Empire Newsletter: What CertiK-Kraken says about crypto exchange security

Plus, airdrops have a branding problem

by Katherine Ross&David Canellis /
article-image

rafapress/Shutterstock modified by Blockworks

share

Today, enjoy the Empire newsletter on Blockworks.co. Tomorrow, get the news delivered directly to your inbox. Subscribe to the Empire newsletter.

Tom vs. Jerry

I had more questions than answers (ah, the life of a journalist) about the Kraken and CertiK situation.

While Kraken says the funds have been returned, I picked up the phone and called someone with a vast security background.

Enter Charles Guillemet, Ledger’s chief technology officer, who had some thoughts on the whole incident and white-hat hackers in general.

Yesterday, I highlighted some takes around the use of Tornado Cash by the US-based CertiK, but that’s not the only thing that caught Guillemet’s eye. He says the withdrawal of XMR — privacy coin Monero in case you’ve skipped some of David’s previous segments — is suspicious because, well, it’s a privacy coin.

Add ChangeNow, a self-styled non-custodial exchange, into the mix. In Guillemet’s experience, ChangeNow is generally one of the top picks for attackers who are trying to hide crypto. It’s often used by bad actors because it doesn’t require proper know-your-customer checks before facilitating swaps from one token to another.

It was also weird that there were video calls between CertiK and Kraken. And don’t even get him started on the millions withdrawn (he maintains you can exploit as little as $5 to prove the bug and then report it for a bounty). 

However, the five-day time period in which the researchers were testing the exploit isn’t that strange. 

Guillemet, who started off in the broader cybersecurity world before catching the crypto bug in 2017, said the “behavior that we see in blockchain and crypto when it comes to white hat [hacking] is really weird from my standpoint.”

“Sometimes you have a white hat, supposedly, who finds a vulnerability on some smart contract. It completely drains the smart contract and then gives back like 90%, choosing its reward [of] 10%. This kind of behavior, for me, is extortion. It seems to be okay. It seems to be white hat behavior,” Guillemet said.

“But I completely disagree with this. When you do security research, you don’t choose your reward. You don’t do extortion. What you do is report the vulnerability and hope for a reward […] This is how white hat should operate. And in crypto, it’s not always the case, and it’s a bit disturbing for me, and it’s also disturbing for other security guys in the field,” he continued.

With the matter more-or-less resolved, we may never get satisfying answers to the many unanswered questions about what exactly happened. CertiK said it wasn’t trying to exploit or “extort” funds from the exchange, unlike claims made by Kraken’s CSO Nick Percoco.

Let’s look at the bigger picture here. In this case, Kraken has assured that user funds were safe the entire time, and the millions that were briefly missing were taken from its treasury.

But does this mean users should be keeping their crypto on exchanges?

The simple answer from Guillemet is no. 

“As a user, you shouldn’t use an exchange to store your crypto. If you need to store your crypto, you need a wallet and you need to self-custody,” he said. It may seem obvious coming from Guillemet, a CTO of a wallet company, but his point is that exchanges aren’t made to store your crypto. 

(So if you told your family about crypto at the dinner table a few years ago and they bought into it, maybe just double-check that they have it stored away safe and sound.)

The simplest way to improve the space is obviously investing in security, but the more difficult path forward is for security teams to stay humble, Guillemet said. 

“Attackers will get better and better and we as an ecosystem must be humble and always raise the bar for security because this is a cat-and-mouse game and the stakes are getting higher.”

— Katherine Ross

Data Center

  • BTC is at monthly lows, down nearly 4% to $63,680.
  • ETH dominance jumped 17.88% to 18.77% in the past week as altcoins drained.
  • Base memecoin BRETT has flipped Solana dog coin BONK, worth $1.4 billion to $1.34 billion.
  • CEXs have liquidated margin traders for $133.44 million in the past day, 75% of them were long positions.
  • Arbitrum and Blast are neck-and-neck for weekly derivatives volume, $11.99 billion to $11.34 billion. Hyperliquid follows with $7.6 billion. 

Don’t call it an airdrop

Airdrops have a branding problem.

LayerZero really wants you to know its token launch is not an airdrop. Its new token, ZRO, is a reward for donating $0.10 in crypto toward Ethereum layer-1 development. The LayerZero foundation says it will match all contributions up to $10 million.

The team’s intentions may have been in the right place, but the market doesn’t seem to care for it. The not-airdropped ZRO has taken a beating, down 30% since yesterday’s launch.

“Airdrops” were intended to help distribute token supplies equitably while inspiring a community to build around the protocol. 

But, as LayerZero explained in its blog post, airdrop farming and automated Sybil campaigns are now so efficient at collecting free tokens that too much supply goes to parties with little interest in the long-term success of the projects.  

Still, despite all their problems, token launches via airdrops are really common. Of the current top 200 or so cryptocurrencies by market cap, around 50 have been launched since January 2022. 

Half of those were initially distributed via an airdrop, worth between 1.5% and 20% of the total supply. And if you remove memecoins, Runes and Ordinals, seven out of the remaining 13 airdrop tokens have risen in price since they launched. Not a bad strike rate, although their median return to date is minus 30%.

It’s difficult to properly compare token airdrops as they’re usually apples to oranges, with all sorts of tokenomics quirks and utilities. 

But comparing performance of airdropped tokens against other kinds of token generation events — generally launchpads and initial coin offerings — suggests it may just be difficult to launch a token that goes up at all.

Of the 15 tokens to launch in ways other than airdrops over the past two and a half years, seven have maintained value above their initial trade price, with a median return of minus 29%. That’s practically the same as the airdrops.

Perhaps the market may fall back in love with exchange launchpads and launchpools.

Base AMM token AERO and RWA asset ONDO were both clear outliers in this very quick analysis, having both gone 10x since they first hit the market through straightforward token launches, even after their recent healthy corrections.

For what it’s worth, the Worldcoin Orb actually presents a fix for many of the woes plaguing airdrops: Allow only WorldID holders to claim the airdrop, relying on biometric-fueled “proof of humanity” to defeat the Sybil bots.

But so far there seems to be little interest. Sad.

— David Canellis

The Works

  • Standard Chartered is plotting a spot crypto desk for bitcoin and ether, Bloomberg reported.
  • The Winklevoss twins, Cameron and Tyler, both said on X that they’re donating $1 million each to former president Donald Trump’s campaign.
  • Rep. French Hill and Rep. Chrissy Houlahan visited Binance executive Tigran Gambaryan in Nigeria where he’s being detained “wrongfully.” 
  • LayerZero token claims opening led to a record daily revenue for Arbitrum, The Block reported.
  • CryptoQuant CEO Ki Young Ju said the German government was selling off portions of its seized bitcoin stash.

The Riff

Q: What should world governments do with seized crypto?

Political answer: Sell it to fund initiatives to combat addiction and homelessness.

Crypto answer: Hold it, don’t touch it. If you can stake it directly to the blockchain, do that and earn a yield.

Correct answer: Spend it on normal budget things. Use it as money. Pay salaries.

If the merchants, services, contractors or whoever else don’t accept crypto, encourage them to start or else the government takes its business elsewhere.

— David Canellis

This is one of those rare (and boring) times where I fully agree with David. 

I think there’s a lot further to go before more countries are ready to hodl any crypto, even bitcoin (sorry El Salvador). 

So, while billions worth of bitcoin being sold is gonna cause some pain, I’m in favor of countries offloading their stashes to not only allow more diamond hands to come in, but also to — hopefully — use the money raised for some sort of good. 

Even just paying salaries is enough for me. 

— Katherine Ross

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Digital Asset Summit 2025

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

recent research

Unlocked by Template.jpg

Research

Bitcoin Expressivity with BitcoinOS

The BitcoinOS team is the first to have developed and posted a ZK-compressed proof on the Bitcoin network. Other proof verification efforts have been limited to the Signet or testnet deployments. Their work has resulted in the development of BitSNARK, a software library for ZK-compressed fraud proofs on the Bitcoin network. The project aims to provide a horizontal scaling solution, offering a one-stop shop for teams interested in developing a rollup on Bitcoin. This approach shares similarities with the horizontal tech stack scaling in other ecosystems like Cosmos and Optimism, particularly in its focus on simplified verification, bridging standards, and lightweight interoperability.

by 0xMims

/

news

article-image

Analysis

Crypto monthly active addresses are hitting all-time highs: A16z

A16z’s State of Crypto report shows that DeFi has the largest number of daily active addresses, with stablecoins following closely behind

by Katherine Ross /
article-image

DeFi

Conduit sees path to gigagas throughput with new sequencer

G2 is delivering real-world performance breakthroughs at 50-100 Mgas/s, Conduit says

by Macauley Peterson /
article-image

Analysis

Memecoin conceived by AI trumps Trump-linked token sale

World Liberty Financial’s token sale debuted just as an absurd AI-fueled memecoin captured crypto’s attention

by David Canellis /
article-image

Empire Newsletter

World Liberty Financial’s presale overshadowed by memecoin-shilling AI

Plus, would crypto be better out of the limelight?

by Katherine Ross&David Canellis /
article-image

Policy

Coinbase continues with SEC lawsuit over denied FOIA request 

Coinbase hired History Associates in 2023 to assist in retrieving records from the SEC and FDIC

by Casey Wagner /
article-image

Forward Guidance Newsletter

VP Harris’s latest crypto comments fall short on details

Hours after pledging to support Black men’s rights to safely invest in crypto, VP Harris’s Monday night speech mentioned blockchain zero times

by Casey Wagner&Ben Strack /