In view of the recent Steem takeover fiasco, how do some of the most popular exchanges handle user deposits?
Crypto exchanges have become the most powerful stakeholders in the crypto ecosystem. Currently, just 12 crypto exchanges hold around 2.5 million Bitcoin (BTC) in their wallets, worth around $15 billion. That’s 13.8% of all Bitcoin mined to date — or, 16%–17% of all Bitcoin in circulation, considering lost Bitcoin (as of March 19).
Exchanges are also some of the largest holders of altcoins, which recently led to a controversy when some of the biggest crypto exchanges used large stockpiles of Steem tokens to take over Steemit.
Just like Steem, Tron’s consensus is also delegated proof-of-stake, and its biggest representative is Binance, which holds over 54% of the votes. So, when Changpeng Zhao (aka CZ) made a friendly reminder to Justin Sun that “transparency works,” he had a bit of leverage — albeit not his own, as those tokens were likely customer deposits.
Exchanges as crypto oligarchs
How did exchanges become so rich and powerful? After all, an exchange is just a platform that facilitates trading, not a bank or an investment fund. Even the platforms themselves state: “Binance provides an online digital asset trading platform,” Huobi “is a platform dedicated to the transaction of digital assets,” while “Kraken provides you with a simple and convenient way to trade […] digital assets,” etc.
In an ideal decentralized world, there would be no centralized exchanges. Unfortunately, decentralized exchanges are not capable of providing their users with the same kind of convenience and scale. This technological frailty gave rise to the gigantic centralized exchanges of today, which have become the biggest digital asset custodians in the world.
Unsurprisingly, their size makes them an irresistible target for hackers and prone to various mishaps, costing their clients billions of dollars and tremendous grief. As Oren Katz, the vice president of engineering at Starkware — a company whose goal is to bring on-chain transactions to exchanges and release them of the burdensome custodial duties — put it:
“We have spoken with all the major crypto exchanges, some get very excited about our solution, some don’t. For some, it’s a bug, for others, it’s a feature. They say ‘people trust us, we have a good reputation.’”
Not only is custody of customer deposits a feature, but it can serve as a source of additional revenue when exchanges engage in hypothecation — a practice that occurs when an institution uses deposits or collateral for financial gains. Exchanges can lend their deposits and earn interest, they can stake them to earn rewards, or even use their customers’ assets to influence elections in various DPoS schemes that could potentially benefit them as well.
Terms of use
Before discussing the issue of whether exchanges should be allowed to use their customers’ deposits for their own gain, let’s look into something that most users never bother reading: the “terms of use” or “user agreements” of some of the most popular exchanges. And since most of the exchanges’ agreements don’t spell out their policy toward user deposits, Cointelegraph has reached out to all the exchanges discussed in this article.
Binance
Binance’s terms of use don’t seem to shed much light on the issue of using customer deposits. There is a passage that states, “Binance maintains full custody of the funds.” However, this refers only to “remaining funds after account termination due to fraud, violation of law, or violation of these terms.”
In addition to not being fully transparent about its handling of user deposits, Binance refuses to disclose its legal status. When a Maltese regulator declared that Binance doesn’t possess “an official license by MFSA,” Changpeng Zhao went to Twitter to say:
“Binance.com has always operated in a decentralized manner as we reach out to our users across more than 180 nations worldwide. As well as pushing the envelope in experimenting how to become a true DAO (decentralized autonomous organization).”
Binance has not responded to an inquiry for comment.
Coinbase
Of all the exchanges that were examined, Coinbase has one of the most explicit and progressive policies:
“Coinbase will not sell, transfer, loan, hypothecate, or otherwise alienate Digital Currency in your Digital Currency Wallet unless instructed by you.”
Also, the policy states that unless otherwise specified, Coinbase doesn’t support any digital assets that have “staking, protocol governance” functionality.
Coinbase did not respond to our inquiry.
OKEx ‒ Grade A
OKEx’s terms of service explicitly prohibit hypothecation — adding that Aux Cayes FinTech Co. Ltd, a Seychelles legal entity that operates OKEx, will not use funds without user authorization:
“Digital Assets deposited or acquired by You through the Aux Cayes order matching platform or the C2C platform will be held by Aux Cayes in the digital wallet maintained by Aux Cayes on your behalf. […] Aux Cayes will not use your VFAs as security or in any way make use of your VFAs, other than as lawfully directed by you and with your prior authorisation. VFAs held by Aux Cayes on your behalf may be pooled with those of other Users.”
In a statement released to Cointelegraph, an OKEx spokesperson reiterated that the exchange doesn’t engage in hypothecation:
“OKEx assures clients would have full control in respect to their asset custody in OKEx. We support a proper industry standard on segregation between client money and house fund.”
Huobi
Huobi’s global user agreement doesn’t explicitly mention its handling of the user deposits. The only somewhat relevant information that is available states:
“This Website only provides online transaction platform services for you to engage in digital asset trading activities through this Website (including but not limited to the digital asset transactions etc.). This Website does not participate in the transaction of digital assets as a buyer or seller.”
Huobi hasn’t replied to an inquiry from Cointelegraph.
Bitfinex
Bitfinex is yet another exchange that doesn’t include its handling of users’ deposits in its terms of service. However, it admits that “from time to time” it may “act as principal, counterparty, or market-maker in the transactions” and yet “its orders, trades and other transactions will be treated the same.”
Its security policy page states that most of the funds are stored offline in cold wallets and “only approximately 0.5% of crypto assets are accessible in hot wallets for day-to-day platform operations.”
Bitfinex hasn’t responded to Cointelegraph’s request for inquiry.
BitMEX
BitMEX is another major exchange whose terms of use don’t specify how it treats customer deposits. However, it warns its users of the inherent dangers of trading on the exchange:
“You acknowledge and agree that the Services should only be used by you if you:
i) have knowledge and experience in highly volatile markets;
ii) are trading with Bitcoin you can afford to lose; and
iii) have a high risk tolerance.”
It also asks users to acknowledge that “any Bitcoin withdrawal address you provide is your own and that you have full control over this address.”
BitMEX declined to respond to a request for comment, citing the coronavirus threat.
Kraken
Kraken’s terms of service don’t discuss its handling of user deposits. However, there is a proof of reserves page where the exchange declares that it “holds full reserves” and employs ”an independent, cryptographically-verified audit in order to prove to third parties.”
Furthermore, Steve Christie, the head of compliance at Kraken, provided Cointelegraph with comprehensive answers regarding their policy on the hypothecation of customer deposits:
“Currently, Kraken Cryptocurrency Exchange does not hypothecate customer assets. However, we do look into ways for customers to achieve yield on their assets and continually explore options in this area. For this, transparency is our top priority. We always work with our clients to provide information on how their assets are to be used.”
Talking about whether Kraken would support an industry-wide regulation that would control reserve requirements and hypothecation, Christie said:
“We don’t typically advocate for industry-wide regulations. Instead we believe open and transparent markets, which allow for the development of innovative products and services. For example, DeFi is a rapidly evolving industry segment that needs space to innovate and ‘experiment,’ so premature regulations on this area could derail development of a potentially industry-altering solution.”
Bithumb
Bithumb’s terms of service do not offer much in determining its policy toward user deposits.
Cointelegraph has not received a response from Bithumb.
Binanace.US
The terms of use for Binance.US don’t specify how the exchange handles user deposits. However, it mentions that it charges a 20% commission on staking.
Interestingly, the platform acknowledges that a counterparty to a trade could be a market maker affiliated or related corporations of BAM, while most exchanges state that they are never a party to a trade. Binance.US hasn’t responded to an inquiry from Cointelegraph on the matter.
BigONE
Although BigONE’s user agreement doesn’t mention the treatment of customer deposits, the “About” page clearly states that the exchange safeguards all the deposits:
“BigONE keeps users’ assets in reserves, and will not deploy the assets by no means. The mechanism provided by BigONE allows users to track the status of the assets at any time.”
In addition, Cointelegraph received a response from Randolf Zhao, the vice president of operations at BigONE Exchange. Zhao confirmed that the exchange doesn’t practice hypothecation: “At BigONE, we do not hypothecate customer deposit funds under any circumstances.”
On the issue of industry-wide regulation, Zhao noted that regulation is “a double-edged sword.” Although it can be useful, the cost of implementation eventually will be transferred to the users.
Zhao believes that self-regulation is the optimal approach. Furthermore, he pointed out that if regulation were beneficial for the growth and development of crypto exchanges, one would expect to see United States-based exchanges dominating, which is not the case:
“If we take a look at where the biggest and most successful crypto exchanges are registered these days, you have to wonder why American crypto exchanges are not as dominant as its Internet sector.”
CEX.IO
The terms of use of the London-based exchange CEX.IO do not elucidate the points of the inquiry; however, Alona Dobshynska, the chief product officer at CEX, provided a reply upon request from Cointelegraph.
Dobshynska segregates hypothecation into three categories — first, lending and investing of customer deposits; then, staking of customer stake-able coins; and finally, “participating with customer’s coins in governance.” Responding to the first subcategory of hypothecation, she draws comparisons to the traditional financial institutions like banks and concludes by stating:
“A crypto exchange is no different from a financial institution. Using the deposits for certain lending / investing activities is in line with maintaining the velocity of digital assets in the market. But the rules about how these funds can be deployed also apply. It means not all, but only low risk and high liquidity, opportunities qualify. For regulated exchanges, such as CEX.IO, and especially in the U.S., the rules for lending/investing are quite shaped, and the perimeter of what’s permissible is clear.”
Dobshynska explained that the exchange has introduced staking for its clients that preserves their sovereignty: “The holders remain in full control of their coins — they can pull them out of CEX.IO or trade them any moment.”
Dobrynska believes that governance is the most ambiguous area. In traditional finance, brokers are allowed to exercise a vote on the behalf of their customers on a narrow array of issues, but “they have to obtain an instruction from a shareholder on how to vote” on the issue of substance, and she generally agrees with this rule. Noting the latest Steemit controversy, Dobshynska observed:
“If we look broadly at some of our colleagues, in light of the recent STEEM situation, absent explicit regulation in our industry, those exchanges made the decisions based on what kind of actors they wanted to be. For clients it is a matter of figuring out whether such a decision aligns with their values or not.”
Unalienable right to vote
It is understandable that a young, rapidly developing industry that doesn’t yet have universal standards and that various exchanges may choose to take divergent approaches to the way user deposits should be handled. Yet, a user arguably has the right to know how an exchange treats their deposits. And the argument that stands is that decentralization doesn’t work without transparency, just like taxation doesn’t work without representation.
With most of the issues discussed here, analogies with the traditional world can be outlined — and governance is no exception. There is no denying that the Steemit affair was botched by some of the leading exchanges in the industry. Many in the community, including Vitalik Buterin, reacted very harshly to what they perceived as a hostile takeover of a decentralized project by centralized exchanges.
Perhaps this latest fiasco will be a turning point for the industry on the issue of delegated proof-of-stake governance just like the DAO fork was for the immutability of the proof-of-work blockchain.