Editors Note: This article comes fromBabbitt Information (ID: bitcoin8btc ), translated by Free and Easy; The original text comes frommediumEditors Note: This article comes from
Babbitt Information (ID: bitcoin8btc )
, translated by Free and Easy; The original text comes fromZerononcense, Author Zerononcense, reprinted with authorization by Odaily.
Just a few days after everyone lamented that the Canadian Bitcoin exchange Quadrigacx owed its customers a huge sum of $190 million due to the death of its founder and the inability of others to access the private key of the cold wallet, another plot appeared. possibility. The blockchain research from investigators shows that many of the testimonies submitted by the exchange may be wrong. In addition, according to an early report by Coindesk, the founder of Quadrigacx stated that the exchange used multi-signatures. plan. It seems that the case is not as simple as people imagined, and the investigation itself is quite controversial. Bitcoin developer Peter Todd questioned that the research mainly came from Reddit, not the court.
This report provides an in-depth analysis of Bitcoin held by Quadrigacx.
Summary of Findings
A description of the reporting context will be added to the top of this document in the near future. Currently, the information provided below is all evidence, wallet addresses and other relevant facts gathered during the investigation into Quadrigacx’s Bitcoin holdings.
first level title
Summary of Findings
Here are the findings of the authors of the report:
There appear to be no identifiable Quadrigacx cold wallets;
Quadrigacx appears to be using customers’ deposits to pay other customers when they request withdrawals;
It appears that the amount of Bitcoin held by Quadrigacx is significantly less than the amount of Bitcoin mentioned in the affidavit filed by Jennifer Robertson (allegedly the wife of the late CEO and owner Gerry Cotten) to the Canadian court on January 31, 2019 quantity.
At the very least, there was some delay in delivering cryptocurrency withdrawals to customers because Quadrigacx simply had no funds at the time. In some cases, Quadrigacx was forced to wait for sufficient customer deposits before processing customer cryptocurrency withdrawal requests.
After completing the analysis, the authors concluded that Quadrigacxs claims that it was unable to obtain the funds necessary to fulfill customer withdrawal requests were not true.
first level title
Overview of survey methodology
The investigation involved an in-depth look at QuadrigaCX’s Bitcoin and Ethereum wallets. Lets start with Bitcoin.TwitterOf course, it is also possible that the report authors statement is also false in order to confuse/distort the information and distort the narrative.
To verify the authors identity - the following sources may be referred to:
, Telegram and Reddit.
first level title
Identify Quadrigacxs bitcoin wallet address
Since Quadrigacxs wallet address is not known to many people, deposit information from customers, from reddit posts posted above and information shared via messages.
At the outset of this effort, only 100% verified transactions will be included in the study to determine more information about the Bitcoins held by Quadrigacx. These initial addresses are verified by personally identifiable information obtained from a number of selected volunteer sources. The original sources also provided ample evidence that they were indeed Quadrigacx customers and had made deposits with the exchange. Using this information, the authors were able to identify several known wallet addresses that Quadrigacx uses to store or send bitcoins.
36aenge8ZXwjRxHvtbt3HkvJRzxPNnMfeY
3Hz4NRi2fMZkUrfJXUbYygi5zoo86QXGg6
3FtVrDgvnhfAiGNHKazmjNwC7kBbT9fktX
3L4QYoGJfocATAHQz5SXB+FHWbNbMhQjEdA
358ugsYE2hKDr8Bcyob5TUXgc5n5FHxtjj
3HVkrkZj7YNscV6KrtaSpWPSGVqVum6RAR
3FYCpaMxvZ5dX8VCyUwcTkuCvteAUgys3c
3Bei6hrKrsbE2NTg9gNXwRP6EVPmYcZ7Zx
3LZfJoPiZGUt5cDAsFwibVFLyjMbq1H2Us
33x4GqFGJi4fu3WEKNk7qQ6bF3uzyATqS8
39b59sQb4azPuUdoEXtUL7K2QQLQzC9knT
3Q8KJEBP58wVK4RDgeuPAKgi5vZQHcUAYu
3HyNBSg8HjbxUuycfiJ8cU4dfNTYeSrGpA
3J1ywusNW48i9qAWGeXwh4CURii7ieoZUv
3NAWo2VV2XSmxckfG8xinrtJ46queEp1w7
35gtPDp3nvACjLPFg2PC1mXsgfaoYYjFSX
35r88wsFESp4CXmwKRnXPykTARwWnVH1sq
3JEasHVpmkn9Vivf1KEhJEXJjrGF1KejpJ
3MNaurs8trMJmJwZewSB1gY7dmDgCziris
335hbW2xXygr7rrmoddchYjchzykiYtELw
3LGgMA2uw6VWyCQ8U2dM6GAaNAKzRr9Wrr
34hoZWYmv4WnoUDzV4BQvvFAcwUbL54G5X
36qBVXUpZB8ByHo1cqEyTSRa9V3bSrLdXa
3PssBQxdXoq2HLrD8W56QZNi7eH2vko4mB
3KYEyqY2av6PzbAKwJvLsT4wKRPrnsV8Mu
35pnEcngU5SnRViZNHiAFRqUuXAWJtVBhD
3FWxEN9ebgnbCvZqLK6mbmZ5f8PAtT4nEJ
35k2kwnn1Uhk55ZCVUzRpWKrdGeNobYsHm
3MVfvS31Si4oiK8sTn5TuHt59bQyZUoebM
34jprabSiFXPiFuDBmzzVwf2B19MiUU6Ld
3L5t5tzjsgqRbdWVdgBNTQJM48LhhSMf7o
Once these initial addresses used by Quadrigacx are verified, they are used as a baseline to verify all additional information submitted by the entire community.
For the sake of anonymity, this report omits the identities of all those who provided information to this effort.
The above addresses (and a few others) have been kept by the authors in an Excel spreadsheet and will be published shortly.
In this research, WalletExplorer (website) is the research basis of this report. The nice thing about WalletExplorer is that its original creators know the structure of Hierarchical Deterministic (HD) wallets from many of the most popular wallet providers.
first level title
What is a Hierarchical Deterministic (HD) Wallet?
HD wallets are made by wallet providers and they have the added feature of generating/creating millions of different wallet addresses. The purpose of these wallets is to help enhance the security of users by providing them with a different, unique wallet address for every transaction they make.
image description
Given the greater likelihood that Quadrigacx uses such wallets to manage its exchange client funds, it would be futile and unfeasible to track each wallet individually.Automatic Bitcoin Address Clustering》
However, walletexplorer.com is able to prevent this time expenditure.
This is through a process called address clustering that associates wallet addresses with related transactions. For the specific principle of this technology, you can check its paper
first level title
The main hot cluster wallet addresses for Quadrigacx are determined to be:
This finding was further strengthened and validated by using transaction information from dozens of customers who provided more than 100 Bitcoin transaction IDs, deposit and withdrawal wallet addresses.
Each of the wallets listed above, either sent directly to the aggregated address, or at least some of the deposits were sent to the aggregated address at some point in time.
first level title
None of the withdrawal addresses provided by customers can be considered as cold wallet addresses.
The starting number (3) of the wallet address indicates that the wallets used by Quadrigacx all have multi-signature functions. However, it is unclear whether this security feature has been deployed. After analyzing the aggregated addresses, there is no indication that Quadrigacx ever held significant capital (>100 BTC).
As can be seen from the deposit information provided by customers, Quadrigacx likely never held enough BTC to cover customer funds. In the next section, the customer withdrawal information related to the exchange’s BTC transaction reflects that Quadrigacx may have used the method of breaking the wall to deal with customer withdrawals.
first level title
Client withdrawals from Quadrigacx
After verifying the aggregated addresses, an attempt is made to locate the existence of potential cold wallet addresses.
In order to do this, the authors of this study also extracted important information from customers about their withdrawals at Quadrigacx.
256d6e5c6b549f4a1a3640e591fd07782115cd5d7037689a24c2cfba4812
ce754512ae789f630399524477e7cfab8059dcb81130fd9d95fee898118d9d4a
20c3a34539964e5e13116ec48520f7835ca7c49fe1693f1c2e17abcf96a54f35
43764980ce045528e4c3297b737c97368925ecb67efda7514a09362899bdec68
fed9ab175eefe90aa3635c8986c45f50063459050c003c34061d98312ac6feb3
d3b8c635bd070211df6d9129af5aeb6cc2b46220b68c27b362aae84d8df6130d
18504732321d6478acd3c91f01096eac6bd327528ab54f4fca6ed162fa7e22e9
cbe6ab34a527b8a90a227f2ccab84e98c6ed1438f8c5e02db069c8ff0dc66d13
88f92e37b564c6f7a172b87cb5e5c377334a189722886d0f4a5fb24782af59fd
6bf41d5ebbc927ded85d202ddd0d1bd837e944868eee8c24e5a10c0d8e3858c2
Lets start with a batch of withdrawal transaction IDs submitted by Quadrigacx clients. Again, this information was independently verified through blockchain analysis by examining timestamps, reported amounts, and transaction flow to known wallet addresses on the Bitcoin protocol (especially those wallet addresses clearly identified as belonging to Quadrigacx).
List of withdrawal transaction IDs (examples of verified transactions, not the entire list of transactions received and cross-referenced)
The above 10 transaction IDs were selected from dozens of verified transaction IDs sent by former customers of Quadrigacx Exchange, which have also been independently verified.
first level title
Analyze Withdrawal Transaction ID (Bitcoin)
To better understand the method Quadrigacx uses to send requests to clients to withdraw bitcoins, we will look at the first transaction provided above (2e31256d6e5c6b549f4a1a3640e591fd07782115cd5d7037689a24c2cfba4812)
If we go to walletexplorer, and enter this transaction ID, we will see the following results:
Customers who request to withdraw, apply to withdraw the amount of 0.32737521 BTC in the above transaction.
For convenience, this is annotated in the screenshot below:
Of particular note in the screenshot above is that funds were sent from a cluster address that was created no more than 4 hours ago.
The first amount shown in the transaction log [72714eea7af9c022] for this cluster address is negligible (0.00679BTC). But the second (1.20771943 BTC) was different.
Therefore, the cluster wallet was traced.
Here is the blockchain proof:
https://www.walletexplorer.com/wallet/05e981e66fadc1f0; this is another cluster address with a relatively small number of bitcoins (1.20811207 BTC). The last currency inflow to the wallet was on September 28, 2018.
https://www.walletexplorer.com/wallet/f69188b0061ce118; the cluster address only contains 0.37663 BTC, which was traded to this cluster address on February 23, 2018;
https://www.walletexplorer.com/wallet/1e0b3f0013f2b2b; this link was derived after the only incoming transaction found in 2.
3 of them are the most interesting as it doesnt appear to be the customers personal wallet. This is indicated by researched and verified wallet identities, numerous cluster wallets identified as belonging to other exchanges.
Further analysis of the cluster wallet address revealed that it was receiving funds from individual wallet addresses belonging to customers, or from customer accounts on different exchanges. This conclusion was reached by analyzing the cluster addresses that sent funds to the aforementioned cluster addresses. Transaction patterns in these wallets largely match confirmed customer wallet addresses.
The above analysis concluded that monolithic cluster wallets that granted client withdrawal requests (72714EEA7AF9C022) could only do so after remitting funds from other clients who had deposited to the exchange.
More specifically, the exchange appears to have attempted at one point to create separate cluster wallets for clients, only to find itself in a situation (closer to late 2018) where client funds originally distributed to others ended up being redirected to Compensate new clients for requesting withdrawals.
This fact proves that the specific Tx analyzed in this case (2E31256D6E5C6B549F4A1A3640E591FD0782115CD5D7037689A24C2CFBA4812) is the base point for checking how customers receive funds from the Quadrigacx exchange, which reflects the following:
Quadrigacx does not have designated hot and cold wallets to send funds to clients. Specifically, they were forced to pool funds from disparate, unordered locations to ensure successful withdrawals;
Since the funds came from various unrelated customer deposits located at different cluster wallet addresses, it is likely that bitcoins originally allocated for a particular customer had to be redirected to accommodate customer withdrawals.
It is worth noting that the above analysis is not necessarily guaranteed to represent the truth of QuadrigaCX.
However, when comparing its withdrawal practices to other known well-known exchanges (coinbase, bittrex, bitstamp, binance, etc.), this movement of bitcoin to meet customer demand is highly abnormal, and for any It is extremely inefficient for normal exchanges.
It’s worth noting that this withdrawal transaction took place in November 2018, during a period when the exchange’s financial and functional problems were at their peak.
Customer complaints corroborate this theory. While there have been numerous complaints from customers about the exchange’s failure to fulfill fiat withdrawal requests, further research into the exchange’s massive cryptocurrency withdrawal delays seems to confirm the above theory.
The following reddit article is a good example:
The last reddit thread shown above, specifically, shows some customers being forced to wait a significant amount of time for a response before receiving their bitcoins (sometimes up to a day).
QuadrigaCX CEOs Death Didnt Stop Exchange From Accessing Its Bitcoin Wallet
Quadrigacx recently released a statement (still on the website) stating that the team was looking for its Bitcoin Cold Wallet Private Key, but failing to find said private key, they were unable to fulfill customer cryptocurrency withdrawal requests .
The specific original statement is as follows:
The statement above does not attribute the failure to find the private keys to QuadrigaCX’s cold wallets to Gerry Cotten’s death, but this was stated in an affidavit by Gerry Cotten’s widow, Jennifer Robertson, later the same day.
Why is this claim under intense scrutiny?
As stated at the beginning of this analysis, the final IDs of Quadrigacx’s main cluster wallet addresses have been obtained through chain analysis and further corroborated by the analysis of hundreds of thousands of transactions to and from the exchange and its customers.
In light of the above information, it is worth noting that since Gerry Cottenns alleged death (December 9, 2018), the exchange has had several outbound transactions.
Here are many examples:
As shown in the chart above, Quadrigacx transferred about 3.53 BTC (worth about $12,381) from its platform from the night of January 24th to the 25th.
A natural rebuttal to this argument, of course, is that cluster addresses do not contain hot wallets.
hereHowever, it is worth noting that this cluster address contains over 200,000 wallet addresses used by Quadrigacx:
The Mt. Gox Connection and the Spooky Bitcoin Movement
here
A cluster address worth a lot of checking can be found:
We do not currently know what this wallet is used for, but it has received a large number of deposits from Quadrigacx’s main hot wallet cluster address.
From November 8 to December 8, the wallet received 760 BTC from the main Quadrigacx wallet address. It is not known what happened to these bitcoins or why they were transferred, but they are no longer in the cluster wallet address.
The cluster wallet was created on May 25, 2018, and since its inception, Quadrigacx has sent 3363 BTC to the wallet.
Mt.Gox Transfer
If you examine the links provided under the subheadings of this section, you will most likely see the following:
A total of 2,241 BTC came from this cluster address. It is unclear whether the specific wallet that deposited the Bitcoin funds into this address is directly related to Mt. Gox, however, this also appears to be another noteworthy observation.
first level title
Quadrigacx has repeatedly stated that it has cold wallets
Quadrigacx claims on its website that cold wallets do exist.
The message is as follows:
image description
Link to related article: https://support.quadrigacx.com/support/solutions/articles/9000139532-where-is-my-bitcoin-drawing-
image description
Archive link (in case original link gets deleted): http://archive.is/tkwbu
Specifically, If you have successfully entered your transaction password and email confirmation code to confirm the withdrawal of Bitcoin (XBT) from your account, then it will be sent within 10 minutes unless, for some reason, the hot wallet The balance is low and needs to be recharged, implying the existence of cold wallet reserves. Or a broader source of funding from which exchanges draw funds in the event that this hot wallet is starved of funds.
Gerry Cotten (former CEO and owner of Quadrigacx) has on record stated that Quadrigacx had utilized cold storage reserves
In an article previously reported by CoinDesk, Gerry Cotten, the former CEO and owner of the Quadrigacx exchange, said that the exchange had extensive security measures, but according to the latest report, the company said the founder died in India nearly two months ago.
An excerpt from the CoinDesk article follows:
As highlighted above, the key sentence to focus on in the CoinDesk article is: “Cotten went on to address Quadriga’s security advantages, noting that the exchange uses multi-signature cold wallets to protect customers’ bitcoins.”
Specifically, in recent days, a lot of people have focused on the multisig section, making the argument that speculation about Gerry Cottens death is moot since the multisig nature of the wallet would allow Quadrigacx to still be able to obtain their funds.
Speculation that Quadrigacx may or may not be able to access its cryptocurrency funds began in recent days, as Quadrigacx claimed they were unable to fulfill customer withdrawal requests because they no longer had access to their cold wallets.
A recent court filing by Quadrigacx also speculates on the existence of cold wallets.Scribdsuperior.
Specifically, information about the so-called QuadrigaCX cold wallet can be found in the Jennifer Robertson (reportedly wife of the late CEO Gerry Cotten) affidavit filed with the Province of Nova Scotia on January 31, 2019 (Canada) Supreme Court to facilitate Quadrigacx petition for court protection from creditors.
The full affidavit was posted at
superior.
Specifically, the following statements (on page 5 of the affidavit) are relevant to this section:
“Any coin credited to a user on the platform is stored by Quadriga, either in a hot or cold wallet. Coins withdrawn by a user will be stored in a wallet controlled by that user.”
Quadriga only keeps a small amount of coins on the server (in a hot wallet), and the usual procedure is that Gerry will transfer most of the coins to the cold wallet to protect the coins from hacking or other virtual theft.
The number of coins on the server and the number of coins in the cold wallet was initially set to a fixed amount. The transfer can be done automatically or manually. The threshold requirement for the Quadriga hot wallet was removed some time ago. After that, Gerry manually controlled Flow between hot and cold wallets of coins credited on the platform.
“There is no defined standard in the cryptocurrency industry on how to store coins, but normal practice for any exchange or person trading in cryptocurrencies is to store coins in cold wallets for security.”
The database will track users, and there are currently approximately 363,000 registered users in the Quadriga database. As of the date of filing this affidavit, approximately 115,000 users of the Quadriga website (the Affected Users) hold balances in their personal accounts representing Quadrigas An obligation to pay affected users in the form of: (i) a cash obligation; or (ii) an obligation to hold units of cryptocurrency on their behalf. Quadriga currently owes affected users $70 million, plus cryptocurrency, at a cumulative valuation (based on Cryptocurrency market pricing as of December 17, 2018) was approximately $180 million. As of December 17, 2018, the total debt due to affected users was approximately $250 million.
As of January 18, 2019, the following cryptocurrency balances were recorded - Bitcoin: 26488.59834, Bitcoin Cash: 11378.79082, Bitcoin Cash SV: 11149.74262, Bitcoin Gold: 35230.42779, Litecoin: 199888.408, Ethereum: 429966.0131.
first level title
Proved (for now) by blockchain analysis, Quadrigacx’s claims are false
In order to protect the authors of this study (legally) from any potential legal ramifications, it must be stated that the following statements are not asserted as empirical truths, but are the authors opinion based on analysis independently conducted. To the best of the authors knowledge, these statements are not defamatory, but serve as a research-based accurate statement.
Potential falsehood 1: QuadrigaCX has cold wallets
Based on an analysis of dozens of aggregated wallet addresses and transaction IDs for Bitcoin withdrawals and exchange deposits, there is no evidence that Quadrigacx’s cold wallet currently exists.
None of the withdrawal transactions originate from large pools of bitcoins (i.e. cluster addresses) that are not (objectively) confirmed as belonging to another exchange.
Potential False 2: QuadrigaCX owns 26,488 BTC
Again, through a thorough check of dozens of verified bitcoin withdrawals and deposits, the total number of bitcoins held by Quadrigacx is estimated to be around 1000 BTC, a very generous estimate here.
Through analysis, most of the funds in the wallets and addresses owned by Quadrigacx have been transferred to an exchange.
first level title
