How effective will Coinbase’s Salus open source security software be in protecting crypto exchanges?

Colleagues, we return once again to the Achilles heel of cryptocurrency mass-market adoption – security. The Coinbase exchanges’ new open source software Salus purportedly will eliminate the need having to configure a scanner for each different project. Instead, crypto exchanges IT staff should be able to centrally managed security scans across a large number of software repositories. The US-based Coinbase exchanges shares highest quality ranking among Bitcoin trading platforms along with ChangeBelly and Binance according to Bitcoin Exchange Guide, which boosts its credibility in the global cryptosphere. Two key questions emerge. First, how widely will Salus be used by other exchanges? Second, what level of incremental security will Salus deliver? Our assumption is that other exchanges will closely monitor the Salus rollout before deploying it on their platforms. Separately, we are not likely to know true value of Salus in preventing – or at least mitigating – security threats for 4-6 months. Nevertheless, given the plight of security in the cryptocurrency ecosystem we believe that more security can only help strengthen investor confidence in crypto exchanges. Review and download the Salus code at GitHub. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

Does Crypto Smart Contract Predictive Code Violate US CFTC Policies?

Colleagues, as the debate continues regarding whether cryptocurrencies are securities or commodities, a parallel debate is emerging which concerns the legality of including predictive code in smart contracts. The Commodities Futures Trading Commission governs the use of binary options, derivatives and event contracts for US-based traders and investors. The centerpiece of CFTC enforcement is protecting the “public interest”. Crypto smart contract security issues, which may lead to financial losses, are under particular scrutiny by the CFTC. Best practices concerning smart contracts vary by the Blockchain used by each cryptocurrency.  If your prediction is right, the contract automatically sends you the remittance as long as it is in the public interest. The issue of nefarious uses of cryptocurrencies let alone betting on illicit financial transactions (e.g. money-laundering, evading economic sanctions and payment for drug trafficking). Smart contract security audits are key to uncovering vulnerabilities in the underlying Blockchain. The CFTC’s chief concern is the prohibition of so-called “prediction markets”. Bottom line: When it comes to US-based cryptos and developers including predictive code in smart contracts raises a red flag by the CFTC. Until the CFTC issues formal guidelines, our recommendation is to avoid predictive code in crypto Blockchain. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

Fiat to Digital Deposits and Withdrawals for Cryptocurrency Exchanges – Can Binance’s third party method work for smaller exchanges?

Colleagues, unlike Bitfinex the market cap leading Binance exchanges requires investors to convert their fiat currencies using third party portals localbitcoins.com, otcbtc.com or Bitfinex. By contrast Bitfinex does allow direct fiat currency deposits which are then converted to cryptocurrencies … which if desired can then be transferred to other crypto exchanges. Here is the issue: What happens to Binance market cap and trading volume if one or more of their fiat currency “on-ramps” fails? Case in point is the bug in the Bitfinex deposits processing system last week which rendered their deposits on ramp unavailable. Fortunately, they have resolved this problem with the implementation of a new “distributed banking solution”. Ease of use – for both fiat to crypto deposits and crypto to fiat withdrawals – is yet another critical success factor (primarily for individual investors) which needs resolution if cryptocurrencies are to penetrate the mass market. The development of user friendly processes will greatly benefit the global crypto ecosystem. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

Fidelity Digital Asset Services – One Small Step toward Cryptocurrency Mass Market Adoption

Colleagues, we at the Cryptocurrency Academy view Fidelity’s announced its new Digital Assets Services as one important, albeit fully anticipated, step toward mass-market adoption of cryptocurrencies. Unlike most other moves by leading financial institutions this announcement is noteworthy for two key reasons. First, DAS will provide custody and trading services for institutional investors trading millions+ of crypto market cap (in stark contrast to individual consumer traders). Second, we applaud the vision articulated by Fidelity’s Tom Jessup that DAS will grow into “a full-service enterprise-grade platform for digital assets”. We fully expect that the next 12-24 months will see similar announcements coming from BlackRock, Schwab, Templeton and BNP Paribas … just to name a few. We also foresee that the private sector firms will far outpace sovereign central bank adoption of digital assets … with the US Federal Reserve, ECB and PBoC topping the list. So what comes next in the global cryptosphere? Look for one or more global 100 firms such as Amazon, Facebook or AramCo to introduce their own “private labeled” cryptocurrencies. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

What is the scope and impact of Bitcoin time warp attacks cyber criminals? Should the software bug be fixed?

Colleagues, crypto time warp attacks occur when miners collude to report incorrect timestamps that are farther apart, messing with the rate at which blocks can be mined. Incorrect timestamps are do occur and can be innocuous. Chain Analysis reports that timestamp errors have steadily decline since 2018. However, specific manipulation by miners who bends the rules with the goal of creating illegitimate tokens is cybercrime … pure and simple. Bitcoin (along with Litecoin) are most susceptible to time warp attacks. However, some argue that the same Blockchain bug which allows these attacks have favorable unintended positive side effects … faster transaction speeds and attraction of more users. By contrast, if the difficulty of creating a new block is low, a cyber-criminal can mine many fast coins, or in the case of a small chain, a criminal with 51% hash power could reduce the difficulty to one and mine a new fork from the original block. The debate continues within the Bitcoin developer community. While consensus will be hard to reach, the community needs to reach at least a majority vote or risk a division, which split BTC into Bitcoin and Bitcoin Cash in 2017. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

PBoC vs. US Federal Reserve - Will China outpace the US in central bank cryptocurrency adoption?

Colleagues, last week we reported that the US Fed’s Jim Cunha, Vice President for Treasury and Financial Services, speculated that the US central bank could issue a digital asset within the next five years. By contrast the People’s Bank of China is aggressively entering the R&D phase of a planned launch of a sovereign digital asset in the next 2-3 years. Herein we see two very different perspectives on cryptocurrencies. The US is understandably concerned about security of the underlying Blockchain technology. The PBoC is actively hiring technical staff to build and test a cryptocurrency and has filed 41 patent applications. This situation has many similarities with the two countries’ race to adopt 5G telecommunications infrastructure. Bottom line: Despite a highly centralized bureaucracy and conservative political system, China seems poised to be the move mover when it comes to central bank cryptocurrency. Do first movers necessarily have a competitive advantage? When it comes to a sovereign digital asset this trend may not be valid. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/) 

Cryptocurrencies with lower market capitalization have the greatest risk of 51% mining attacks

Colleagues, the threat of 51% attacks loom large in the global cryptosphere. However, findings suggest that the potential for a 51% mining attack has an inverse correlation to the market cap of a given cryptocurrency. Attacks by a group of miners controlling more than 50% of the network's mining hashrate or computing power of the currency’s Blockchain. Two factors drive the propensity of a cryptocurrency 51% attack. First, cryptos with smaller market caps typically have fewer active miners. It is easier to gain control over 1000 miners of ZCoin, which ranks 100^th in market cap by CoinMarketCap at some $60m USD #1 ranked Bitcoin valued at roughly $114t USD with perhaps 1,000,000 active miners worldwide. Second, the availability of relatively low-cost mining pools enable cyber criminals the opportunity to “rent” GPU power from multiple pools simultaneously while subtly approaching the 51%+ threshold for controlling hashrates. Pre-emptive measures include making code changes at the Blockchain protocol level, boycotting likely attackers, increasing the number of confirmation requirements and unleashing a DDoS attacks on suspected hackers. Bottom line: There is no fail-safe strategy become a victim of a 51% Attack, however, investing in Tier 1 cryptocurrencies (e.g. the CoinMarketCap’s top 10 cryptos) provides optimal security and peace of mind. Post a comment today! Lawrence – Cryptocurrency Academy (https://cryptocurrencyacademy.blogspot.com/)