Experts Consider the Security and Risks of Noncustodial Exchanges
Despite centralized cryptocurrency exchanges suffering nearly $300 million worth of hacks during 2019, many digital currency traders continue to hold significant sums of capital on centralized exchange platforms.
While many noncustodial crypto services have launched in recent years, few platforms have been able to garner significant liquidity. Cointelegraph reached out to several industry experts to discuss the promise of noncustodial exchanges.
Are noncustodial platforms safer?
Erik Voorhees, CEO of the noncustodial cryptocurrency exchange ShapeShift, told Cointelegraph that, “Noncustodial exchanges provide a fundamentally safer way for individuals to trade digital assets.” He went on to add:
“Traditionally, exchanges are custodial (and almost all of them still are today), and thus they hold user funds. Some exchanges literally hold billions of dollars worth of crypto on behalf of their customers. This crypto can get lost, hacked, stolen, mis-accounted, etc. [...] Often, this destroys the exchange and the customers are out of luck — they bear the risk of these losses.”
Despite his preference toward noncustodial platforms, Voorhees noted that many noncustodial exchanges exhibit some limitations, such as cultivating a “more complicated user experience,” or exclusively operating “with Ethereum and Ethereum-based tokens.”
However, Jack Tao, co-founder of digital currency derivatives platform Phemex and a former Morgan Stanley executive, is less certain about which is the safer option. He told Cointelegraph that both custodial and noncustodial exchanges cater to different needs:
“I don’t believe it’s possible to determine which type of exchange is ‘safer’ in absolute terms, both answers to different traders’ needs.”
Tao suggested that the successes of noncustodial platforms may be contingent on the popularity of centralized exchanges, arguing that, “the success of noncustodial exchanges would be a sign that conventional exchanges are failing to remain trustworthy and transparent with their customers.”
The Phemex co-founder emphasized that noncustodial exchanges expose traders to different security risks, asserting his belief that, “Asset security should be a burden carried by the exchange rather than the user.” He added that Phemex developed a cold wallet system that stores “users’ funds in independent deposit addresses, to be insured in the event of any emergency.”
Are centralized exchanges “honey pots for hackers”?
Alan Curtis, the CEO of the noncustodial ERC-20 token wallet Radar Relay, told Cointelegraph that centralized exchanges currently comprise “the foundation of the cryptocurrency industry,” despite the security risks associated with such platforms:
“Problem is, there’s a chance users of those exchanges could never see their funds again! Since 2011, there have been 50+ disclosed hacks of centralized exchanges accounting for billions of USD and private user information lost. Somehow, ten years later, most digital asset users are still funding honey pots for hackers!”
Curtis argued that recent “incremental improvements in custody solutions” made by centralized platforms are “insufficient,” urging the cryptocurrency sector to transition toward noncustodial solutions at large.
The term “noncustodial” is being misused
Curtis Spencer, the managing partner of Electric Capital — an early stage venture capital firm focused on cryptocurrencies and distributed ledger technology — offered Cointelegraph a balanced appraisal of the strengths and weaknesses offered by both custodial and noncustodial exchange platforms.
Drawing from experience in trading cryptocurrencies across various venues, including “centralized exchanges, noncustodial exchanges, OTC, and smart contract-based exchanges,” Spencer detailed several risks associated with centralized and noncentralized exchanges:
“The simple formula of custodial risk = (amount x time) / size of balance sheet can be useful in evaluating the risk of trading on a particular venue. In a traditional centralized custodial exchange, you take bigger risks by storing large amounts of cryptocurrency there for a long period of time, but that can be mitigated by using exchanges with larger balance sheets than can absorb a multi-million dollar hack. Unfortunately, the balance sheet strength of an exchange is usually not very transparent.”
Spencer argued that the term “noncustodial” is regularly misused, claiming that many purportedly noncustodial platforms would more accurately be described as temporarily custodial. According to Spencer, noncustodial exchanges decrease their users’ risk by shortening the time frame during which they hold onto the assets, however:
“Users are still subject to being censored and the lack of transparency in what the noncustodial exchange does with assets once they are received.”
Despite such, Spencer stated that said noncustodial platforms “encourage better crypto hygiene by having users actually manage their private keys as opposed to relying on bits in a centralized exchange’s database.”
Spencer asserted that smart contract-based exchanges are the only platforms that can be truly noncustodial. He described these platforms as being relatively new, typically hosting “lower liquidity than their centralized counterparts” and having a steep learning curve. However, he concluded that smart contract-based exchanges are a step in the right direction, as they “preserve both the privacy and safety of assets of the users trading on them.”
Noncustodial exchanges decentralize trust
Steven Quinn, a product manager at cryptocurrency exchanges Eosfinex and Bitfinex, shared his view that “noncustodial solutions eliminate the need to trust a third-party with precious assets,” offering numerous benefits to both consumers and the industry.
Despite arguing that noncustodial exchanges have the potential to drive a “new paradigm” in digital currency trade, Quinn identified several major challenges to the widespread adoption of decentralized exchange platforms.
“Throughput and speed are limitations of decentralized exchanges. These exchanges often rely on a blockchain network for settling trades. So, exchanges that are built on Ethereum for example are at the mercy of Ethereum’s maximum transaction throughput of about 15 transactions per second. Even if millions of users were to switch to a decentralized exchange today, some exchanges wouldn’t be in a position to adequately handle the demand.”
Quinn also mentioned that noncustodial platforms require users to experience an entirely new learning curve to adjust to such platforms, emphasizing that “users need to learn how to keep custody of their own funds while connecting their wallets to the platform.”