TLDR
WazirX, an Indian cryptocurrency exchange, lost $230 million (45% of customer funds) in a hack on July 18, 2024.
The exchange is considering various options for fund recovery, including reaching out to other exchanges and projects for help.
WazirX proposed a controversial plan to distribute the loss impact among all users, even those not directly affected by the hack.
Custody provider Liminal denies its infrastructure was compromised in the hack, contradicting WazirX’s claims.
WazirX did not have insurance for customer funds, citing a lack of viable options.
Indian cryptocurrency exchange WazirX is grappling with the aftermath of a significant security breach that occurred on July 18, 2024.
The hack resulted in the loss of $230 million, representing about 45% of customer funds held on the platform. As the exchange works to address the situation, it faces multiple challenges, including determining the best path forward for fund recovery and maintaining user trust.
WazirX co-founder Nischal Shetty told CoinDesk that the exchange is exploring all possible options to recover the stolen funds. This includes reaching out to other exchanges and cryptocurrency projects for assistance. Shetty emphasized that these outreach efforts “are going to be crucial” in the recovery process.
The exchange has proposed a controversial “socialized loss strategy” to distribute the impact of the hack across all users.
Under this plan, 55% of assets would be available for trading and withdrawals for all users, including those not directly affected by the hack. The remaining 45% would be locked, with the timeline for unlocking dependent on ongoing recovery efforts.
This proposal has faced criticism from customers and industry peers. Some argue that it unfairly impacts users whose funds were not stolen. WazirX maintains that the plan aims to provide a faster and more flexible solution compared to situations where users face years of uncertainty and limited fund access.
Adding to the complexity of the situation, there is a dispute between WazirX and its custody service provider, Liminal. WazirX’s internal investigation claims that the hack involved Liminal’s infrastructure.
However, Liminal has pushed back against these accusations, stating that its systems were not compromised and that the affected wallet “originated from an external source.”
One factor contributing to the severity of the situation is the lack of insurance for customer funds.
Shetty confirmed that WazirX did not have insurance, citing a lack of viable options. This absence of insurance means that the exchange and its users must bear the full brunt of the losses, leading to the proposed socialized loss strategy.
WazirX has taken several steps in response to the hack. The exchange has paused trading and withdrawals, filed a police complaint in Mumbai, and reported the incident to the Indian Computer Emergency Response Team (CERT-In). Shetty also mentioned that various Indian and international authorities have reached out, though he did not disclose specific names.
The exchange is currently running two parallel phases: immediate revival to unlock collateralized assets for customers, and finding ways to fill the gap left by the stolen funds. WazirX has launched a bounty program and is exploring potential assistance from project teams and their emergency funds.
The exchange plans to make decisions based on community consensus, as evidenced by the opinion poll it conducted to gather user feedback on the proposed recovery plan. However, WazirX has emphasized that no unilateral decisions will be made without proper consent from its users.
As of July 31, 2024, WazirX has not announced a definitive timeline for resuming operations or implementing its recovery plan.
The exchange continues to investigate the hack and explore various options for fund recovery, leaving users in a state of uncertainty about the future of their assets on the platform.
The post WazirX Explores Recovery Options Following $230 Million Hack appeared first on Blockonomi.