Skip to main content

The rapid collapse of FTX, once the world’s second-largest crypto exchange, followed by the collapse of Celsius, has undermined trust in centralized crypto services. The industry’s short history has shown that hacking attacks and fund misappropriation are the two leading causes behind centralized crypto exchanges (CEXs) crashing or losing clients.

If FTX represents the worst example of fund misappropriation, Mt. Gox — a Japan-based crypto exchange that accounted for over 70% of all crypto transactions at its peak in 2014 — is the worst example of how a hacking attack can lead to failure.

While CEXs have played a key role in crypto adoption, the ongoing trust crisis doesn’t bode well for the crypto industry. The fear of becoming the next victim of a CEX failure has prompted many investors to consider decentralized exchanges (DEXs). The DEX vs. CEX inflow ratio reached an all-time high, at over 60%, shortly after FTX went bankrupt in November 2022, according to Chainalysis.

CEXs have the urgent task ahead of them to rebuild trust, and the main focus should be on fund misappropriation. While the crypto industry is still plagued by hacking attacks, their impact is usually limited and contained. Despite 2022 being the worst year when it comes to crypto hacking, the value of crypto stolen from CEXs fell significantly compared to 2016–2020. Over 80% of crypto funds stolen by hackers in 2022 were actually linked to decentralized finance (DeFi) protocols, with cross-chain bridges being the most vulnerable point.

How can crypto users trust centralized exchanges again?

Trust has been one of the key pillars of blockchain as a concept. Its decentralized nature was meant to make transparency inherent to all processes. Some CEXs can, at times, become ignorant of their larger mission of maintaining user trust no matter what, and FTX is a painful example.

If centralized crypto services fail at setting barriers to filter out bad actors, governments will take matters into their own hands, which might end up negatively impacting the industry with overregulation.

The FTX collapse has been a catalyst for crypto regulation in most developed countries. While the United States faces a battle between the Securities and Exchange Commission and the Commodity Futures Trading Commission on who should take a leading role in regulating cryptocurrencies, the United Kingdom is already laying out concrete plans.

However, even when governments step down on the accelerator to bring tougher regulation, it will take years before all the rules are enforced accordingly. Before that happens, trusted third parties can have a greater contribution to rebuilding confidence in CEXs. For example, private rating agencies can work faster and more efficiently than regulators.

CEXs have to become more transparent before regulation comes

Governments will slowly but surely impose more control over crypto operations, but CEXs can avoid overregulation by becoming more responsible themselves.

Some crypto exchanges are already pushing to achieve that. Recently, CoinEx launched the “Merkle tree” audit method for proof of reserves. It became one of the first centralized exchanges to disclose proof of reserves, which is a way to review assets and check whether a platform possesses sufficient on-chain funds to back the assets of its clients. With all user funds backed by reserve assets, there is no risk of misusing CEX funds for lending or taking risks by using leverage — practices that led to the collapse of FTX and its sister company Alameda Research.

CoinEx employs the Merkle tree method to prove it has a 100% reserve ratio, meaning that in the case of a surge in withdrawals from clients, the exchange has sufficient funds to satisfy all requests. The exchange has maintained a 100% reserve ratio since its inception in 2017.

CoinEx has also adopted a series of measures to protect user assets, including standard two-factor authentication, a high-speed trade matching engine, login reminders, abnormal IP address change monitoring, multi-layered withdrawal verifications, API permissions and real-name authentication.

The platform has maintained a zero-accident record to date thanks to its responsible approach against fund misappropriation and hacking attacks.

To improve risk control and asset security, CoinEX also released the Security Vulnerability and Threat Intelligence Bounty Program, which incentivizes users to inspect and record any potential security vulnerabilities on the platform. The program divides potential vulnerabilities into three levels based on their threat, offering up to 10,000 USDT to participants.

A collaborative effort could help rebuild trust

While exchanges work on their own to improve risk control, they can also collaborate and exchange information to better detect bad actors.

U.S. crypto exchange Gemini has called for a self-regulatory organization for the U.S. crypto market since 2018. The collapse of the FTX exchange will likely accelerate the adoption of such collaborative efforts.

The latest reports suggest that Binance is creating a consortium joined by other CEXs and organizations to rebuild trust in the crypto industry. The consortium will likely be run in a decentralized manner by all participants.