Are centralised cryptocurrency exchanges safe?

Centralised exchanges are widely used by investors, but there are security risks involved in dealing with third parties

Centralised cryptocurrency exchanges allow cryptocurrency to be stored and traded. The blockchain’s ability to keep an immutable public transaction ledger enables you to take total control over your own assets, and that’s the way cryptocurrency is supposed to be. One of the most critical blockchain features is the ability to take your fate into your own hands and control everything you own. However, you give away this privilege when a third party has access to your private key.

How centralised cryptocurrency exchanges work

A centralised cryptocurrency exchange is an exchange that acts as a third party to help carry out transactions. Traders must rely on the exchange to act as a middleman when handling their assets, much like a bank acts as a middleman when holding your money and carrying out transactions.

Centralised cryptocurrency exchanges contain internal wallets where on-exchange cryptocurrency can be stored and traded from. These on-exchange wallets have the same basic structure as other software-based cryptocurrency wallets; they do a perfectly fine job when your private key is secure. However, when you store cryptocurrency on a centralised exchange, you’re not in control of your private key; it’s stored on the exchange. In fact, you’re never even told what the wallet’s private key is. The only way to have total control over your holdings is to transfer the coins/tokens to an off-exchange wallet and store your wallet’s private key somewhere safe and secure.

The risks of centralised cryptocurrency exchanges

Basically, storing your coins on a centralised exchange revokes any security benefits you’d gain by using cryptocurrency. You are at the mercy of the exchange. In the same way you need to trust your local bank to honour your account balance and keep your money safe, if you choose to store your coins on a centralised exchange, you’ll need to place full faith in your exchange of choice to keep your private key safe and make sure your crypto assets don’t disappear.

Multiple centralised exchanges have been hacked in the past (and the cryptocurrency equivalent of billions of dollars have been stolen), so the bottom line is that storing your cryptocurrency on a centralised exchange can’t be considered 100% safe. It’s worth noting however that more established centralised exchanges are taking steps to increase security, with Coinbase also offering insurance of up to £250,000 in the event of a hack. This increased security does come with higher transaction costs, but if you’re particularly concerned about security you may think it’s worth it for peace of mind.

Centralised exchanges have huge targets on their back due to the value stored on their platforms. Hackers are drooling over any opportunity they have to expose weaknesses and come out a little bit richer. The smallest of bugs could leave you with nothing. If you’re looking into using a centralised exchange, you need to do your research and make sure you really trust your exchange enough to flawlessly outsmart and protect your data from hackers.

You shouldn’t just jump in and place too much faith in a centralised exchange without doing some research, and there are several recent mishaps to back up this notion. Here are a few historical examples of centralised exchange failings that you should take into account.

Mt. Gox, Part I

The owner of this centralised exchange had an administrator account with special auditing privileges. In 2011, the administrator account was hacked into and used to send a large amount of Bitcoin to a malicious account. Subsequently, a large amount of BTC was sold off on the exchange and led to a severe BTC price drop. The hackers used their accounts to purchase the discounted, panic-sold BTC and then withdrew it from the exchange.

Mt. Gox, Part II

Over 2,500 BTC were sent to invalid addresses and lost in October 2011.

Mt. Gox, Part III

Mt. Gox paused all BTC transactions to cover up a 2014 theft of almost 750,000 BTC. In the end, the exchange owed hundreds of thousands of BTC to its users, but only had about 2,000 BTC in its possession.

The moral of this story might be to avoid Mt. Gox at all costs. (Don’t worry, it’s no longer up and running.) However, to further exemplify the risk involved in centralised exchanges, here is a more extensive list of related operations that have reportedly been hacked and/or had things go astray at one point or another (in alphabetical order):

  • 796
  • Bitcoin7
  • Bitcoinica (x3)
  • Bitfinex (x2)
  • BitFloor
  • Bithumb
  • Bitomat
  • Bitstamp
  • BTC-e (x2)
  • BTER (x2)
  • Cointrader
  • Cryptsy
  • Gatecoin
  • KipCoin
  • LocalBitcoins
  • MintPal
  • OKEx
  • Poloniex
  • QuadrigaCX
  • Vircurex

That’s pretty long already, and it spans all the way from Bitcoin’s 2011 inception until now. Interestingly enough, however, it’s not even all-inclusive and is still growing. As you can see, your fate really is out of your hands when you choose to store your funds on a centralised exchange. If you’re thinking about or already using centralised exchanges, you really need to consider whether your chosen exchange is trustworthy enough to handle and defend your assets. If you’d rather have more security, you may wish to consider decentralised options.

Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.