Unstoppable Domains and Crypto Browser Opera Widen Scope to Offer Accessible Web3 Identity System

February 17, 2023 Bitcoin.com

Court to Try 2 Russians for Stealing 86 Bitcoins From Crypto Miner

February 16, 2023 Bitcoin.com

FDIC warns CEX.IO and its reviewers to remove potentially false claims about insurance

February 15, 2023 Coin Telegraph

The U.S. federal agency found a claim about deposit insurance in the fine print on the exchange’s website and on websites that reviewed it.

The United States Federal Deposit Insurance Corporation (FDIC) has sent a letter to executives of cryptocurrency exchange CEX.IO warning them that they are potentially in violation of federal law due to false and misleading statements about the exchange’s insurance status. The agency has given the exchange 15 days to make corrections.

The statement in question is found in the small print details of the exchange’s state money transmitter license information. The information for Rhode Island reads, “U.S. dollars held in your CEX.IO fiat currency wallet are FDIC-insured up to $250,000 per account.”

The FDIC letter also noted that, if the exchange has an FDIC-insured account, the insured depository institution holding the funds must be named. The letter, signed by FDIC assistant general counsel Seth Rosebrock, cites the Federal Deposit Insurance Act throughout. The letter clarified:

“CEX is not FDIC-insured, and FDIC insurance does not protect cryptocurrency or any assets other than U.S. dollar deposits held at IDIs [insured depository institutions].”

The FDIC demanded that CEX.IO remove statements that imply it has FDIC insurance, cease and desist from making any statements to that effect and clarify any statements relating to “pass-through insurance arising from the placement of funds in accounts at IDIs.”

The agency, which is an independent agency created by the U.S. Congress and financed by insurance dues, said that enforcement actions it might take include the issuance cease-and-desist orders and assessment of civil monetary penalties.

Today, we issued letters demanding four entities stop making false and misleading statements about FDIC deposit insurance and to correct these falsehoods. Read more ➡️ https://t.co/TqdIZkD502. pic.twitter.com/K1qkUBjP0Z
— FDIC (@FDICgov) February 15, 2023

The FDIC also found two websites with reviews of CEX.IO that claimed the exchange had FDIC insurance. It sent letters demanding analogous changes to those statements as well. One of the websites, Bankless Times, is based in the United Kingdom.

The FDIC’s insistence that crypto should not be insured has garnered praise from crypto skeptic Sen. Elizabeth Warren. The agency was also one of the three signatories of a recent statement warning banks of the dangers of crypto.

Binance holds token collateral and user funds on same wallet by ‘mistake’

January 24, 2023 Coin Telegraph

Binance

Binance previously said the firm’s corporate holdings are recorded in separate accounts and should not form part of the proof-of-reserves calculations.

Major cryptocurrency exchange Binance reportedly admitted that it mistakenly stores some customer funds in the same wallet with its collateral for some in-house tokens. After the revelation, Binance started the process of transferring the assets in question to dedicated collateral wallets.

Binance mistakenly put collateral for some of the Binance-minted tokens, or B-Tokens, in a wallet that also holds customer assets, Bloomberg reported on Jan. 24.

On Monday, Binance released a proof of collateral for B-Tokens, providing information for all 94 tokens issued by Binance. The firm previously stressed that B-Tokens are always fully collateralized and backed 1:1.

According to the proof of collateral, Binance reserves for almost 50% of all B-Tokens are currently stored in a single wallet called “Binance 8.” The wallet holds significantly more tokens in reserve than required for the amount of B-Tokens that Binance has issued. That allegedly suggests that Binance mixed collateral with clients’ coins rather than storing such assets separately.

Despite the matter relating only to B-Tokens, such a wallet management system would apparently contradict Binance's own wallet guidelines.

According to Binance’s proof of reserve (PoR) page, the exchanges' corporate holdings are recorded in separate accounts and do not form part of the proof-of-reserves calculations. Binance stated:

“When a user deposits one Bitcoin, Binance's reserves increase by at least one Bitcoin to ensure client funds are fully backed. It is important to note that this does not include Binance’s corporate holdings, which are kept on a completely separate ledger.”

According to Bloomberg, Binance has admitted that it stores B-tokens mixed with its own reserves by mistake and is doing its best to fix the issue soon.

“Binance is aware of this mistake and is in the process of transferring these assets to dedicated collateral wallets,” a spokesperson for Binance reportedly said. The representative also noted that Binance 8 is an exchange cold wallet, adding that collateral assets have been previously moved into this wallet in error.

Binance did not immediately respond to Cointelegraph’s request for comment.

As previously reported, Binance launched a PoR process in late November to gain more public trust amid the failure of the FTX crypto exchange. By early December, the exchange scored partnership with the accounting firm Mazars as its official PoR auditor.

Soon after confirming that Binance’s Bitcoin (BTC) were fully collateralized, Mazars removed Binance’s PoR audits from its website without providing any explanation.

FTX Debtors’ List of Assets Omits Mention of Large Stash of NFTs and ENS Names Owned by Alameda

January 20, 2023 Bitcoin.com

1inch launches proprietary hardware wallet as self-custody trend grows

January 19, 2023 Coin Telegraph

Coin Telegraph

1inch Networks’ upcoming hardware wallet has no direct connection to the internet and doesn’t require any wired connection.

Decentralized exchange (DEX) aggregator 1inch Network is the latest cryptocurrency platform to move into the hardware wallet industry amid the rise of self-custody.

On Jan. 19, 1inch officially introduced the 1inch Hardware Wallet, a proprietary hardware wallet developed by an independent team working within the 1inch Network.

In order to provide maximum security, the 1inch Hardware Wallet is “fully air-gapped,” meaning that it has no direct connection to the internet and does not require any wired connection.

“All data is exchanged using QR codes or, optionally, with NFC,” 1inch said, noting that the 1inch Hardware Wallet also doesn’t have any buttons.

The upcoming hardware wallet comes in the size of a bank card, featuring a 2.7-inch E-Ink grayscale touch display. The waterproof crypto wallet is equipped with a damage-resistant Gorilla Glass 6 surface and stainless-steel frame. The device supports wireless charging, with the Li-Po battery designed to last for roughly two weeks of use.

One of the specific features of the 1inch Hardware Wallet is that it replicates the design of the Apple product line. The wallet comes in five colors, including hex, graphite, sierra blue, silver and alpine green, matching the iPhone 13 lineup.

“There will be two limited editions in pink and gold with some design changes and corresponding NFTs,” a spokesperson for 1inch told Cointelegraph.

The 1inch Hardware Wallet’s projected designs at launch. Source: 1inch Network

1inch is not the only crypto firm promoting its hardware wallet in an attempt to benefit from Apple’s popularity. Last year, French hardware wallet provider Ledger announced a collaboration with Tony Fadell, the inventor of the iconic iPod Classic model, to develop its latest crypto wallet, Ledger Stax.

According to a spokesperson at 1inch, the firm started the development of the hardware wallet in early 2022 and expects to launch the product in Q4 2023. The firm also plans to proceed with development and security enhancements in the near future.

“Next month, we will be launching the contributor program, so everyone will have an opportunity to improve the device truly on their own,” a 1inch representative said, adding that documentation and source codes will be available on GitHub.

1inch’s entry into the hardware wallet industry comes amid the rise of self-custody amid the distrust of centralized crypto exchanges (CEX). Major hardware wallet providers like Ledger and Trezor recorded a significant surge in traffic and sales as crypto investors were triggered to offload their holdings from CEXs amid the FTX collapse in November 2022.

What are hierarchical deterministic (HD) crypto wallets?

January 19, 2023 Coin Telegraph

Blockchain

A hierarchical deterministic wallet uses a single seed to create an infinite number of addresses, allowing users to recover funds using a master key.

Are HD wallets safe?

HD wallets are as secure as the medium (physical or digital) on which they are stored.

BIP-32 enables an HD wallet to produce a tree-like hierarchical structure of private keys from the seed. As a result, if a device is lost or destroyed, the seed backup can be used to restore the wallet along with all of the tree’s private keys.

Hierarchical deterministic wallets offer enhanced security and privacy compared to non-deterministic wallets. They are secure because a new address is issued for every new transaction. Therefore, hacking them is a challenging and intricate process. Additionally, an indefinite number of public addresses can be created for the purpose of collecting payments, ensuring users’ financial anonymity.

However, if either private keys or master keys are not safely stored, they can expose users’ funds to malicious actors. Therefore, the chosen seed phrases in HD wallets should be unrelated to users’ names or any other personal details that attackers will find simpler to compromise.

What are the benefits and drawbacks of using an HD wallet?

With hierarchical deterministic wallets, users’ privacy is improved because they can share their master public key with others without putting their money in jeopardy. Similarly, HD wallets are secure since funds are diversified over numerous addresses. However, there is a substantial chance of money being lost if the master key or private keys get revealed to the public.

Due to the hierarchical structure of deterministic wallets, every private key generated by the seed has the potential to be utilized as a master private key, which can then be used as a deterministic wallet to generate further keys.

Also, the changing addresses offer enhanced privacy, as one cannot find out the exact wallet balance from the public ledger. However, anyone who has access to the extended private keys can steal users’ funds, which is why they shouldn’t be shared with non-trusted parties.

Along with improved privacy, deterministic wallets offer great security, as access to a number of different private keys will be required to gain access to all of the users’ crypto assets because they have spread their funds across several addresses. Furthermore, the coins that are controlled by other private keys remain unaffected if one private key is compromised. However, if the seed is compromised, all funds may be stolen by hackers.

How does a hierarchical deterministic wallet work?

To increase security and privacy, an HD wallet creates a fresh key pair from a master key pair (consisting of an extended private key and an extended public key) for each cryptocurrency transaction.

With BIP-32, HD wallets become the de facto standard for Bitcoin. BIP-32 is the Bitcoin Improvement Proposal (BIP) that introduced the development of a wallet structure that resembled a hierarchical tree.

In an HD wallet like MetaMask, a single master key is derived from the wallet seed, which is then used to generate child keys, each of which is capable of generating its own children. A seed, often represented as a mnemonic phrase, is a piece of information that can be used to produce both the wallet’s public and private keys.

A master key pair consisting of an extended private key (XPRIV) and an extended public key (XPUB) is typically present in HD wallets for Bitcoin. Additionally, a child private key is created pseudorandomly from a master private key, and the matching child public keys can be generated by anybody who knows the master public key.

The XPRIV produces all of the child private keys, and the XPUB may display the balances of all the child public keys in the wallet. Moreover, the need for storing multiple key pairs is eliminated, as HD wallet addresses can be generated from the master key or seed.

The same tree of keys will be generated by the master key, allowing users to back up a single seed rather than hundreds of keys in the case of non-deterministic wallets. Furthermore, XPUB keys allow users to receive Bitcoin directly into a cold storage wallet and keep their private keys offline because they allow users to generate new addresses using online extended public keys.

A web retailer that creates new public keys for each sale is an inspiring use case for HD crypto wallets. Using a deterministic wallet, the merchant can quickly produce and save only the public keys on a risky internet server while keeping all of the related private keys secure in offline storage. Additionally, the retailer can use HD wallets’ hierarchical feature to keep only the public keys required to process consumer payments, which might improve the privacy of the user.

What are deterministic and non-deterministic wallets?

A hierarchical deterministic wallet generates public and private keys from a master key, allowing users to create a new wallet and retrieve all addresses and keys, given that they have access to the seed. On the contrary, non-deterministic wallets randomly generate wallet addresses and private keys, restricting users’ ability to recover addresses and keys if the wallet’s details are lost.

Typically, digital signatures and pairs of private and public signing keys are used in blockchain-based cryptocurrencies. That said, users spend their money by signing a transaction with the private key, and other users (recipients) can use the public key to confirm the signature’s validity. Private keys can be used to generate public keys, but not the other way around.

For instance, a user’s Bitcoin wallet comprises a set of private keys that enable the owner to spend any Bitcoin (BTC) linked to those keys. When the user needed them, Bitcoin wallets would randomly generate BTC addresses and private keys. Such types of digital wallets are called non-deterministic wallets (ND).

However, since the keys are not generated in any pattern, users must make a backup of each key whenever a new one is generated. That said, if the wallet’s details are lost, all of the addresses and keys would also be lost.

This type of Bitcoin wallet is also known as a “just-a-bunch-of-keys” (JBOK) wallet, as it produces unrelated keys and requires users to keep track of their transactions every time they buy and sell their cryptocurrencies. So, what are hierarchical deterministic (HD) wallets?

Hierarchical deterministic wallets took the place of JBOK wallets since users could back up HD wallets using a single seed and greatly benefit from extended keys. Therefore, a wallet that generates its public and private keys from a seed is referred to as a hierarchical deterministic wallet.

These wallets can be used for a variety of intriguing things, such as trustless auditing, online shopping and departmental funding distribution by the treasurer. For instance, an individual might disclose their master public key to external auditors, who could then use that key to view any future transactions made using BTC. In this case, the user’s funds are secure because the private keys linked to those funds are never revealed.

The summary of differences HD vs. non-HD wallets is listed in the table below:

SEC of Thailand issues crypto custody provider rules

January 17, 2023 Coin Telegraph

Coin Telegraph

The Thai securities regulator now requires crypto custodians to have a contingency plan in case of unforeseen events.

The Securities and Exchange Commission (SEC) of Thailand is working to better protect cryptocurrency investors by introducing new rules for crypto custody services.

On Jan. 17, the Thai SEC issued regulations requiring virtual asset service providers (VASP) to establish a digital wallet management system to guarantee efficient custody. The new rules target crypto custodians or VASPs that provide crypto storage services.

The regulations include three major requirements, including the provision of policy and guidelines for overseeing the risk management of digital wallets and private keys. The rules require VASPs to communicate with regulators regarding such policies and provide action plans to ensure compliance.

Additionally, the SEC requested crypto custodians provide policies and procedures for designing, developing and managing digital wallets and keys. The authority will also require crypto custodians to establish a contingency plan in case of unforeseen events that may affect the wallet management system.

“This includes laying out and testing action procedures, designating responsible persons and reporting the event,” the SEC stated, adding:

“An audit of system security is also required as well as digital forensic investigation in case of any event affecting the security of systems related to digital asset custody, which could cause significant impacts on clients’ assets.”

According to the announcement, the new regulations have taken effect starting from Jan. 16, 2023. Crypto custodians are required to fully comply within six months from the effective date.

The latest crypto regulations by Thailand’s SEC align with the authority’s plans to adopt more strict crypto regulations in the aftermath of industry failures like the FTX collapse. In early January, the authority reportedly started a new investigation against a local crypto exchange Zipmex, alleging that the firm has been providing digital asset fund management services without permission.