Invest: New ways to take money from the dumb in Crypto

Posted by

The appeal of crypto for traditional high-tech trading firms is real. 

The appeal is in very important part intellectual: You have spent years mastering the complexities of market structure and making invisible incremental improvements, and then one day you get an entirely blank canvas on which to make up a whole new market structure; if you’re a person who loves market structure this just has to be more fun than the incremental stuff.

But of course the appeal is also in very important part financial. So much dumb stuff happens in crypto, and if you are a smart intermediary that dumb stuff is your profit margin. Crypto markets are lightly regulated and brutally Darwinian, and every day the smart find exciting new ways to take money from the dumb. The returns to the smarts are very high.

There is a small tension between these points. If you are intellectually ambitious you will want to build cool new stuff that has never been done before; you will want every day to be an adventure of discovery. The attraction of leaving traditional finance for crypto is that you have learned everything worth knowing about your corner of traditional market structure and now you want to learn new things. In your corner of traditional market structure you were maximally smart, having learned from long experience in a competitive business. In crypto you are … very very smart, yes, with lots of relevant technological and markets knowledge that you can apply in new contexts, but perhaps imperfect. You are doing new ambitious stuff. You might get a teeny thing wrong here or there. And crypto has built an incredibly efficient system to punish that!

For instance:

Wormhole, a communication bridge between Solana and other decentralized-finance blockchain networks, said all funds have been restored and the platform is back up after hackers stole about $320 million in cryptocurrency.

The online thieves made away with 120,000 wETH, or so-called wrapped Ether, the project’s team said on Twitter Wednesday. On Thursday morning, the team said “all funds have been restored,” without specifying the source of the funding. Earlier, the project pledged to add Ether to ensure the wETH is backed one-for-one. 

The vulnerability has been patched, Wormhole management said on the project’s Telegram channel on Thursday, reassuring users that funds are safe. It added an official statement and incident report would be issued in due course. …

Wormhole developers offered the hacker a $10 million bug bounty for exploit details and the return of the funds.

Jump Trading Group announced in August that it bought Certus One, which helped develop Wormhole. Jump has said it is a founding code contributor to Wormhole. Certus One offers infrastructure services for proof-of-stake blockchains and has been an active participant in decentralized networks including Cosmos, Terra, Solana and next-generation Ethereum.

Jump is a leading high-frequency trading firm that has gotten very into crypto. It is not clear where the money came from to restore the stolen funds, but the obvious speculation is that it might have come from Jump. (“A representative for Jump Trading didn’t respond to a request for comment on Wednesday.”) Here is a Twitter thread explaining the exploit, and here is a report that the vulnerability was discovered and a “fix was pushed to GitHub a couple weeks ago but not deployed. So the attacker found the exploit by scanning the commits to GitHub.”

Incidentally this is sort of a nice metaphor for the fact that an apparently huge source of alpha in crypto consists of:

  1. There is a mistake.
  2. People notice the mistake and try to correct it.
  3. Because crypto is all open-source and on the blockchain, you can see them trying to correct it.
  4. Because crypto effectively conducts auctions to decide whose transactions go first, you can jump ahead of them in line and exploit the mistake before they can correct it.

The attempts to correct the mistake are what tip off the exploiters. The classic “Ethereum is a Dark Forest” story is an example of this: Someone noticed a flaw in a smart contract, but any effort to correct it would tip off arbitrage bots who would front-run it. We talked the other day about a bug in OpenSea that caused some people to sell their non-fungible tokens for less than they were worth under old, un-canceled listings; the obvious fix when this was discovered was to cancel your old listings, but people who tried to do that also got front-run.

Anyway I guess the point is that if you get into trading and building market infrastructure in crypto, some days the money will vanish and you’ll have to stump up $300 million to cover customer losses and maintain confidence in your market, and it will be worth it. That’s a good sign for how lucrative it is on the other days.

Author