Deposit protection is a problem that exchanges, regulators and depositors must face.
The article was first published in bankless, an English paid e-magazine focusing on open finance. Bankless and chain news jointly released the Chinese version of the article. Bankless’s subscription address is bankless substack. com
In the past 18 months, some functions originally provided by traditional banks have taken root in the encryption industry. When these functions are combined with trust minimization, they are called decentralized Finance (defi), most of which occur in Ethereum, with some exceptions.
Many articles have introduced the key points and potential of defi in detail before, so I won’t repeat it. I want to talk about an unexplored topic: can trust be minimized in deposit taking institutions or encrypted banks. (I fully understand that in a book called bankless!) It sounds ironic to talk about banks in our newsletters!)
Let’s quickly review the services provided by commercial banks. The following table is arranged from high to low importance:
·Accept personal deposits (usually banks do not maintain full reserves, only a relatively small part, and issue loans based on reserves). In many jurisdictions, these deposits are protected by the government, but only to a certain amount;
·Pay interest on these deposits according to the type of account;
·As a source of credit, it serves consumers who need credit cards, small business loans, overdrafts and mortgages;
·As a transaction interface and agent, it serves users who want to send wire transfer, receive checks and pay bills;
·Issuing debit and credit cards;
·Allow consumers to exchange electronic deposits for cash, either through branches or through ATMs. This service is actually a subsidy (or loss trading) because it is usually (but not always) free to account holders;
·Provide physical storage for various items, such as valuables (even your private key!).
These services are not all provided by cryptocurrency exchanges, but I often call them “banks” because they do cover the use case of deposit taking and are involving more and more other functions.
I will not repeat an article written by Hasu here. He talked about the various services provided by the exchange (“cryptobank”), which is a good summary of the development direction of the industry. My concern is: if encryption banks are established and users will continue to seek the services of such institutions, is it possible to minimize the required trust? Are cryptocurrency deposits more susceptible to this trust minimization than legal currency deposits?
Why do users choose encrypted bank?
In my opinion, the main focus of the encryption industry at present and in the future is how to enable users to obtain and trade various financial assets under a series of trust models.
The birth of bitcoin gave birth to a new ownership model: the strong ownership of a portable digital commodity. For each transaction on the chain, the settlement is (probabilistic) final. This means that the transaction will not be affected by the conventional problems related to digital transmission, which previously came from the delay between payment and final settlement. However, bitcoin and all subsequent cryptocurrencies introduced a new problem: requiring users to host their own assets.
It is quite difficult for many people to store information carefully, so the custodian of cryptocurrency came into being. Since people mainly obtain cryptocurrency on exchanges, many people choose these exchanges as custodians. Over time, the industry has developed full reserve banks, commonly known as exchanges (although there are also some specialized custodians that are not exchanges). These crypto banks have controlled a large part of the mainstream crypto money supply, and the proportion is still rising. With the rise of betting, lending and interest tools, many users choose to test these new products through centralized custody institutions.
Thanks to address tagging and a little detective work, we can estimate the distribution of bitcoin supply between managed and unmanaged. My calculation also includes those long-term inactive supplies, and many early coins have mostly been lost.
The lost BTC estimated by coin metrics and the managed BTC data source are shown below. The data initially appeared in macro WTF, correction here
As shown in the figure above, the number of bitcoin hosted (dark blue part in the figure) has risen rapidly, accounting for at least 20% of the total supply that has been excavated. If bitcoin that is assumed to have been lost is excluded, this proportion will be higher.
In the figure below, I have roughly broken down the shares held by each custodian institution (exchange) (please note that some of them are rough estimates):
Data sources: coin metrics, grayscale, XBT suppliers, meltem demirors / coinshares, Japan Virtual Currency Exchange Association
Admittedly, the historical estimate above contains some inferences, because I don’t have high-quality data of exchanges like Mt. GOx, or historical data of coinbase, xapo and other exchanges. Japan’s exchanges are particularly good. They have achieved self-regulation and truly disclosed their currency holdings.
I admit that this is only a lower bound estimate of bitcoin hosted, and many smaller exchanges are not included. But I believe this is the general situation. The trend is quite striking: the growth rate of hosted bitcoin is much faster than the supply rate of bitcoin. Who knows how much share the managed part will eventually reach?
With the help of the data obtained by coin metrics, I can make a similar analysis of Ethereum.
The “insert from Genesis” part refers to the ETH allocated in the crowdfunding stage and never left the genesis block for any reason. The proportion of this part in the supply is surprisingly large. You can also see that although the scale of defi is still relatively small, it is beginning to occupy a larger and larger share. In addition, we can also see the ETH hosted in the exchange, although this estimation is only a lower bound.
The following is a breakdown by exchange:
Once again, we would like to thank the Japan stock exchange SRO for providing information disclosure, which brings great convenience. In addition, all balances are found through on chain estimation.
Different from the above chart of the proportion of bitcoin exchanges, I have more confidence in the whole history of eth, thanks to the chain method (although I still have to rely on the public disclosure of GBTC and other public information related to bitcoin). Of course, there are many smaller exchanges that are not included, so we only looked at some samples. We also missed coinbase’s data (it deliberately hid its balance). I think coinbase has millions of eth deposits. (chain news note: GBTC, namely grayscale bitcoin trust, is the closest investment tool to bitcoin ETF, enabling investors to invest in bitcoin without worrying about storage or custody.)
20-25% of the total supply of bitcoin and Ethereum is held in custody, which may inspire or frustrate you, depending on your perspective. In a random survey, most of the people I asked predicted that a large part of the total supply of the two blockchains was hosted. In my opinion, whether bitcoin or Ethereum, the demand for custody exposure is stable and growing. Once this ratio approaches a certain threshold, will it hurt both systems? This is an interesting question, but it is beyond the scope of this article.
What is the difference between traditional banks and exchanges with similar appearance? Let’s briefly review the essence of commercial banks.
Commercial banking today
Commercial banks are an interesting institution. For political reasons, they are not allowed to fail completely. Society trusts banks to hold household and personal deposits. Even if banks engage in inherently risky behavior (issuing loans), the consequences of complete bank failure are unacceptable to society (everyone’s deposits are gone). Therefore, the government has actually ensured the safety of deposits.
In the United States, the Federal Deposit Insurance Corporation (FDIC) guarantees that if one of its member banks fails, each depositor can still claim his own deposit, but the maximum is $250000. In the past, banks were allowed to fail, and users got nothing from their deposits. But bank failures are often contagious: depositors panic immediately and rush to withdraw their assets. This has happened in the United States, which is why the Federal Deposit Insurance Corporation was established in 1933, and commercial banks have been subject to federal supervision since then.
Therefore, in commercial banks today, you have both unprotected stakeholders (bank shareholders and creditors) and clearly protected stakeholders (depositors). If banks fail, investors will be swept out, but depositors will be protected (within a certain amount).
In the field of encryption, this established model has not been completely copied. Globally, exchanges are not regulated as banks or deposit taking institutions; In fact, in the United States, no new bank licenses have been issued recently. And most exchanges do not want to be regulated as banks. Many people just choose to patch: apply for a currency transfer license state by state, register as a New York limited purpose trust company in some cases, or seek a New York bit license. Many non US exchanges are not even regulated at all. The consequence of this is that once there is a problem, it is difficult for depositors of the exchange to know exactly their situation. The creditors of GOx and quadriga have learned a good lesson in this regard.
It is generally believed in the industry that if you don’t own the private key, you don’t have your own currency. I support this view, and I think cryptocurrency can work best when users are the only owner of their currency. If everything ends in custody, the custodian can claim control of all transactions and put the whole system into licensing mode again, which will weaken our cherished anti censorship ability.
However, I also recognize the fact that some people always tend to store their cryptocurrency in a third party. Keeping the private key is technically troublesome and will expose the holder to the risk of extortion or theft. Although I don’t approve of depositing cryptocurrency into a custody institution, I admit that this is a very popular way, especially when the exchange introduces various pledge incentives, debit card functions, interest payment and other ancillary services.
Is encrypted deposit guaranteed in all transactions? If so, how to guarantee it?
The encryption industry has a view: if an organization cannot be “mechanized”, it is hopeless and can not provide protection to users. But I think it may be more worthwhile to take a middle ground. Is it possible to reduce depositors’ trust in encryption banks? A key area is deposit guarantee. Since exchanges play the role of custodian and in some cases even extend to other banking services, but they are not regulated as banks, how should users’ deposits be disposed of in the case of bankruptcy or insolvency?
Obviously, the treatment of depositors will vary according to the laws of the regulatory region where each institution is located. Let’s start with a partially or fully regulated crypto exchange. I am not an expert in this field, so I consulted some people who have direct first-hand experience in the compliance department of storage encryption institutions.
In the United States, there is no uniform federal standard for the regulation of exchanges. Most exchanges must be registered as money services (MSB) under FinCEN. What the exchange is required to do is to formulate an “anti money laundering” plan, report large cash transactions, report suspicious activities, and try to comply with the Bank Secrecy Act. In fact, the MSB license does not cover the behavior of the exchange in absorbing deposits.
Exchanges also tend to register as money transmitters state by state. The requirements vary from state to state, but it is usually necessary to prove to the state auditor that you have sufficient reserves to be considered solvent. After consultation, it seems that the consensus is that state regulators are not particularly good at cryptocurrency (except in some states), so the MTL licensing system does not form a particularly strong constraint on the misconduct of exchanges.
A stronger regulatory framework is the New York limited purpose trust license, which some exchanges and intermediaries, such as Gemini, Paxos and itbit, have chosen to obtain. The trust license does not require these entities to be insured by the Federal Deposit Insurance Corporation (FDIC), but it allows these institutions to hold dollar deposits in the name of their customers at the banks insured by the FDIC. This means that deposits paid in exchange for stable currencies such as Paxos, Gemini dollar and binance dollar (managed by Paxos) are insured by FDIC.
There’s another question I don’t know the answer to. Suppose a crypto exchange is attacked by hackers and becomes insolvent in the end, or there is only a small part of all BTCs and eth of depositors. Before the hacking, suppose the exchange issued a large amount of bonds. In the normal capital structure, creditors are considered to have “priority” – that is, they get the first claim on the company’s assets in liquidation, and then it is the turn of other stakeholders. What happens in bankruptcy proceedings? Will creditors get paid first and depositors have nothing?
Despite this extreme situation, to some extent, you should believe that regulators prefer exchanges to keep full reserves, especially when exchanges are subject to more complex state systems or obtain new york trust licenses. In this survey, I found it very difficult to obtain the following information: which exchanges conducted what kind of audit for whom; Whether the exchange has structural restrictions and cannot mix customer funds with working capital; And the location of the depositor in the liquidation process. Regulated exchanges can actually do more in these cutting-edge areas to protect users on these issues.
For unregulated exchanges, the protection is even weaker. When insurance companies or investors request an audit, unregulated exchanges are not under pressure by definition to prove their solvency to third parties or to separate deposits from working capital. In fact, over the years, we have seen a lot of disorderly behavior in such exchanges. It is against this background that I believe the proofs of reserve is particularly important. This is not a perfect solution, but in the absence of regulators to oversee the exchange, it is a second best option to prove to depositors that their deposits have been fully reserved. More importantly, the process of regularly proving the status of reserves will constitute good housekeeping and can alert depositors earlier before the problem becomes fatal.
In conducting this survey, I was surprised to find that I know very little about how crypto exchanges view reserves. This is not my personal concern, because I never use a third-party agency to host my cryptocurrency. However, this is the concern of the industry, and I rarely see relevant discussions. I asked several professionals what regulation in the United States covers the reserve or audit requirements for encrypted exchanges and whether depositors have priority in liquidation. As a result, I became more and more confused.
We have had a lot of discussions on trust minimization. The background of the topic is the protocol of cryptocurrency. But in the context of deposit taking institutions, what does the minimization of trust mean? The existence of bank supervision is to ensure the account security of ordinary legal currency depositors. However, since there are no federal standards, most exchanges do not seek to be regulated like banks (in fact, those exchanges that take the regulatory path are actually seeking looser regulation). In many cases, we only get an implicit commitment that user deposits are treated separately and full reserves are retained.
However, the exchange can not fully control all this, especially when it comes to cryptocurrency. In some cases, some events in the chain will affect the quality of reserves in some way. In 2017, coinbase mismanaged the utxo set, which means that they have many “Shelved” utxos. If these utxos are to be spent, the cost will exceed their value. Does this mean they are technically insolvent? There are also some loopholes or hard forks that change the registration relationship of the property in some way. What happens if a mainstream exchange is pledging a token and is punished and the coin is confiscated?
These are the problems that exchanges, regulators and depositors must face. After I wrote this article and talked to practitioners who studied these issues more deeply, I was shocked by a strange paradox inherent in the field of encryption: when considering open protocols, we (correctly) put trust minimization in the first place, and once the assets become custody, we ignore this problem and assume that the risk of funds is quite high (and it is first attributed to users that they should not trust the exchange).
Of course, exchanges are different, and they follow a variety of safety and regulatory practices. There must be gray areas, and there will be ways to minimize our trust requirements for encrypted banks. Of course, it is much more troublesome (and less reliable) for an exchange like Kraken to provide a reserve certificate than simply checking maker’s CDP (mortgage bond position) on the chain, but I think we should still try to make the exchange responsible and better understand the situation of depositors. In an industry full of contradictions, this is undoubtedly the most enlightening.
Responsible editor; zl