Shocking as Mt. Gox’s implosion has been, it’s not the only bitcoin exchange to fail and gobble up customer funds with it. Less than a week following the Gox bankruptcy, another exchange failed, as Alberta, Canada-based Flexcoin shut down citing the theft of 896 bitcoins worth approximately $600,000 at the time of the announcement. China’s GBL evaporated in November, taking with it $4.1 million in client deposits. Dozens of others also bit the dust. In fact, a 2013 study by a pair of researchers at Southern Methodist and Carnegie Mellon Universities determined that 45 percent of all bitcoin exchanges ultimately fail and leave customer deposits in limbo.
This is by no means an indictment of the underlying bitcoin protocol. Exchanges don’t fail because bitcoin is insecure, but rather because the proprietary code that their operators write and the security measures they implement are weak – that or their personal ethics are. Running an exchange can be highly profitable, as evidenced by the millions Mt. Gox reportedly earned in exchange fees, according to leaked financial documents. But the desire for these rewards often overshadows the technical requirements for operating one effectively. Hacking an exchange or exchange owners absconding with client funds is even more lucrative, as evidenced by the 850,000 missing Mt. Gox bitcoins now held by an unknown party (or parties).
That these hard lessons must be learned is a reality of a nascent market with low barriers to entry and high incentives – both for ethical and unethical participation. As PandoDaily’s Adam Penenberg noted earlier this week, this country (like others) has a three-century long history of costly bank failures that collectively led to the regulation and deposit insurance system in place today. Whether bitcoin can follow a similar path toward trust and stability remains to be seen, but it wouldn’t be unprecedented to see a financial market take its lumps early, learn from its mistakes, and emerge stronger for it.
Those who remain bullish on bitcoin argue that these unfortunate incidents are a necessary part of the crypto-currency’s maturation process and a cleansing of the ecosystem’s weakest players. With each exchange failure too comes learnings and best practices for other exchange operators and consumers alike.
For exchanges there are several big takeaways from Mt. Gox’s multi-year unraveling. First and foremost, the company’s apparent surprise at a two-year-long process of theft demands regular and rigorous deposit audits. Also, Gox’s failure to effectively implement “cold storage” – meaning that bitcoins are stored offline and thus inaccessible to remote hackers – further emphasizes the needs for industry-wide best practices and some form of review process (and maybe a seal of compliance), whether self-administered by industry or government led.
Above all else, radical transparency between exchanges (and other bitcoin service providers) and their users has never been more important. As I wrote last week, trust is key, and trust does not grow in the shadows. In this light, the anonymity of the founders behind BTC-e, which remains among the largest global exchanges, is all the more troubling.
Further, Gox’s run-in with the Department of Homeland Security underscores the importance of seeking regulatory permission rather than forgiveness. Exchanges and other bitcoin service providers have recently begun engaging with appropriate regulatory bodies, after years of shunning government involvement as counter to bitcoin’s anti-establishment underpinnings. For regulators too, recent events underscore the need to consider consumer protection as an equal priority with the need to prevent money laundering and tax evasion – of course, both should be balanced with the need to encourage financial innovation.
Consumers on the other hand should be more cautious than ever about leaving substantial deposits (either bitcoin or fiat currency) under the care of any third-party, particularly an exchange. That said, current best practices are to deposit only the currency you wish to trade at an exchange and keep the remaining funds offline or in a private wallet. It’s a less than ideal situation and underscores the need for more trustworthy institutions at the core of the bitcoin ecosystem.
Several well-regarded entrepreneurs and investors have entered the ecosystem in the last year, including SecondMarket, which is in the process of launching an institutional investor-focused exchange in New York, as well as leading VC firms Andreessen Horowitz*, Lightspeed Venture Partners, Union Square Ventures, and Funder’s Fund* which have backed Coinbase, BTC China, and BitPay.
The bitcoin ecosystem remains in flux, which is unsurprising given the relative age of the underlying technology. The promise of a distributed cryptology-based currency remains alluring. But for even a fraction of that promise to be realized the platforms, regulations, and consumer behaviors around bitcoin need to mature.
In many ways, bitcoin is a victim of its own success. Rather than getting the opportunity to mature slowly under the cover of a niche experiment among a few sophisticated participants, the explosion in popularity and attention has put bitcoin under the most unforgiving of microscopes. There’s no reason it can’t survive this inspection, but swift and meaningful changes will be required from all involved.
[* Founders Fund is an investor in PandoDaily as are Andreessen Horowitz Partners Marc Andreessen, Jeff Jordan, and Chris Dixon (each as individuals).]