Blog articles

QuadrigaCX: News, CEO, Crypto security issues, Review – COIN360
STORY
April 11  |  8 min read

The QuadrigaCX Scandal: Problems And Solutions

Coin360 Editorial Team

It’s been in the crypto news cycle for months: the owner and CEO of Quadriga exchange dies – taking millions in missing assets with him.

As stories and speculation around the QuadrigaCX scandal mushroom, it’s important to look at the situation objectively.

What are the facts in the QuadrigaCX case, why has it captivated the public, and what potential ramifications does it have on the future of crypto and blockchain key security?

QuadrigaCX logo

QuadrigaCX logo

QuadrigaCX: The facts

The QuadrigaCX scandal began far before late 2018. Looking over a full timeline of the life and death of QuadrigaCX, it appears the exchange was on shaky footing from its foundation:

  • November 2013 – QuadrigaCX is founded by Canadian entrepreneur Gerald Cotten and investor Michael Patryn. Initial trades are local.
  • December 2013 – QuadrigaCX’s online platforms launches.
  • January 2014 – QuadrigaCX installs the second Bitcoin ATM in Vancouver, BC.
  • 2014 – Only $7.4M in Canadian dollars exchanged on the new platform.
  • 2015 – QuadrigaCX exchange embarks on a campaign to raise funds and appear on the Canadian Securities Exchange (CSE); they are unsuccessful.
  • June 2015 – QuadrigaCX runs out of money, shuts down Vancouver and Toronto offices.
  • 2016 – Michael Patryn leaves; Gerald Cotten becomes the sole director of the company.
  • 2017 – Bitcoin rises during an unprecedented boom, reaching almost USD $20,000 at its peak. $1.2B of Canadian dollars is traded on Quadriga.
  • June 2017 – Smart contract error in the Quadriga system causes a $14 million USD loss in ETH.
  • 2018 – Bitcoin crashes. Quadriga users increasingly report issues withdrawing their assets.
  • January 3, 2018 – A Redddit thread alleges Patryn is an alias for Omar Dhanani, a convicted fraudster who was convicted for involvement in the ShadowCrew criminal organization and deported to Canada from the USA in 2009. Patryn is found to have also used the alias “Omar Patryn” and to have several shared characteristics with -Dhanani, including educational background. A Quadriga official attempts to manage the situation.
  • January 2018 – C$28 Million held by Costodian, one of Quadriga’s payment processors, is frozen by the Canadian Imperial Bank of Commerce (CIBC). CIBC states that it cannot determine ownership of the funds, nor contact the company or Cotten.
  • July 2018 – Patryn approaches a Canadian reputation management company, Reputation.ca, to erase traces of his link to Dhanani.
  • October 2018 – A Quadriga client files a lawsuit against the exchange for “failing and refusing” to pay him $137,379.40 owed to him during the Bitcoin boom. A Toronto court orders Quadriga to pay; the payout has still not been made as of March 2019.
  • November 2018 – CIBC rules in the Quadriga case; individual accounts tasked with determining ownership.
  • November 27, 2018 – Cotten signs his will leaving fiancé Jennifer Robertson all of his assets.
  • December 9, 2018 – Cotten’s widow reports that the 30 year-old has died in Jaipur, India, due to complications from Crohn’s disease.
  • January 14, 2019 – Quadriga officially announces Cotten’s death. In a statement, the company claims he was abroad volunteering at an orphanage. Quadriga’s customers are owed $190M in USD; Robertson claims the assets were held in a cold wallet on a laptop which only Cotten had access to.
  • Mid-January 2019 – Quadriga users flood the exchange’s Twitter with complaints about slow processing times and late payouts. Quadriga claims that “hot wallets are being filled all the time” and blames the wait time on the co-wallet strategy.
  • January 29, 2019 – Quadriga goes offline. Redditors suspect an exit scam.
  • January 31, 2019 – Quadriga applies for creditor’s protection; Robertson admits that the location of the private keys to the exchange’s assets died with Cotten. News reports reveal that the keys’ location was kept on a laptop computer to which only Cotten had access.
  • February 2019 – Ernst & Young granted custody of Quadriga.
  • February 3, 2019 – A Twitter investigation of Quadriga uncovers a possible connection between Quadriga and Mt. Gox, and that $12.7M worth of Bitcoin was liquidated from May-December 2018 with no explanation. Investigators conclude that Cotten likely never held assets on cold wallets, nor lost access to BTC reserves as previously claimed.
  • February 5, 2019 – Mainstream news sites publish the Patryn-Dhanani link. Canadian courts grant Quadriga 30-day creditor protection.
  • February 2019 – As news about the Quadriga scandal spread, it’s revealed that the exchange never held bank accounts and relied solely on third-party payment processing services for transactions; customers also say they were directed to withdraw funds from a nondescript building in Laval, Quebec – and that, upon arrival, there was either no staff on site or no funds to be disbursed.
  • March 1, 2019 – News reports reveal that the six cold wallets belonging to Cotten have been found. Five have remained empty since April 2018; a sixth was last used in - Dec. 2018 for a single transfer from another exchange.

There’s a lot to unpack here – but, notably, a great deal of Quadriga’s issues not only stem from unsavory custodial practices, but also from human factors in a real-life zero-trust environment.

The case continues to captivate the public due its plot twists (Patryn’s identity, Cotten’s marriage and sudden death, and the question of lost assets), and the deeper questions it has raised about the security of cryptocurrency exchanges.

QuadrigaCX CEO Gerald Cotten

Gerald Cotten, the late CEO of QuadrigaCX

QuadrigaCX: Cybersecurity issues

From a cybersecurity perspective, a number of technical issues stand out from this case:

The primacy and premiership of cold wallets
Public opinion has largely looked at cold wallets as the ultimate in crypto security measures – a fact supported by the spike in searches for the term over the past two years. However, Quadriga exchange illustrates that the use of cold wallets alone is not a guarantee of an institution’s security; what is is what is done with those cryptocurrency wallets and how private keys are used and maintained.

Managing funds in a real-life zero-trust environment
Discussions of cryptocurrency security typically assume that malicious actors will come from the outside (e.g. hackers). The Quadriga case raises the question of how funds can be entrusted to an exchange in the event the exchange owners are not trustworthy (or if untrustworthy employees are hired to the exchange), and if any mechanisms are in place to prevent malfeasance in such a scenario.

Backup keys in case of human loss
If a cryptocurrency account holder dies, what happens to his/her assets? What measures are available to pass the keys on to a trusted inheriting party?

Co-wallet strategy and rapid disbursement of funds
QuadrigaCX officials blamed the slowness of the co-wallet strategy of exchanges for slow transaction times in the disbursement of funds following Cotton’s death; it’s an issue which “Proof of Keys” and other movements have raised before. (For those who are unfamiliar, in the “co-wallet” strategy employed by most exchanges, an exchange’s assets are aggregated on one or several cold wallets completely disconnected from the internet and kept in a secure place, and transfers are made to connected “hot wallets” in order to execute transactions with clients). Is there a better way to automate the process in the event of what is, essentially, a modern-day bank run?

Theoretical questions? Think again. Some exchanges have already reported a decline in public trust in the exchange system since the scandal broke. The case has become a wake-up call for the crypto sector, both on individual and institutional levels.

The QuadrigaCX debacle was apparently mostly caused by human factors – but that does not mean that technical failsafes don’t exist to prevent a similar case from happening in the future. These include:

A quorum system of crypto-asset key management, similar to those employed by large fiat banks.
In a quorum system, an arrangement is set up whereby a set number of participants (human or bot) in a predetermined group of participants must approve a transaction. M number of N people (e.g. 3 of 5) must approve the transaction to continue. This can be achieved through a multi-signature setup or – ideally – a multi-party computation (MPC) setup which allows for greater flexibility. From a human-fraud perspective, a quorum alone would prevent rogue actors from accessing funds; for exchanges looking to regain public trust, it would be possible to set up a wallet structure and quorum system which would be almost entirely in the client’s hands (e.g. place restrictions on the amount of employees that can serve as approvers). Automation can be made possible by implementing the above with risk-based policies in place for certain types and thresholds of transactions.

Zero-knowledge backup keys kept in the hands of trustees determined by the client
This is more or less self-explanatory, but it is worth noting that with the quorum system above, a backup key quorum can be predetermined amongst the client’s chosen heirs (or the exchange’s top-tier employees and a third-party attorney, for example).

Time will tell whether exchanges will adopt these precautions. But for now, the souring of public opinion on cold wallets has made the discussion a lot more interesting.

Thank you for reading,
Tova Dvorin from the Unbound Tech team