CoinW Spotlight: The Cryptocurrency market is facing security threats. How do cryptocurrency exchanges ensure the security of user funds?

This year is undoubtedly a bear market year for the crypto market. Many retail investors and project developers have suffered heavy losses due to the drop in currency prices. Under this premise, how can users effectively evaluate the credibility of projects, ensure the safety of their own assets, and improve investment resistance to risks? In this regard, CoinW, the world’s leading cryptocurrency trading platform, invited four guests, Xu Haoran, security engineer of CertiK, OM of TokenPocket Sam, Hua Ge of Huahua Research Institute, and Frank, an analyst of CoinW Research Institute, to be guests on the live broadcast column of CoinW Spotlight on December 17th. Discussions were carried out around topics such as current market security risks and user trust crisis.

At the spotlight event, it was mentioned that hacker attacks, leaks of private keys and misappropriation of user funds are the main reasons for the loss of user assets.

With the overall development of the blockchain industry, there are more and more events that lead to the loss of investors’ assets, and the amount is also increasing. In this regard, Frank, an analyst at CoinW Research Institute, pointed out that, on the whole, investors’ asset losses affecting DeFi wallets and exchanges, mainly arise from three reasons which include; hacking, compromise of private keys, and misappropriation of user funds.

Hua Ge of Huahua Research Institute agrees with Frank’s idea, and he emphasized that not misappropriating user assets privately and having a 100% reserve certificate is the key to testing the resilience of each exchange in the future. As for the project side, Hua Ge believes that the sound operation of smart contract rules and whether the incentive mechanism and economic model are perfect are the necessary conditions to ensure the healthy and long-term development of a project.

Xu Haoran, a security engineer from the security audit company CertiK, summarized the security issues that lead to the loss of investors’ assets from a professional perspective, including private key leakage, contract logic loopholes/financial model design loopholes, contract security loopholes, Rug Pull fraud projects, and traditional WEB2 hackers attack. Property losses due to security incidents and hacks have reached $2.8 billion so far this year.

Security audits can also protect user assets!

Regarding how to protect users’ assets and truly bring users a sense of security, both SAM and Hua Ge mentioned security audits, because security audits can greatly reduce the risk of being attacked by hackers and reduce the occurrence of loopholes at the contract code level. Xu Haoran summarized the three major advantages of security auditing. First of all, auditing can help users and project developers discover malicious code, security loopholes, and logic loopholes hidden in contracts and financial models of DeFi projects. Secondly, it can help with gas optimization, check contract deployment and configuration. The final audit can help the project party gain the trust of the community.

Regarding the asset management security of retail traders, Frank suggested that the security of centralized exchanges is higher than that of decentralized wallets, and its use threshold is also lower. Therefore, when the overall amount of funds is not large, it is still recommended to place assets in centralized exchanges as much as possible. When choosing a centralized exchange, investors should try to choose an exchange that has been established for a long time been in operation and has a wider reputation.

Regarding how the centralized platform ensures the security of users’ assets, Hua Ge said that the platform tries to store users’ assets in multiple hot wallets and cold wallets, and at the same time recommends disclosing its own reserve funds to avoid panic runs. Frank suggested that individual investors should be more cautious. First of all, they should maintain close attention and vigilance to the industry. Secondly, users need to strengthen their awareness of risk prevention, and fully consider and measure the use and storage of their own funds. Finally, when a risk is about to occur or has already occurred, don’t take chances, and try to transfer funds to a safe place as much as possible.

Last but not least, regarding the topic: ‘Whether Security of decentralized exchanges surpasses that of centralized exchanges’, Xu Haoran pointed out that DEX and CEX have their own strengths and cannot replace each other at present. CEX is relatively more suitable for large-value transactions or certain complex transaction situations. The recent thunderstorms have pushed major exchanges to increase the transparency of user assets, and financial law enforcement agencies have also strengthened supervision to enhance the security of user assets. DEX might be more suitable for flexible and niche token trading cases. The iteration of AMM technology has also solved some of the problems, but there are still problems to surpass the current CEX exchange framework, in terms of user experience.

About CoinW Spotlight

CoinW Spotlight is an crypto live interview column of CoinW Exchange, focusing on the cutting-edge developments of the global blockchain industry, and working with world-class crypto projects, industry leaders, and technical experts to explore Defi, public chain, NFT, GameFi and other hot topics. CoinW Spotlight sincerely invites high-quality projects, community leaders, and industry leader and peers, influencers to join CoinW Spotlight to share their insights and experience in the crypto space.