WazirX’s plan to share $230M burden sparks fury among users

WazirX’s plan to share $230M burden sparks fury among users is profiled by BTW Media because published evidence links it to internet infrastructure, governance, operational dependencies, or market visibility.

• Indian cryptocurrency exchange WazirX announced on Saturday a contentious plan to “socialise” the $230 million loss from its recent security breach across all its customers, sparking significant unrest within the local crypto community.
• This move marks a significant departure from the typical handling of security breaches in the crypto world, where exchanges often bear the brunt of losses or seek external funding to compensate affected users.

OUR TAKE
WazirX’s plan to spread the $230M crypto heist loss across all customers? That’s like inviting a whole party to share the blame for one guest’s wild night out. Remember that time Equifax got hacked and people’s credit scores took a hit? At least they didn’t ask everyone to chip in for that mess. WazirX users who kept their funds safe now gotta take a haircut too? Not cool. And locking 45% of funds in USDT? Feels like a forced savings plan gone wrong. Crypto’s supposed to be about freedom, not forced sharing of someone else’s misfortune.
–Miurio huang, BTW reporter

What happened

Indian cryptocurrency exchange WazirX announced on Saturday a contentious plan to “socialise” the $230 million loss from its recent security breach across all its customers, sparking significant unrest within the local crypto community. The Mumbai-based firm, which had suspended all trading activities last week following a cyberattack that compromised nearly half of its reserves in what is being called India’s largest crypto heist, has outlined a strategy to resume operations within a week. The plan includes a “fair and transparent socialised loss strategy” to distribute the financial impact “equitably” among its user base.

WazirX’s strategy involves “rebalancing” customer portfolios on its platform, returning only 55% of their holdings while locking the remaining 45% in USDT-equivalent tokens. This decision impacts all customers, even those whose tokens were not directly affected by the breach. The company stated that “users with 100% of their tokens in the ‘not stolen’ category will receive 55% of those tokens back.”

The security breach, which took place on July 18, resulted in the theft of over 200 different cryptocurrencies. The bulk of the losses were concentrated in several popular tokens including Shiba Inu (SHIB), Ethereum, Polygon’s MATIC, and the meme cryptocurrency Pepe, according to blockchain data analysis provided by third-party explorer Lookchain. The attack exploited a discrepancy between the data displayed on multisignature wallet provider Liminal’s interface and the actual contents of transactions.

Also read: Coinbase expands board to bolster US crypto policy influence

Also read: Trump’s bitcoin shift: GOP courts crypto voters at ‘Bitcoin 2024’

Why it’s important

WazirX’s decision to socialise the loss has profound implications for the exchange’s credibility and the broader cryptocurrency market in India. This move marks a significant departure from the typical handling of security breaches in the crypto world, where exchanges often bear the brunt of losses or seek external funding to compensate affected users. By distributing the loss among its user base, WazirX risks alienating its customers and damaging trust in its platform.

The plan’s specifics highlight the severity of the situation. Customers are given two options. Option A allows users to trade and hold their crypto assets with a priority for recovery efforts but restricts withdrawals. While Option B permits trading and withdrawals but places users at a lower priority for recovery.

WazirX has stated that users can switch between these options, albeit with certain conditions. “Option B lets you trade and withdraw your assets, but recovery efforts will focus on those who chose Option A first. You can switch to Option A anytime before you make any trades or withdrawals,” the company added.

Nishal Shetty, WazirX founder, addressed the community in a call on Friday evening, confirming that the firm did not insure customers’ funds because such options were not viable. He warned that the recovery effort might not work and could take years. This admission raises serious concerns about the exchange’s risk management practices and preparedness for such events.

Prominent policy voice and editor of MediaNama, Nikhil Pahwa, criticised the move, stating, “WazirX is actually exercising control over crypto assets that it holds for users. This means that it is not just acting as an interchange and a depositary, but actually reaching into user wallets and taking out crypto and giving it to others. It can’t claim to be an exchange only.”

Many customers have expressed outrage and confusion, questioning why WazirX is not using its own profit reserves to compensate users or at least mitigate the damage. The lack of a clear insurance policy and the unprecedented decision to socialise the loss add layers of uncertainty and dissatisfaction among users.

WazirX’s handling of the $230 million security breach sets a controversial precedent in the cryptocurrency industry. The decision to socialise the loss may have long-lasting impacts on user trust and the exchange’s reputation. As the crypto community watches closely, the outcome of this situation will likely influence how future breaches are managed and how users choose to engage with cryptocurrency exchanges moving forward.