1. Home
  2. Wallet

Wallet

Court to Try 2 Russians for Stealing 86 Bitcoins From Crypto Miner

Court to Try 2 Russians for Stealing 86 Bitcoins From Crypto MinerTwo residents of the Russian city of Tomsk will be tried for “large-scale robbery” involving the theft of cryptocurrency worth millions of rubles from a local miner. The digital coins were stolen from the owner at gunpoint, authorities said, adding that both criminals are now in custody. Thieves Face Trial in Russia for Armed Robbery […]

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

FDIC warns CEX.IO and its reviewers to remove potentially false claims about insurance

The U.S. federal agency found a claim about deposit insurance in the fine print on the exchange’s website and on websites that reviewed it.

The United States Federal Deposit Insurance Corporation (FDIC) has sent a letter to executives of cryptocurrency exchange CEX.IO warning them that they are potentially in violation of federal law due to false and misleading statements about the exchange’s insurance status. The agency has given the exchange 15 days to make corrections.

The statement in question is found in the small print details of the exchange’s state money transmitter license information. The information for Rhode Island reads, “U.S. dollars held in your CEX.IO fiat currency wallet are FDIC-insured up to $250,000 per account.”

The FDIC letter also noted that, if the exchange has an FDIC-insured account, the insured depository institution holding the funds must be named. The letter, signed by FDIC assistant general counsel Seth Rosebrock, cites the Federal Deposit Insurance Act throughout. The letter clarified:

“CEX is not FDIC-insured, and FDIC insurance does not protect cryptocurrency or any assets other than U.S. dollar deposits held at IDIs [insured depository institutions].”

The FDIC demanded that CEX.IO remove statements that imply it has FDIC insurance, cease and desist from making any statements to that effect and clarify any statements relating to “pass-through insurance arising from the placement of funds in accounts at IDIs.”

Related: New York financial regulator investigates Gemini over FDIC claims: Report

The agency, which is an independent agency created by the U.S. Congress and financed by insurance dues, said that enforcement actions it might take include the issuance cease-and-desist orders and assessment of civil monetary penalties.

The FDIC also found two websites with reviews of CEX.IO that claimed the exchange had FDIC insurance. It sent letters demanding analogous changes to those statements as well. One of the websites, Bankless Times, is based in the United Kingdom.

The FDIC’s insistence that crypto should not be insured has garnered praise from crypto skeptic Sen. Elizabeth Warren. The agency was also one of the three signatories of a recent statement warning banks of the dangers of crypto.

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

Binance holds token collateral and user funds on same wallet by ‘mistake’

Binance previously said the firm’s corporate holdings are recorded in separate accounts and should not form part of the proof-of-reserves calculations.

Major cryptocurrency exchange Binance reportedly admitted that it mistakenly stores some customer funds in the same wallet with its collateral for some in-house tokens. After the revelation, Binance started the process of transferring the assets in question to dedicated collateral wallets.

Binance mistakenly put collateral for some of the Binance-minted tokens, or B-Tokens, in a wallet that also holds customer assets, Bloomberg reported on Jan. 24.

On Monday, Binance released a proof of collateral for B-Tokens, providing information for all 94 tokens issued by Binance. The firm previously stressed that B-Tokens are always fully collateralized and backed 1:1.

According to the ​​proof of collateral, Binance reserves for almost 50% of all B-Tokens are currently stored in a single wallet called “Binance 8.” The wallet holds significantly more tokens in reserve than required for the amount of B-Tokens that Binance has issued. That allegedly suggests that Binance mixed collateral with clients’ coins rather than storing such assets separately.

Despite the matter relating only to B-Tokens, such a wallet management system would apparently contradict Binance's own wallet guidelines.

According to Binance’s proof of reserve (PoR) page, the exchanges' corporate holdings are recorded in separate accounts and do not form part of the proof-of-reserves calculations. Binance stated:

“When a user deposits one Bitcoin, Binance's reserves increase by at least one Bitcoin to ensure client funds are fully backed. It is important to note that this does not include Binance’s corporate holdings, which are kept on a completely separate ledger.”

According to Bloomberg, Binance has admitted that it stores B-tokens mixed with its own reserves by mistake and is doing its best to fix the issue soon.

Related: Token dump following Binance listing raises insider trading suspicions

“Binance is aware of this mistake and is in the process of transferring these assets to dedicated collateral wallets,” a spokesperson for Binance reportedly said. The representative also noted that Binance 8 is an exchange cold wallet, adding that collateral assets have been previously moved into this wallet in error.

Binance did not immediately respond to Cointelegraph’s request for comment.

As previously reported, Binance launched a PoR process in late November to gain more public trust amid the failure of the FTX crypto exchange. By early December, the exchange scored partnership with the accounting firm Mazars as its official PoR auditor.

Soon after confirming that Binance’s Bitcoin (BTC) were fully collateralized, Mazars removed Binance’s PoR audits from its website without providing any explanation.

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

FTX Debtors’ List of Assets Omits Mention of Large Stash of NFTs and ENS Names Owned by Alameda 

FTX Debtors’ List of Assets Omits Mention of Large Stash of NFTs and ENS Names Owned by Alameda This week, FTX debtors issued a press release and a 20-page document noting that bankruptcy administrators had located $5.5 billion in liquid assets. The document details that investigators discovered fiat currencies, crypto assets, and securities as part of FTX’s and Alameda Research’s cache. However, the disclosure to unsecured creditors does not mention the extremely large […]

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

1inch launches proprietary hardware wallet as self-custody trend grows

1inch Networks’ upcoming hardware wallet has no direct connection to the internet and doesn’t require any wired connection.

Decentralized exchange (DEX) aggregator 1inch Network is the latest cryptocurrency platform to move into the hardware wallet industry amid the rise of self-custody.

On Jan. 19, 1inch officially introduced the 1inch Hardware Wallet, a proprietary hardware wallet developed by an independent team working within the 1inch Network. 

In order to provide maximum security, the 1inch Hardware Wallet is “fully air-gapped,” meaning that it has no direct connection to the internet and does not require any wired connection.

“All data is exchanged using QR codes or, optionally, with NFC,” 1inch said, noting that the 1inch Hardware Wallet also doesn’t have any buttons.

The upcoming hardware wallet comes in the size of a bank card, featuring a 2.7-inch E-Ink grayscale touch display. The waterproof crypto wallet is equipped with a damage-resistant Gorilla Glass 6 surface and stainless-steel frame. The device supports wireless charging, with the Li-Po battery designed to last for roughly two weeks of use.

One of the specific features of the 1inch Hardware Wallet is that it replicates the design of the Apple product line. The wallet comes in five colors, including hex, graphite, sierra blue, silver and alpine green, matching the iPhone 13 lineup.

“There will be two limited editions in pink and gold with some design changes and corresponding NFTs,” a spokesperson for 1inch told Cointelegraph.

The 1inch Hardware Wallet’s projected designs at launch. Source: 1inch Network

1inch is not the only crypto firm promoting its hardware wallet in an attempt to benefit from Apple’s popularity. Last year, French hardware wallet provider Ledger announced a collaboration with Tony Fadell, the inventor of the iconic iPod Classic model, to develop its latest crypto wallet, Ledger Stax.

Related: How do crypto hardware wallet firms make money?

According to a spokesperson at 1inch, the firm started the development of the hardware wallet in early 2022 and expects to launch the product in Q4 2023. The firm also plans to proceed with development and security enhancements in the near future.

“Next month, we will be launching the contributor program, so everyone will have an opportunity to improve the device truly on their own,” a 1inch representative said, adding that documentation and source codes will be available on GitHub.

1inch’s entry into the hardware wallet industry comes amid the rise of self-custody amid the distrust of centralized crypto exchanges (CEX). Major hardware wallet providers like Ledger and Trezor recorded a significant surge in traffic and sales as crypto investors were triggered to offload their holdings from CEXs amid the FTX collapse in November 2022.

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

What are hierarchical deterministic (HD) crypto wallets?

A hierarchical deterministic wallet uses a single seed to create an infinite number of addresses, allowing users to recover funds using a master key.

Are HD wallets safe?

HD wallets are as secure as the medium (physical or digital) on which they are stored.

BIP-32 enables an HD wallet to produce a tree-like hierarchical structure of private keys from the seed. As a result, if a device is lost or destroyed, the seed backup can be used to restore the wallet along with all of the tree’s private keys.

Hierarchical deterministic wallets offer enhanced security and privacy compared to non-deterministic wallets. They are secure because a new address is issued for every new transaction. Therefore, hacking them is a challenging and intricate process. Additionally, an indefinite number of public addresses can be created for the purpose of collecting payments, ensuring users’ financial anonymity.

However, if either private keys or master keys are not safely stored, they can expose users’ funds to malicious actors. Therefore, the chosen seed phrases in HD wallets should be unrelated to users’ names or any other personal details that attackers will find simpler to compromise.

What are the benefits and drawbacks of using an HD wallet?

With hierarchical deterministic wallets, users’ privacy is improved because they can share their master public key with others without putting their money in jeopardy. Similarly, HD wallets are secure since funds are diversified over numerous addresses. However, there is a substantial chance of money being lost if the master key or private keys get revealed to the public.

Due to the hierarchical structure of deterministic wallets, every private key generated by the seed has the potential to be utilized as a master private key, which can then be used as a deterministic wallet to generate further keys.

Also, the changing addresses offer enhanced privacy, as one cannot find out the exact wallet balance from the public ledger. However, anyone who has access to the extended private keys can steal users’ funds, which is why they shouldn’t be shared with non-trusted parties.

Related: Private, public and consortium blockchains: The differences explained

Along with improved privacy, deterministic wallets offer great security, as access to a number of different private keys will be required to gain access to all of the users’ crypto assets because they have spread their funds across several addresses. Furthermore, the coins that are controlled by other private keys remain unaffected if one private key is compromised. However, if the seed is compromised, all funds may be stolen by hackers.

How does a hierarchical deterministic wallet work?

To increase security and privacy, an HD wallet creates a fresh key pair from a master key pair (consisting of an extended private key and an extended public key) for each cryptocurrency transaction.

With BIP-32, HD wallets become the de facto standard for Bitcoin. BIP-32 is the Bitcoin Improvement Proposal (BIP) that introduced the development of a wallet structure that resembled a hierarchical tree.

In an HD wallet like MetaMask, a single master key is derived from the wallet seed, which is then used to generate child keys, each of which is capable of generating its own children. A seed, often represented as a mnemonic phrase, is a piece of information that can be used to produce both the wallet’s public and private keys.

A master key pair consisting of an extended private key (XPRIV) and an extended public key (XPUB) is typically present in HD wallets for Bitcoin. Additionally, a child private key is created pseudorandomly from a master private key, and the matching child public keys can be generated by anybody who knows the master public key.

The XPRIV produces all of the child private keys, and the XPUB may display the balances of all the child public keys in the wallet. Moreover, the need for storing multiple key pairs is eliminated, as HD wallet addresses can be generated from the master key or seed.

The same tree of keys will be generated by the master key, allowing users to back up a single seed rather than hundreds of keys in the case of non-deterministic wallets. Furthermore, XPUB keys allow users to receive Bitcoin directly into a cold storage wallet and keep their private keys offline because they allow users to generate new addresses using online extended public keys.

A web retailer that creates new public keys for each sale is an inspiring use case for HD crypto wallets. Using a deterministic wallet, the merchant can quickly produce and save only the public keys on a risky internet server while keeping all of the related private keys secure in offline storage. Additionally, the retailer can use HD wallets’ hierarchical feature to keep only the public keys required to process consumer payments, which might improve the privacy of the user.

What are deterministic and non-deterministic wallets?

A hierarchical deterministic wallet generates public and private keys from a master key, allowing users to create a new wallet and retrieve all addresses and keys, given that they have access to the seed. On the contrary, non-deterministic wallets randomly generate wallet addresses and private keys, restricting users’ ability to recover addresses and keys if the wallet’s details are lost.

Typically, digital signatures and pairs of private and public signing keys are used in blockchain-based cryptocurrencies. That said, users spend their money by signing a transaction with the private key, and other users (recipients) can use the public key to confirm the signature’s validity. Private keys can be used to generate public keys, but not the other way around.

For instance, a user’s Bitcoin wallet comprises a set of private keys that enable the owner to spend any Bitcoin (BTC) linked to those keys. When the user needed them, Bitcoin wallets would randomly generate BTC addresses and private keys. Such types of digital wallets are called non-deterministic wallets (ND).

However, since the keys are not generated in any pattern, users must make a backup of each key whenever a new one is generated. That said, if the wallet’s details are lost, all of the addresses and keys would also be lost.

This type of Bitcoin wallet is also known as a “just-a-bunch-of-keys” (JBOK) wallet, as it produces unrelated keys and requires users to keep track of their transactions every time they buy and sell their cryptocurrencies. So, what are hierarchical deterministic (HD) wallets?

Hierarchical deterministic wallets took the place of JBOK wallets since users could back up HD wallets using a single seed and greatly benefit from extended keys. Therefore, a wallet that generates its public and private keys from a seed is referred to as a hierarchical deterministic wallet.

These wallets can be used for a variety of intriguing things, such as trustless auditing, online shopping and departmental funding distribution by the treasurer. For instance, an individual might disclose their master public key to external auditors, who could then use that key to view any future transactions made using BTC. In this case, the user’s funds are secure because the private keys linked to those funds are never revealed.

The summary of differences HD vs. non-HD wallets is listed in the table below:

Image_0

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

SEC of Thailand issues crypto custody provider rules

The Thai securities regulator now requires crypto custodians to have a contingency plan in case of unforeseen events.

The Securities and Exchange Commission (SEC) of Thailand is working to better protect cryptocurrency investors by introducing new rules for crypto custody services.

On Jan. 17, the Thai SEC issued regulations requiring virtual asset service providers (VASP) to establish a digital wallet management system to guarantee efficient custody. The new rules target crypto custodians or VASPs that provide crypto storage services.

The regulations include three major requirements, including the provision of policy and guidelines for overseeing the risk management of digital wallets and private keys. The rules require VASPs to communicate with regulators regarding such policies and provide action plans to ensure compliance.

Additionally, the SEC requested crypto custodians provide policies and procedures for designing, developing and managing digital wallets and keys. The authority will also require crypto custodians to establish a contingency plan in case of unforeseen events that may affect the wallet management system.

“This includes laying out and testing action procedures, designating responsible persons and reporting the event,” the SEC stated, adding:

“An audit of system security is also required as well as digital forensic investigation in case of any event affecting the security of systems related to digital asset custody, which could cause significant impacts on clients’ assets.”

According to the announcement, the new regulations have taken effect starting from Jan. 16, 2023. Crypto custodians are required to fully comply within six months from the effective date.

Related: Binance to let institutions store crypto with cold custody

The latest crypto regulations by Thailand’s SEC align with the authority’s plans to adopt more strict crypto regulations in the aftermath of industry failures like the FTX collapse. In early January, the authority reportedly started a new investigation against a local crypto exchange Zipmex, alleging that the firm has been providing digital asset fund management services without permission.

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

Metamask Launches Ethereum Staking Services via Lido and Rocketpool

Metamask Launches Ethereum Staking Services via Lido and RocketpoolOn Friday, the Web3 wallet firm Metamask, a subsidiary of the Ethereum-centric company Consensys, announced the beta launch of ethereum staking features will be made available via Lido’s or Rocketpool’s liquid staking services. Users who want to stake ethereum and earn staking rewards can select one of the staking providers within the Metamask Web3 wallet’s […]

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT

Multiparty computation could offer increased protection for crypto wallets

Multiparty computation can help users to protect their private keys and seed phrases when used in wallets.

Multiparty computation (MPC) is a type of cryptographic protocol that allows multiple parties to jointly compute a function over their inputs without revealing those inputs to each other. 

MPC can be useful when parties want to compute some function together but want to keep their inputs private from others. For example, a group of banks may want to determine the total amount of money in their joint account without revealing their account balances to each other.

In MPC, each party has a secret input that they keep to themselves. The process is done by carefully encrypting the inputs and performing the computation on the encrypted values so that the final result is the desired function, all while keeping the values secure.

MPC protocols typically involve multiple rounds of communication between parties exchanging encrypted messages and performing various computations on their own inputs.

MPC is a complex and technical topic, and there are many variations and approaches to implementing MPC protocols. Some key challenges in designing MPC protocols include ensuring that the protocol is secure against various attacks, such as malicious parties trying to learn other parties’ inputs, and ensuring that the protocol is efficient with regard to computational resources and communication costs.

What is a multiparty computation crypto wallet?

A multiparty computation crypto wallet is a crypto wallet that uses MPC technology to manage and store users’ assets securely. In an MPC crypto wallet, the private keys used to access and manage the users’ cryptocurrency are split into multiple parts, known as “shares,” which are distributed among the parties involved in the MPC protocol.

The key advantage of using MPC in a crypto wallet is that it allows the users to securely manage their cryptocurrency without any single party having access to the entire private key. This can help protect against various attacks, such as hackers attempting to steal users’ cryptocurrency by compromising a single party’s private key share.

Recent: Remote work could redefine the global workforce for good

MPC crypto wallets typically use a combination of cryptography and secure communication protocols to enable different parties to jointly manage users’ cryptocurrency. The process can involve complex calculations and communication between the parties, but the result is a secure and efficient way to manage users’ cryptocurrency assets.

Crypto wallets like ZenGo use multiparty computation to improve wallet security, and Coinbase has the feature enabled for their noncustodial wallet. As a result, MPC crypto wallets can provide increased security and protection against certain attacks. Still, they also require more computational resources than other crypto wallets.

Benefits and drawbacks of multiparty computation crypto wallets

The main advantage of an MPC crypto wallet is that it can provide increased security for users’ cryptocurrency assets by splitting the private keys used to access and manage the cryptocurrency into multiple parts and distributing those parts among different parties. 

Tal Be’ery, co-founder and chief technology officer at crypto wallet ZenGo, told Cointelegraph, “MPC solves cryptocurrency’s most pressing problem: The single point of failure (SPOF) of the private key. This SPOF is the main reason users lose their funds: Whether by misplacing their private key, having their private key stolen, or accidentally sharing their seed phrase through a phishing scam.” He continued:

“With MPC, the indivisible private key is replaced by multiple distributed secrets often called ‘shares,’ such that a quorum of these shares can distributively sign a message — without creating a private key.”

Be’ery mentioned how separating the pieces of the private key and storing them in different locations makes it more difficult for malicious actors to compromise a user’s wallet.

“If each of these shares is held in an orthogonal place (e.g., mobile device and a server), then it makes it orders of magnitude more complicated for hackers to steal, as the attacker would need to steal from multiple independent places in different ways,” Be’ery said.

“This type of architecture also solves the dilemma discussed above: Creating copies of shares as a backup against loss is much easier, as no one share represents the ‘the and only’ private key,” he added.

Parth Choudhary, founder and CEO of Glip — a Web3 gaming and wallet application — also told Cointelegraph, “MPC could make it so that a wallet provider can’t get to a user’s money or control it. It may also make it harder for hackers and other bad people to steal private keys.”

MPC cryptocurrency wallets have some advantages over traditional wallets. MPC wallets are more reliable since they can ensure that a user’s assets are still accessible, even if one or more parties become unavailable or unresponsive. Privacy is also improved because the private keys are split into multiple shares and distributed among different parties.

By preventing any single party from discovering the user’s complete private key, the user has a reduced chance of losing their funds. Security is also improved since the computations are carried out on encrypted outputs, preventing malicious parties from learning sensitive information.

However, there are also some potential disadvantages to using an MPC crypto wallet. One of these disadvantages is the complexity associated with MPC protocols, especially for non-experts in cryptography. So, an MPC wallet can be more challenging to set up for the average person.

Recent: Crypto layoffs mount as exchanges continue to be ravaged by the prevailing bear market

Additionally, due to the computational resources needed by MPC protocols, they may be slower to operate. In this regard, an MPC wallet may be less efficient than other crypto wallets. Finally, not all cryptocurrency assets can be managed using an MPC crypto wallet, and some assets may be difficult or impractical to manage using MPC.

Wallet security has always been important for anybody who uses cryptocurrency, and the need for self-custody has become all the more apparent with the collapse of several high profile cryptocurrency firms and the loss of millions in user funds.

The decision to use an MPC crypto wallet will depend on the specific needs and requirements of the user. For example, it may be useful for users who prioritize security and privacy, but some people may prefer a more simple solution.

MEXC Raises the Bar: Supercar Giveaway Boosted to 12,000,000 USDT