700k coins will do that to you. I really believe/believed in this one and all this is rather depressing. Im of the belief that reputation/marketing are of huge importance and this just doesnt help.
Pah. It's a rite of passage.
And note that Lon Wong's statements took the time to emphasize the on chain security features that Coincheck pointedly failed to use.
Question is whether those features would deter any hack.
Also I didnt realize a fork was happening for catapult...speaking of which is catapult ever happening?
Thanks
Of course those features would have reduced the probability of a hack. There is nothing called perfect security. However, what Coincheck was using was quite bad indeed.
Two of the very basic security practices that every single exchange should use for every single crypto that they handle are -
- Multi-sig wallets: If one key is compromised, the attacker cannot steal all the funds
- Cold Storage: Majority of the funds need to be stored on a device that has never been connected to the internet
Then, the exchange needs to create processes around these basic security requirements. For example, how many key holders exist in the multi-sig wallet? Where do they store their keys? How do they communicate if they believe they are compromised, and what steps do every one else take if this happens? Where are the cold storage keys located? Who authorizes transfer of funds from cold storage to hot wallet? How often can this happen?
You get the point.
If you're running an exchange without Multi-sig and Cold Storage, then you're at fault.
This hack isn't a problem with NEM. It is a problem with the exchange practices. The NEM foundation has offered to help, but there is only so much they can do in this situation.
