For average folks, investing in cryptocurrencies means putting your faith (and your money) in an intermediary, usually an exchange company in the form of an app like Coinbase. These services make the process of dealing with cryptocurrencies less about long alphanumeric addresses and QR codes to something more like Venmo or a banking app.
But if that intermediary fails, that means the cryptocurrencies it holds can be in jeopardy. That’s what happened to a Canadian cryptocurrency exchange when its founder, Gerry Cotten, was the only person who knew the credentials to access hundreds of millions of dollars worth of customer assets and died unexpectedly. Now the company can’t get into the laptop that links all its customers to their assets.
His company, QuadrigaCX, was arguably operating in good faith by keeping all the information that links customers to their funds in a computer that was deliberately disconnected from the internet. Being off-grid kept that vital information away from thieves. But then, Cotten died of Crohn’s disease in December.
Jennifer Robertson, his widow, testified that Cotten kept all this information on an encrypted laptop that only he could unlock. That laptop is the only place that can access information for QuadrigaCX’s 100,000-plus customers. “Despite repeated and diligent searches,” Robertson said, “I have not been able to find them written down anywhere.” She has hired experts to decrypt the laptop, and to access Cotten’s messaging and email accounts, which are also encrypted.
It’s an episode that illustrates in part why cryptocurrencies remain on the fringes of mainstream finance. Goldman Sachs, for example, recently halted its plan to build a trading division specifically for crypto. Other apps have stepped in to fill the void because there’s a market for apps that reduce the consumer’s involvement to simple authentication and basic trading, like a more traditional investment company.
But without the regulation that more traditional investment banks are beholden to, there’s huge risk, as QuadrigaCX illustrates. The company could have used a multi-signature system, where another person could have backup access to these files. Until practices like that are compulsory, it’s going to be dangerous out there.
Originally posted on Popular Mechanics