Sunday, February 5, 2023

As Coincheck Promises Hack Reimbursement, NEM Scrutiny Grows

As Coincheck Promises Hack Reimbursement, NEM Scrutiny Grows

Japanese exchange Coincheck is now promising to reimburse NEM customers affected in the exchange’s massive January 26th hack, already easily the largest in the cryptoverse’s young history. In the aftermath of the crisis, the NEM Foundation response and NEM’s Proof of Importance (PoI) consensus algorithm have come under scrutiny.

Also read: Illegal Cryptocurrency Mining Scripts Target YouTube Viewers

Subscribe to the Bitsonline YouTube channel for more great videos featuring industry insiders & experts

Coincheck: We’re Good for It

After more than 260,000 traders of NEM — ticker symbol XEM — were affected in the January 26th hack of Coincheck’s XEM hot wallet, the Japanese exchange is now going to be reimbursing users “at a rate of 88.549 yen (81 U.S. cents) for each coin,” per Bloomberg reporter Yuji Nakamura.

The exchange has clarified that it will be using its own revenues to cover the traders’ losses, though it has yet to announce a reimbursement schedule.


It’s a benevolent, if not hefty, price to pay. The hacker or hackers responsible for the theft made off with over 520 million XEM coins, a trove worth over $530 million USD at press time. That makes the Coincheck hack worse than the notorious 2014 Mt. Gox hack, which cost users more than $400 million.

Proof of Importance (PoI) a Contributing Factor?

A new, illuminating Medium report from cryptocurrency analyst Danger Zhang raises concerns that NEM’s Proof of Importance (PoI) consensus mechanism likely laid the conditions for the massive Coincheck hack.

Why? because PoI incentivizes staking NEM in a hot wallet, which appears to be what Coincheck was doing, seeing as how NEM was the only cryptocurrency on the exchange whose stores weren’t secured in an offline cold wallet.

As Zhang clarifies:

“In Proof of Importance, mining is done by nodes which have significant amounts of NEM, with the probability being determined by both the amount of NEM they hold, as well as the transaction volume over the past 30 days.

Proof of Importance aims to solve the wealth concentration problem of PoW and PoS mining mechanisms.

[…] In complicated systems, seemingly small changes can have unintended side effects. With PoI, there is an incentive to use hot wallets to store large amounts of NEM.”

And storing large amounts of NEM in a hot wallet is precisely what’s gotten Coincheck into an expensive operational debacle.

NEM researchers have developed a Hot/Cold Wallet mechanism that allows NEM users to achieve the benefits of PoI without leaving funds indefinitely in a hot wallet, so it’s curious, or perhaps impermissible, that Coincheck wasn’t resorting to this safety mechanism previously.

As NEM Foundation Reacts to Crisis, “Central Planning” Alleged

Charges of “central planning” are the bane of projects in the cryptocurrency space, and they’re leveled any time the space’s core ethos of decentralization is ran afoul of. Such charges famously hit Ethereum during the project’s response to the DAO hack, and now the NEM Foundation finds itself in similar shoes.

That’s because the NEM Foundation promptly flagged the wallet of the hacker or hackers responsible for the Coincheck hack. The move effectively rendered the stolen funds obsolete.

And, while many have applauded the flagging as a noble measure to right a major wrong, it has meant that the NEM Foundation has formally and willingly taken on a centralized regulatory role. Doing so in such a decisive manner places the Foundation firmly on a slippery slope.

In the future, it wouldn’t be inconceivable for governments or other authoritative bodies to approach the NEM Foundation and begin asking for wallet flaggings and other similar crackdown measures. In the very least, it shows centralized pressure can be pressed upon NEM from above, which causes much anxiety in the decentralized cryptocurrency space.

International Business Times crypto columnist George Tung expressed the “central planning” concerns succinctly in a January 27th YouTube video, starting at the 3:33 minute mark:

What’s your take? Is Coincheck making the right move? Is Proof of Importance a concern for exchanges? Did the NEM Foundation make the right move in flagging the hacker’s or hackers’ wallet? Sound off in the comments below.

Images via The Japan Times, Steemit; video via CryptoRUs

Bitsonline Email Newsletter