan

  It’s blockchain. It’s diversified.

• 

  Jason Soroko

  Well, that’s one-half of the story. What looks like is happening is the money was potentially allegedly, possibly just stolen, in which case, it has not disappeared. It may have disappeared from your account. It may have disappeared from the balance sheets of FTX, but ultimately, it may have been fraudulently given away, stolen, disappeared. We don’t know yet but, ultimately, there’s probably something on a ledger somewhere that shows who was the original owner of specific tokens and where it went, to who.

  Now, here’s the second part of the story. When things started to disappear, people started to ask the question, hey, I use these guys as my broker, my cryptographic currency broker, and I trade on this exchange and now I happen to be very, very worried about where’s my cryptographic currency? Where did it go? And then somebody clever said something very, very true, which is, if you don’t hold the keys, you don’t hold the cheese.

  And I thought that was a pretty clever saying. It’s cruel in the sense that it might have been the first time people heard of it but if you listen to this podcast, you heard of it before.

  Which basically means quite often when you are dealing with a cryptographic currency broker, they hold the private keys to the cryptocurrency wallet. Ultimately, that is used as your identity on the underlying ledger. So, therefore, unless you hold the keys – essentially the private key itself – the public key is simply the address of your wallet. The private key, of course, being the private key. And the thing that needs to be kept secret and in safe hands. Quite often, these brokerages will keep the private key on your behalf. Your identity is simply to log in and then utilize, deposit funds, withdraw, etc., and all those things happen at the exchange and the broker on your behalf. But ultimately, a lot of people will make the assumption, well, I don’t mind if the broker holds my private key because they’re probably never gonna get into crazy shenanigans and go out of business and maybe use my funds for bad things.

• 

  Tim Callan

  And it’s a user experience that’s similar to other things. Like trading stock. When I log into my online security brokerage, I don’t have a private key that I have to keep. That is a nonsensical concept. I just own my shares of Microsoft and I’m happy. If you don’t understand the nuances of how this works, I think it’s very, very reasonable for a layperson, for an intelligent, educated layperson never to even have a clue that that wouldn’t be safe in this specific context.

• 

  Jason Soroko

  Your securities broken is – I happen to know in the United States and same for me in Canada – under many, many layers of government regulation, oversight, etc. etc.

  And this is the big difference with cryptographic currency exchanges and brokerages. Well, first of all, as we said earlier, when the entity you are dealing with kind of plays all the roles, it’s already a little weird.

  Because the opportunity for them to have shenanigans is higher. It doesn’t necessarily mean there would be shenanigans, it’s just the opportunity for them to put their fingers in all kinds of places and manipulate is kind of potentially – potentially there. But the other thing, of course, as you just said, Tim, the user experience of a securities broker customer, as the retail customer, you just log in and do your thing. And that’s the experience FTX wanted to give you. You log in and do your thing and all that complexity of the cryptocurrency wallets is just in the background.

  However, as we’ve talked about on this podcast, the way cryptocurrencies work is that wallet, that cryptocurrency wallet, is your record. Is, in fact, very much tied to anything that was done in your name on your behalf and so, therefore, if you do not possess the private key to that, you are taking some level of risk because if the cryptocurrency exchange goes under, for whatever reason, there may be things that happen that you are not in complete technical control of.

• 

  Tim Callan

  So, Jason, let me ask you this question. You mentioned several times that there is a ledger here. So, would it be possible for that ledger to be able to tell us that an individual token that shows up out in the wild was lost in the FTX incident. Is that a thing that could happen?

• 

  Jason Soroko

  That’s a strange concept in a ledger because a ledger is always balanced. In other words, somebody always owns the token. Somebody always owns the frangible portion of a token.

• 

  Tim Callan

  And maybe my vocabulary didn’t serve me there but the point is if I was the rightful owner of this crypto coin and then FTX collapses and my crypto coin disappears and I don’t have it anymore and I wasn’t paid for it and then it shows up somewhere else and somebody is trading on it, can that be traced back to my original ownership?

• 

  Jason Soroko

  Yes. And in fact, I think there is a very substantial cottage industry out there right now that is doing forensics about where did cryptocurrencies come from, who was the owner at a certain point in time and then where did cryptocurrencies then flow to. I do know that for all kinds of crime purposes, there’s a number of organizations that are out there that think of ransomware organizations that we’ve talked about in this podcast that have received ransomware by bitcoin or other cryptocurrencies and some good forensics of looking at the public ledger actually led to investigations of specific ransomware groups and certain funds were, cryptographic currency funds were able to be recovered in that way. I would say through good forensics, Tim, it’s probably possible to be able to figure out where the funds actually went to.

• 

  Tim Callan

  That would be interesting to see if something happens there.

• 

  Jason Soroko

  But there it is. I think that’s probably the main takeaway in terms of if you don’t hold the keys, you don’t hold the cheese and that is quite literally true. We just never in this normal securities world think about our securities brokers just blowing up. I mean we’ve heard of the cases of like Lehman Brothers back in 2008 but even that had layers of security around it. With cryptocurrencies, it truly is buyer beware still at this point.

• 

  Tim Callan

  Really very much the Wild West. Absolutely. Alright. Well, interesting and sorry if you got caught in this but, we thought it was important to talk about.

• 

  Jason Soroko

  And, you know what, maybe at some point down the road we will monitor what some of the Federal legislative outcomes of this will be because I presume there will probably be something and some of it will probably involve who holds the wallet, who has control over the wallet? That’s the kind of thing that will probably end up in paragraph 15 of something you will read in technical journalism but we will flesh it out for you.