How Bitfinex could pay back $72m in record time and how regulators can make customers less safe

George Harrap
4 min readAug 11, 2016

As I’m sure you’ve heard, a Bitcoin exchange named Bitfinex recently got hacked for approximately 119 756 BTC recently. This was due to their own negligence and lax security procedures which exposed their wallets holding customer funds to attack. As a quick background, ‘Cold storage’ is a method to store Bitcoins (or any cryptocurrency) offline. Bitcoins can be physically printed on a piece of paper which is locked in a vault, stamped onto aluminium plates or pieces of wood, stored on a USB or using a Bitcoin hardware wallet. These are all secure methods of storing bitcoin because they’re ‘offline’ not connected to the internet. Cyber attacking a block of wood is hard. Bitfinex’s supposed cold wallets were not offline, they were online multi-signature wallets held at Bitgo and were ultimately subject to attack. While not to bore you with too much detail, essentially limits and permissions were not utilised to prevent a transaction of this size draining the wallet- physical cold storage should have been used regardless. Bitfinex has now reviewed their policies and supposedly enhanced their security processes.

Its clear proper security should be in place when dealing with customer assets, but I want to delve into their solution to paying customers back in this article and how it can be applied in future.

Bitfinex yesterday issued their own token to be openly traded, BFXcoin, which is a debt security with the promise to payback the bearer $1 USD at some stage in the future- this was issued to all their customers. Bitfinex has gone with a socialised losses strategy with customers losing 36% of whatever they held at Bitfinex. This token is openly traded now on Bitfinex at a market defined price, at time of writing its $0.32. So why would you sell this BFXcoin for anything less than $1? Well, perhaps you do not have faith in the ability of Bitfinex to pay you back in future and think that their promises are worth nothing and therefore if you can get out with at least something to show for it then you might aswell sell. On the flip side, a bullish investor who thinks Bitfinex is fine, a solid company with revenues and will have no problem paying back customers in future might see $0.32 as a bargain and potential goldmine, pay $0.32 now, cash it out for $1 in the future, make $0.68 profit per coin. So its an excellent indicator on market sentiment in support of the company. But it gets better…

As time goes on, Bitfinex will restart trading and begin making revenues again. At this stage, it will begin paying back customers, destroying BFXcoins in the process. The reduced supply of BFXcoins (of which there are an estimated 72 332 624 in circulation) will push up prices given the same demand. As the market hears about Bitfinex paying customers back, buying a BFXcoin at $0.32 seems like a deal because it becomes increasingly likely they’ll pay them back at the $1 value. This increases buying pressure on BFXcoin and pushes up the price which only further incentivises investors to get involved and buy BFXcoins, pushing up the price further, positive feedback loop.

Eventually the market price of BFXcoin will approach $1 on the open market, I don’t think it’ll reach it exactly but lets say it reaches $0.99. At this stage, Bitfinex could create new BFXcoins to sell on the market at $0.99 and then pay a holder of BFXcoin $1 and destroy the BFXcoin. Now, Bitfinex themselves have only had to pay 1% of the total losses, the buyer of the BFXcoin at $0.99 is happy he got them at a discount and Bitfinex has met its obligation to payback a BFXcoin bearer for $1. This makes the most sense and would mean Bitfinex would be engaged in the open market. In this scenario, Bitfinex has now paid back $72m with only $720k out of their pocket, the rest coming from the market, everyone is happy.

This could all happen very quickly once people see Bitfinex paying its debts, it creates a positive feedback loop with the price and ability to payback more debts. This is a low cost, mostly transparent method of solving a $72m loss and a way to incentivise new customers to engage with your product and services by providing something which has the potential to make them money.

The Regulator

Bitfinex can do this as they are a BVI registered holding company- issuing a debt security in the US, EU, SG, HK or other over governed jurisdiction could cause more issues- like needing a securities licence. Essentially regulations would prevent innovative approaches at paying back customers like this and require an extensive shut down of operations, investigations and lawyers fees. This makes companies operating in these jurisdictions less able to deal with catastrophic events and their customers worse off. Regulators often make customers less safe and interfere in the efficient operation of markets, the bitcoin world mostly operates on its own wavelength which makes doing things like this possible and something to be applauded.

Perhaps this will spawn new crypto P2P insurance pools for businesses and the incident certainly makes everyone check their wallet security twice. I have no idea whether Bitfinex are a good company or not, I haven’t used their platform for about a year and a half but I was one of their first customers back in the day. Looking forward to how this plays out.