Ledger Under Fire After Questions Arise Over Security Measures


Crypto’s flagship cold storage tool, Ledger, is taking heat from the crypto community this week following a Reddit post from a Ledger co-founder that suggested that external companies could have exposure to user seed phrases on an opt-in basis. The situation is far from ‘cut and dry’ and has led to substantial dialogue throughout crypto communities around the degree of security that Ledger owes it’s users.

Let’s take a look at both angles of the argument.

Ledger Lunacy: Where It All Started

The genesis of this started with a new firmware update over the past day, leading to quick question marks about the implications from the udpate. A Reddit post on subreddit r/ledgerwallet late on Monday / early on Tuesday this week is what set it all off, courtesy of a thread titled “Is there a backdoor? Yes or No.”

The Reddit poster asked in the body of the post:

An official answet from ledger would be very much appreciated. Also because the alternative (typing the three parts of the seed for the three custodians) goes against the number one rule of never typing your seed in a connected device. This silence on how this “recovery” works is the worst response. Customers appreciate transparency.

The post opened the floodgates to speculation, and responses from Ledger co-founder Nicolas Bacca (u/BTChip) didn’t field encouragement for Ledger users. Bacca provided several responses to user concerns throughout the thread, including this reply on the thread itself:

There’s no backdoor and I obviously can’t prove it (because it’s not possible to prove a negative) – let’s just say that you’re already using the device agreeing with the fact that Ledger cannot update the firmware without your consent – it’s the same mechanism for Recover, which is locked behind ownership of your device, knowledge of your pin, and finally your consent on device.

There’ll be more information published shortly describing how the service works – the tldr is that no single company knows your seed if you decide to use it. If you don’t want to use it there’s no consequence whatsoever in your previous experience of the device.

In all, users are seemingly left still trying to answer one dying question: Can a Ledger device expose a seed phrase?

The Big Picture: Back & Forth Dialogue

While the meltdown continued on Reddit, parlayed with new subreddit threads on the ‘hot’ page like “consider moving to a different cold wallet,” “How to kill your business,” and many more, Crypto Twitter also took hold of the situation. Resident Crypto Twitter dev Foobar amplified the situation further:

Not all were in agreement though, as another noteworthy dev, Udi Wertheimer, posted his disagreement. Wertheimer replied that the post was “irresponsible hyperbole” and that “Ledger remains as safe to use today as it was yesterday. For MOST people it is the easiest hardware solution to recommend.”

In all, it is right and to-be-expected in the crypto community that firms like Ledger face immense scrutiny: the integrity of the industry has a meaningful degree at stake over the security and integrity of the largest cold storage provide in the business. While it is likely that some community members are losing their head too quickly, Ledger will likely continue to face pressures to increase transparency around the degrees of access to wallet keys.

SEC Hands Coinbase A ‘Wells Notice;’ Coinbase Rebukes


Flagship cryptocurrency exchange Coinbase has stood the test of time through bear and bull markets alike. Like it or not, Coinbase lives on a short list of exchanges that have been around for over a decade.

This week, the exchange revealed that they have been issued a ‘Wells notice’ from the SEC, a signal of growing action from the U.S. enforcement bureau that continues to show hesitancy in adapting crypto-friendly policies. Historically, Wells notices typically serve as a concluding pillar in an SEC investigation, and often signal incoming enforcement.

SEC Notice: Coinbase Expresses Frustration

The notice was made public by Coinbase through a blog post published on Wednesday, amplified through a tweet thread from the exchange’s Chief Legal Officer, Paul Grewal. The blog post notes that the SEC is focused on a few of the exchange’s primary product offerings, including staking service Earn, institutional arm Prime, and the exchange’s consumer-facing Wallet product.

The firm goes on to explain that they are “prepared for this disappointing development,” despite seemingly uncertain roads ahead. Nonetheless, Coinbase emphasizes that product offerings are unchanged, and doubles down on a sentiment that has been often echoed by many exchanges: “we welcome a legal process to provide the clarity we have been advocating for and to demonstrate that the SEC simply has not been fair or reasonable when it comes to its engagement on digital assets.”

The SEC’s Growing List Of Targets

This news shouldn’t surprise many. In recent days, we’ve seen the SEC also unleash securities law violations against Tron’s Justin Sun and celebrities like Lindsey Lohan.

It’s been a long back and forth between Coinbase and the SEC, with the exchange just sending a letter to the commission in recent days. Earlier this year, the SEC sent a similar Wells notice to Paxos, issuers of stablecoin BUSD, and many believe that stablecoins are a point of emphasis for the commission. This move led Jesse Powell, co-founder and CEO of fellow long-time crypto exchange Kraken, to express that regulators in the U.S. are the main hindrance to crypto’s growth.

It’s uncertain where we head from here; while historically, a sample set from just under 1,000 cases between 2011 and 2013 reflects that approximately 80% of issued Wells notices have resulted in tangible charges. However, a lot has changed in the past decade, and new SEC leadership under head Gary Gensler haven’t supplied much inspiration to crypto advocates that effective policy is en route. In the meantime, Coinbase maintains that they do not offer securities to customers.

FTX’s SBF Hit With Fresh Batch Of Bank Fraud Charges


Former FTX CEO Sam Bankman-Fried (SBF) is facing a new slate of bank fraud charges this week, including the likes of conspiracy to operate an unlicensed money-transmitting business and conspiracy to commit bank fraud.

A newly-released indictment filed on Thursday likely confirms many outstanding suspicions that have existed in the crypto community over the past few months, and introduces a few new interesting pieces of detail as well.

Let’s take a look at the quick nuggets of information available to us from this 39-page document.

The Charges Against SBF Grow

The indictment, labeled a ‘superseding indictment,’ adds a total of four new charges from the Southern District of New York’s attorney’s office. The new indictment brings SBF’s total charges up to a dozen.

Much of what’s been chronicled in this saga to date has been reinforced, including the DoJ’s assessment around FTX’s co-mingling of funds with Alameda Research, details around SBF’s political donations, and more.

However, there’s also more fine details released around some of these elements that are worth reviewing.

New Highlights

The 39-page indictment is jam packed with pieces of interesting information. Here’s some of the bits that we found especially interesting and insightful that haven’t generally been included in the major talking points over recent months:

  • Political Donations: It’s been widely known that SBF donated north of $40M to Democratically-leaning political action committees (PACs). In a previous interview with reporter Tiffany Fong, SBF stated that he donated a similar amount to Republican-leaning PACs, but kept those donations under wraps as “dark” donations to avoid public scrutiny. The updated indictment provides more detail and insight, outlining how SBF utilized an unknown individual – labeled “CC-1” in the docket – to facilitate many of those donations. The indictment added, however, that in “dozens of instances… [SBF]’s use of straw donors allowed him to evade contribution limits on individual donations to candidates to whom he had already donated.”
  • FTX was “not a legitimate business”: Early in the document, the court proclaims that SBF’s FTX was “not focused on investor or client protection, nor was it the legitimate business that [SBF] claimed it was.”
  • Your tweets may be used against you: In a court of law, your tweet can be used against you. In the indictment, a tweet from SBF co-conspirator Caroline Ellison referencing financials stated that “… the balance sheet is for a subset of our corporate entities, we have > $10b of assets that aren’t reflected there.” The indictment notates that the tweet was misleading and alludes to a misappropriation of funds.
  • BTC & ETH referenced as securities: Interestingly, page 20 of the document states that SBF “caused significant negative price impact on the value of commodities in interstate commerce in the United States, including bitcoin and ether spot and future prices.”

NBA’s Detroit Pistons Pair With RareCircles For New NFT Launch


The NBA’s Detroit Pistons made a splash at the trade deadline, securing 2020’s #2 draft pick James Wiseman as part of a 4-team trade. Wiseman had a nice showing in his Pistons’ debut, and now the team is back with a new announcement over the NBA All-Star break, pairing with NFT platform RareCircles for a new digital fan engagement activation.

RareCircles and the Detroit club have launched ‘Pistons RareAccess,’ a new gated fan experience that utilizes NFTs. The move shows a major investment from the team in building fan growth via web3 tools. Let’s take a look at what we know thus far.

Pistons x RareCircles: Early Stages

The NBA has done a great job making the league a year-round spectacle, but undoubtedly the most exciting time is the post-All Star Weekend playoff push for teams from late February until the playoffs kickoff in June.

And while the club is very much in rebuild mode, investing in a young core of high-potential client including the aforementioned James Wiseman alongside talent like Jalen Duren, Cade Cunningham, Isaiah Stewart and more, there is plenty in the mix for Detroit’s flagship hoopers. While the team finds it’s footing to build around, it’s finding new avenues of fan engagement in the interim.

The RareCircles collaboration will offer a three-tiered approach with different access levels: Legend Editions, All-Star Editions and Starter Editions. It all starts with private “Huddle Sessions” with coaches, team executives and players as well as limited-edition merchandise drops, and gameday ticket giveaways. The move follows a growing amount of NBA clubs that are looking to gate exclusive access and events via NFTs, which allows the club to simultaneously offer a digital collectible that inherently carries recurring utility.

Crypto-Native Integration

RareCircles has helped the Pistons take an especially crypto-native approach, with direct utilization of a crypto hot wallet and Ethereum in order to access the NFTs. However, users can use a credit card for transactions too. This has been the common approach from both brands and teams engaging with digital collectibles – allowing crypto-first consumers to engage while still being consumer-friendly for the less crypto-savvy.

In a press release provided to Bitcoinist, Pistons Chief Revenue Officer Dan Lefton stated:

“We are always looking for ways to provide our fans new opportunities to experience the Pistons like never before… Pistons RareAccess will bring fans closer to all the aspects of the Pistons that make NBA basketball a unique and exciting experience. We’re excited to continue to innovate along with our partners at RareCircles to provide Pistons fans the most engaging and exclusive next-generation platforms.”

This move is the latest in culture-first thinking for a team that boasts rapper Big Sean as their creative director of innovation. Don’t be surprised to see more from the historic club moving forward as the elements surrounding fan engagement via NFTs continue to grow.

Crypto Hedge Fund Galois Capital Shutters Flagship Fund, CEO Confirms


Crypto hedge fund Galois Capital has confirmed that it’s closing doors on it’s flagship fund after continued emerging reports surrounding the fund’s exposure to FTX. Galois joins the ranks of BlockFi, Sequoia Capital, Genesis and other firms that have been caught in the FTX crossfire.

It takes time for dominos to fall, and despite FTX’s collapse being nearly 4 months in the making, Galois’ collapse is not a surprise for some. Let’s review what’s been revealed in the early stages of the firm’s shutdown.

Early Stages: What We Know So Far

It’s a large fall from grace from what was one of crypto’s largest hedge funds; Galois at one point managed nearly a quarter of a billion dollars worth of assets at it’s peak. In November, immediately following FTX’s fall, it was largely believed that Galois had nearly half of its assets on FTX’s platform.

A report from the Financial Times on Sunday largely confirmed these suspicions, comparing Galois’ fall to that of hedge funds that fell to the behest of the Lehman Brothers collapse in 2018. FT’s report cites a Galois letter claimed that 90% of funds not on the FTX platform would be returned to clients, with the remaining 10% held until further discussions with auditors takes place. Galois has since sold FTX claims for 16 cents on the dollar.

The hedge fund was led by Kevin Zhou, a respected crypto veteran who made plenty of ‘right calls’ in his day, including timely fades on Solana and Terra. In a departing Twitter thread (posted below), Zhou confirmed the shutdown, noting that despite the FTX exposure Galois would shut down as one “among the few who are closing shop with an inception-to-date performance which is still positive.”

FTX Fallout: Galois Isn’t Alone

Just last month, our team covered the narrow escape of Digital Surge, an Australian crypto exchange that had roughly $25M worth of exposure on FTX. Digital Surge suspended operations after FTX’s shutdown, and has since received a partial bailout and has signed a recovery plan allowing the exchange to continue operations this week.

Not all operations were as lucky, however. The aforementioned BlockFi and Genesis exchanges have filed for bankruptcy since the collapse of FTX, and the fallout from FTX’s collapse is still being felt today, over 3 months later. It’s likely that Galois will not be the final domino to fall, too.

The news is largely considered a net loss for the crypto atmosphere. Zhou is generally well-respected in the space, as many of crypto’s most notable faces offered support in the fund’s departing Twitter thread; as the old adage goes, “this too shall pass.”

A Botched Heist: A Look At The Sloppy $8.5M Hack On Platypus Protocol


Avalanche-based Platypus Protocol, an AMM that was less than two weeks into launching it’s new stablecoin USP, suffered an $8.5M flash loan attack on Thursday. There’s plenty to talk about recently about stablecoins, but this story isn’t about regulation – but rather about community-issued enforcement and collaboration to rectify actions from the hack.

In less than 24 hours, community collaboration has allowed Platypus to recover almost a third of the funds – and the hacker has sleuths hot on his tail.

Moving At A Platypus’ Pace? Not So Fast

On the cusp of robust SEC and stablecoin discussion, including drama surrounding Paxos-issued BUSD and the SEC’s new suit against Do Kwon and Terraform Labs (creators of the Terra stablecoin UST), there’s more stablecoin madness this week that is unrelated to regulation.

Platypus Finance has operated in the Avalanche ecosystem for some time now as an established AMM operating a liquidity pool, and recently launched a stablecoin, USP, pegged to the US dollar.

On Thursday, a hacker who routinely identifies as ‘retlqw’ used a flash loan to take advantage of Platypus’ code. They sought to deploy a single contract to exploit Platypus, but the work has generally been seen as sloppy and a result of ‘poor coding’ rather than ‘good exploiting.’ The hacker took a flash loan from Aave for 44M USDC, deposited it to the Platypus pool for liquidity pool tokens. The exploiter deposited those liquidity pool tokens into a staking contract, allowing them to borrow a massive amount of USP tokens.

This is all standard procedure, up until now: the hacker than took advantage of a ’emergencyWithdraw’ function, which manipulated the code to allow the hacker to swap back the liquidity pool tokens, returning the flash loan from Aave, and still maintain the USP token. The hacker swapped USP tokens for as much as they could at that moment – roughly $8.5M worth of stablecoins.

Hot Pursuit

The Platypus team consulted with Avalanche’s internal team at Ava Labs, as well as industry professionals like BlockSec. Within a few hours, four lines of corrected code had been implemented to rectify the issue. Within the same day, crypto’s signature sleuth ZachXBT issued a tweet identifying the hacker and expressing interest in negotiating a bounty before reporting them to law enforcement:

In less than 48 hours, Platypus has already recovered 2.4M USDC and it appears that many of the other funds are frozen courtesy of coordinated work with Platypus’ team. This hack serves as another stark reminder that code is often far from perfect in early stages of development.

The stablecoin sagas continue.

SEC To Sue Firm Behind Failed Terra Stablecoin, Terraform Labs


Nearly a year after the demise of Terra and it’s UST stablecoin, the SEC is in pursuit. It’s the latest in a suite of regulatory hammers that the Securities and Exchange Commission has been bringing to the pavement in crypto lately.

Terraform Labs once operated what was considered the dominant decentralized stablecoin UST – and was building a robust defi ecosystem before the cards collapsed in the first half of 2022. While Terraform Labs co-founder and CEO Do Kwon maintained his innocence on public platforms, crediting Terra’s downfall to that of a targeted attack on the network, the SEC will look to present a formidable challenge for Kwon and company to present their case – arguably for the first time yet.

The SEC’s Suit: What We Know

A press release from the commission that hit the wire on Thursday details that the US commission has charged Kwon and Terraform Labs with “orchestrating a multi-billion dollar crypto asset securities fraud” through the algorithmic UST stablecoin and surrounding securities.

The document starts with Mirror – the decentralized platform built on Terra that allowed users to trade mirrored assets of actual securities. At one point in the early days of Mirror, some users were ‘looping’ assets with leverage based on existing securities traded on federal exchanges. The press release calls out Mirror’s MIR token, the UST stablecoin, and Luna’s native LUNA token directly.

Additionally, the press release dives into Terra’s flagship product, Anchor. Anchor was the bread and butter of the ecosystem, touting a clean and straightforward UI and a consistent 20% interest rate on the UST stablecoin. At the high point just before Terra’s downfall, Anchor was home to several billions of dollars of liquidity. The SEC complaint alleges that Kwon and Terraform Labs “misled and deceived investors” around a variety of topics, including the stability of UST.

Gensler: Cracking The Whip

In a statement included in the release, Securities and Exchange Commission head Gary Gensler claims that Kwon and Terraform Labs “failed to provide the public with full, fair, and truthful disclosure as required for a host of crypto asset securities, most notably for LUNA and Terra USD.” The Director of the commission’s Division of Enforcement, Gurbir S Grewal, added that the “Terraform ecosystem was neither decentralized, nor finance. It was simply a fraud propped up by a so-called algorithmic “stablecoin” – the price of which was controlled by the defendants, not any code.”

In a statement included in a first-look report by Bloomberg, Terraform Labs reserved comment, only stating that the firm “has not been contacted about such a proceeding by the SEC and thus cannot comment.”

Kwon, once known for his over-confident and cocky approach on Twitter, hasn’t been seen on the platform on over two weeks and has long maintained – on Twitter, on podcast appearances, and elsewhere – that he is “not on the run” despite swirling discussions of an Interpol red notice. Now, there is little question around the veracity of that claim.

A Multi-Chain Future: Rarible Adds New Support For Tezos And Polygon NFTs


Sure, Ethereum is still the NFT market share leader, but there’s an ever-present ‘multi-chain future’ discussion among the NFT space. NFT marketplace leader OpenSea has exhibited open arms to this concept, adding support for chains like Polygon and Avalanche.

It doesn’t just stop and start with OpenSea, either: the once Solana-dedicated NFT marketplace Magic Eden has been branching out, including support for Polygon NFTs. While not cross-chain (at least, yet), Ethereum-dedicated no-fee platform Blur has launched it’s own Ethereum-based platform token, causing quite a stir this week.

And now Rarible, another major longtime NFT marketplace, is expanding to a more multi-chain future as well – announcing new tools of support for Tezos and Polygon NFTs this week.

Runnin’ With Rarible

Rarible first announced a desire to integrate multi-chain NFTs within Solana, Tezos and Flow roughly a year ago. The marketplace has largely brought that vision to life, and today the platform supports collections minted on Ethereum, Solana, Tezos, Polygon, and Immutable X.

So what is week’s announcement from Rarible really all about? It boils down to a new aggregation tool in Rarible’s marketplace that will allow users to purchase Tezos-based NFTs from dedicated marketplaces like Ojbkt and fxhash. Tezos has been a unique NFT player with a huge focus in building an artist-focused environment.

Polygon has owned an opposite approach, securing major brand partners like Starbucks and Reddit in what’s become a long list of more ‘institutional’ grade partners. Accordingly, Rarible’s aggregation tool will also be supporting Polygon NFTs on OpenSea.

These maneuvers follow Rarible’s launch of it’s aggregator tool back in October, which looks to utilize other marketplaces to add accessibility and visibility across collections.

Multi-Chain Madness: What And Why

Many ‘altcoin’ maxis even believe in a multi-chain future, mostly because of the different use cases offered across chains. Some might be better for privacy, others for cost efficiency, etc. – and generally these various use cases all can find homes for projects that have a core need. In short, the crypto landscape has evolved beyond the ‘store of value’ use case of Bitcoin and the ‘smart contact’ offering of Ethereum. More nuance, more investments, more projects, and thus – more utility for specific chains.

This, of course, doesn’t mean that every chain will survive in the long haul. However, this move from Rarible bodes well for already bolstered chains like Polygon and Tezos – who clearly have carved their respective lanes in the NFT space.

On-Chain Art Goes IRL: The Largest Collection Of NFTs To Enter A U.S. Museum


This week was host to the biggest acquisition of blockchain-based art from an American museum. The new additions of nearly two dozen NFT art pieces were gifted to one of Los Angeles’ most recognizable museums from one of the most recognizable names in NFTs.

Let’s take a look at what collections made the list, what you can expect from the acquisition, and more.

On-Chain Art Goes IRL: The What & Where

The Los Angeles County Museum of Art (commonly known as ‘LACMA’) is one of LA’s most signature museums, and the largest museum in the western U.S. LACMA is host to a rotating offering of historic paintings and pieces. LACMA is also home to permanent exterior public works like Chris Burden’s “Urban Light” (pictured in the header above), Michael Heizer’s “Levitated Mass”, and more. The museum is aptly positioned in the heart of Los Angeles, right next to the La Brea Tar Pits – a unique area in LA where natural asphalt has bubbled to the surface for thousands of years.

You might not be able to secure your ticket to the museum as an NFT (at least, yet), but you can certainly see some NFTs on display soon. A new era of history is entering the halls of LACMA this week, courtesy of notable NFT collector Cozomo de’ Medici.

A Collection’s Worth

What made the cut for Medici’s generous gift to the museum? A LACMA issued press release along with a corresponding Twitter thread from Medici detail a bit of what’s to come for the museum’s blockchain-based acquisition. It’s a wonderful compilation of some of the most recognizable and legacy collections across the NFT space. Dubbed ‘The Medici Collection,’ the 22 NFTs include iconic ‘legacy’ pieces, generative and AI-produced pieces, photography, code, and more. Additionally, Medici and team did an excellent job bringing in the global element of blockchain-based works, featuring 13 international artists from across the globe.

The additions add substantial weight to LACMA’s existing collection of digital pieces, which have been a growing category for the museum as the space has grown. In a statement included in the press release, LACMA’s Assistant Curator of Contemporary Art Dhyandra Lawson stated:

“It is a great honor to have works from The Medici Collection find a permanent home at LACMA. With this gift, my goal was to help bridge the worlds of on-chain art and contemporary art, which until now have existed separately. I’m thrilled to have these historically significant on-chain works contextualized beside many iconic works of art in LACMA’s collection.”