BitFinex.com, one of the largest cryptocurrency trading platforms by volume, was hacked. The hacker made off with approximately $70million worth of bitcoin. That much is known and confirmed.
BitFinex, as I mentioned, handled a huge chunk of trading volume. They also allowed margin trading and margin lending (the latter of which they referred to as "swaps" until the CFTC recently told them to knock that off).
Customer "wallets" on BitFinex were handled by a third party company (supposedly for security purposes) called BitGo, who advertises "100% security" on their website.
The wallets managed by BitGo were "multi-sig wallets", which basically means that everyone involved in the transaction (BitFinex, BitGo, and the individual user) must 'verify' a transaction with their key for it to be processed. Somehow, this hacker managed to bypass this or exploit something to be able to drain customer accounts. Presumably this is due to the hacker somehow manipulating BitFinex's wallet system to "tell" BitGo that the customer's key was valid, and use BitFinex's key to validate the transaction, similar to how a bank will process a transaction on a stolen debit card if you know the owner's PIN number. BitGo's system saw these transactions as valid as a result and processed them accordingly, emptying hundreds or thousands of user accounts per the hacker's request.
Now comes the fun part.
These users are understandably upset. BitFinex had individual users as well as corporate clients. Some accounts likely lost millions. Many, many accounts likely lost tens of thousands of USD equivalent.
To make this even more interesting, BitFinex seems to be domiciled in either Hong Kong or The British Virgin Islands, depending on which corporate entity you're looking at.
Now for the questions and discussion points:
-Is BitFinex legally liable for customer losses here?
-Is BitGo legally liable for customer losses here?
-What, if any, recourse do customers who had their bitcoin stolen have, and against who?
-Is the socialization of losses legal, and does it make Bitfinex more liable for losses than if they hadn't socialized them?
I have no horse in this race, and I did not lose anything as a result of this hack, but this area is so new, law wise, that it creates several very unique issues due to the lack of regulation (even though there is some now, at least in some countries), the jurisdictional issues, and the confusion surrounding liability.
I'd love to see a serious legal discussion ensue here and hear everyone's thoughts.
Click here to discuss on Reddit or add your comments here on Steemit.
Hi! I am a content-detection robot. This post is to help manual curators; I have NOT flagged you.
Here is similar content:
http://www.unscatter.com/search?q=Hong+Kong&after=t3_4w5072&t=reddit
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Great article!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @grasshoppa1! You have received a personal award!
Click on the badge to view your own Board of Honor on SteemitBoard.
For more information about this award, click here
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @grasshoppa1! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit