a newsletter by Molly White
Sign in Subscribe

Issue 38 – The Wallet Event

Also: soccer scammers, Bitcoin tire fires, and a crash course in how to most clearly describe your NFT project as an unregistered securities offering.

Issue 38 – The Wallet Event

This week, even more than most weeks on the crypto beat, it feels like someone cranked the "absurdity" knob up to eleven.

Photo of the volume knob from Spinal Tap, except "Volume" has been replaced with "Absurdity"
It's such a fine line between stupid and clever. (This Is Spinal Tap)

In the courts

Sam Bankman-Fried

After first requesting more regular access to the Internet and more frequent meetings with his attorneys, Sam Bankman-Fried now wants out of jail entirely and to be returned to his parents' home. "Nothing short of that will suffice."1

He and his attorneys again speak of a deluge of discovery documents coming from the prosecutors, in quantities so vast that SBF can't possibly hope to properly review them before the trial begins in early October. This line of argument echoes their motions in limine that I described last week, where they asked for all evidence produced to their team after July 1 to be excluded completely from the trial.

The latest iteration of the argument is weakened somewhat by the fact that SBF didn't bother to show up to review discovery documents with his attorneys this week.2 According to his team, this is some kind of protest over the laptop he's being provided (which on one occasion had just one hour of charge left on the battery) and the poor Internet connection at his designated review location.

At a hearing, Judge Kaplan pointed out that his legal team could simply bring a backup battery to these meetings. "He wanted to bring papers [to the review meeting], but [wasn't permitted]. There's always something. We have no faith. We want temporary release." replied his lawyers.3 Judge Kaplan declined to rule on this particular point today, but it sounds like he'll decide over the weekend after getting more insight into SBF's actual circumstances at MDC Brooklyn.

Judge Kaplan also addressed the claims from SBF's legal team about the volume of discovery, describing them as "seriously exaggerated." He declined to exclude documents produced by the prosecution post-July 1 from being used at trial, as the defense had requested in the motion in limine, and also refuted the defense's claims that the prosecution had been gratuitously missing the deadlines they'd set: "The accusations of broken promises are not at all accurate. In January the government made clear it would obtain information on an ongoing basis."4

Tornado Cash

The Department of Justice charged two of the three founders of the Tornado Cash cryptocurrency tumbler (aka "mixer", aka "money-launder-o-matic") with conspiracy charges involving money laundering, sanctions violations, and operating an unlicensed money transmitter [W3IGG]. Both founders who have been charged are named Roman. One, an American, was arrested and then released on bail. The second, a Russian, is on the lam. The third founder is not a Roman, but rather one Alexey Pertsev, who's been facing charges in the Netherlands since last August [W3IGG].

The indictment features many incriminating-looking quotes from Signal chats between the three. It also features the quote: "regarding [Encrypted App] chats, we also have to bear in mind that law enforcement is reading them too and can use them against us later."

It also features quotes from investors at an unnamed "Venture Capital Fund-1", who dismissed the idea of creating a "compliant" version of Tornado Cash, and wrote, "I just don't know if anyone will actually want this. Market need seems quite thin. … It would be unlikely that as a fund we'd use a 'compliant mixer.' " Why a venture fund needed any mixer is, I imagine, a question the Feds are quite interested in answering.


Grayscale achieved a huge win in its battle to get the SEC to approve converting the embattled Grayscale Bitcoin Trust into a spot bitcoin ETF. After the SEC rejected their application in June 2022, Grayscale sued the SEC, and the D.C. Circuit Court of Appeals just sided with Grayscale in finding that the SEC did not "adequately explain why it approved the listing of two bitcoin futures ETPs but not Grayscale's proposed bitcoin ETP. In the absence of a coherent explanation, this unlike regulatory treatment of like products is unlawful."5

The Court vacated the Commission's order. This doesn't mean that the filing is approved, or even that the SEC has to approve the filing. They could still appeal the decision, or reconsider the request and then once again reject it under different reasoning (or more adequately explain whatever their previous reasoning was). But it does make the ETF's approval look a bit more likely.


On August 28, the SEC filed a sealed motion in its case against Binance.6 This is an unusual move from the SEC, according to former SEC enforcement attorney John Reed Stark.7 There aren't that many reasons they might do so, but he outlined two: it could be because information in the filing would put either Binance or a witness at risk, or it could be to avoid interfering with an ongoing criminal investigation. He suspects it's the latter. So do I, but I've got a lot less experience to base that on than he does.

Avraham Eisenberg and Mango Markets

Avraham "Avi" Eisenberg, the guy behind the October 2022 $116 million Mango Markets exploit [W3IGG], has been in custody awaiting trial since December [W3IGG]. In a recent court filing, authorities say that they stumbled across child sexual abuse material on a cell phone of his while they were searching it for evidence pertaining to the theft.8 Some think this is awfully convenient, and have suggested that the U.S. government may have planted the incriminating material.

Now, far be it from me to suggest that the government would never do such a thing, but I do think that it's a little unlikely they'd decide they needed to juice up the charges available to them on a guy who spoke openly about the theft he was planning, committed the theft, wrote a governance proposal trying to get the DAO to vote not to pursue legal action against him, used the tokens he stole to vote for it, and then publicly admitted to the theft in a Twitter thread where he acknowledged that he "operated a highly profitable trading strategy last week" which he "believed … [was] legal".9

Tweet by Avraham Eisenberg (@avi_eisen): What are you gonna do, arrest me?
An actual tweet by Avraham Eisenberg, posted a week after the Mango Markets exploit

The government's attorneys also seem to be enjoying themselves arguing that Eisenberg knew full well that his actions were in fact illegal, given that he filed a lawsuit in July 2022 against others who he alleged performed a similar market manipulation scheme.10

Businessman and Premier League soccer team owner Moshe Hogeg might face charges in Israel over an alleged $290 million scam he perpetrated in 2017–18. The police think he committed a whole slew of financial crimes under the guise of funding four separate crypto projects, instead pocketing the money.11

In another soccer/crypto crossover, Ronaldinho once again decided not to show up to a crypto fraud-related hearing in front of a Brazilian congressional committee where he was expected to testify. The case involves an alleged multi-million dollar fraud surrounding a project called "18kRonaldinho", which promised to pay out more than 2% daily in returns. Ronaldinho, the project's ambassador, has claimed he's a scammee here, not a scammer.12

In bankruptcies

FTX, BlockFi, and Genesis

Kroll, the third-party service used by FTX, BlockFi, and Genesis to allow customers to file claims in the respective bankruptcy cases, was hacked. An email sent to Genesis customers reported that data including names, addresses, email addresses, and claim details may have been exposed.

FTX wrote on Twitter that the compromised customer data was "non-sensitive",13 which is a pretty rich thing for them to say after arguing at great length that that very same data was so sensitive that it needed to be filed under seal in court.

FTX users almost immediately began receiving phishing emails claiming that FTX had enabled customers to withdraw their assets,14 which does at least lend credibility to FTX's past arguments that that was exactly what would happen if this data was exposed.

Email: "Withdrawals are available", with subhead "You have been identified as an eligible client to begin withdrawing digital assets from your FTX account."
Screenshot of a phishing email sent to an FTX customer shortly after the Kroll breach (Twitter)

Prime Trust

In finance, custodians have a one job: hold on to the assets.

Do not lose them. Do not do anything with them other than hold on to them. Give them back when requested.

Crypto custodian Prime Trust failed magnificently at their job.

Now that they've filed their first day declaration in the bankruptcy case, we have a little more detail as to how.15 As I mentioned in Issue 31, the company somehow lost access to a cryptocurrency wallet. In this new declaration, under a section header menacingly titled "The Wallet Event", the company outlines how the access problems stem from them losing their hardware wallet and the backup steel plate they'd engraved their seed phrase on, which they've now learned is just an amusing bit of security theater if you can't manage to keep track of it. Better yet, it leaves zero doubt to anyone who stumbles across the mysterious plate (and can do a web search) as to the jackpot they've just discovered. Personally, I'm looking forward to someone posting photos of the Cryptosteel plate to r/whatisthisthing, and the ensuing stampede as every Redditor tries to go get their hands on ETH that was, at least in early 2022, worth tens of millions of dollars.

"Cryptosteel" steel seed phrase storage mechanisms
Turns out that even a $100 steel plate "designed to survive Armageddon" isn't much help when you just lose the dang thing.

After learning of their predicament, Prime Trust employees then decided it would be a bright idea to use around $75 million in customer funds to satisfy withdrawals from those other customers whose funds were stored in the inaccessible wallet.

Dwarfed by the monetary loss from the inaccessible wallet, but thrown in just to add a little color to just how shady an operation this was, we also now know that the company lost $8 million in both customer and treasury funds to the May 2022 Terra/Luna collapse, because apparently the siren song of "risk-free 19% yields" was too much to bear. This was all happening at the regulated crypto custodian, let me remind you.

Anyway, back to the inaccessible wallet. It's not mentioned explicitly in the declaration, but if you map out the timeline of events, you'll realize that certain unnamed company employees discovered the wallet was inaccessible in December 2021, didn't tell their board until August 2022, and then the company didn't mention this to their regulators until September–November 2022.

Now, I don't claim to be an expert on regulators of crypto custodians, but I do know they have two big rules:

  1. Don't become insolvent
  2. If you do become insolvent, tell us immediately

So anyway, this should be a fun case to watch.

Other bankruptcies

Bankrupt BlockFi doesn't want to return over $5 billion in claims to bankrupt FTX, citing the "unclean hands" doctrine. They also don't want to return the $400 million loan FTX extended to them as BlockFi was floundering in June 2022. According to BlockFi, "FTX's unsecured, interest-deferring, subordinated 'loan' to BlockFi was, in reality, a gamble that the up to $400 million cash infusion would sustain BlockFi until the crypto markets stabilized." If you ask me, they were all gambling and they all have unclean hands, but we'll see what bankruptcy courts think.16

An ad hoc group of lenders to the bankrupt Genesis are crying foul on the tentative deal between Genesis and its parent company DCG. The deal basically amounted to DCG saying "fine, fine, so we couldn't pay off the hundreds of millions in loans that were due months ago. Here are two new loans for slightly fewer hundreds of millions that we definitely will be able to pay off. In exchange for promising to pay you less eventually, you'll promise not to sue us. Deal?"17

Some holders of Celsius' CEL tokens think that these tokens should be valued at $0.80, which was the price at the time Celsius filed for bankruptcy. Sadly for them, there's a massive amount of evidence suggesting that Alex Mashinsky and other executives at Celsius were manipulating token prices up as hard as they could.

Also, someone tried to see if they could get the judge to declare that the CEL token isn't a security. The judge, probably wisely, got out his ten-foot pole and said "take it up with the SEC".18

In Binance

The Wall Street Journal published an article on August 22 alleging that Binance was knowingly helping Russians evade sanctions, handling "substantial" volumes of ruble trading in the process.19 In rapid succession, the company announced it would be cutting off five sanctioned Russian banks that it claims it didn't realize were listed on its peer-to-peer platform,20 then the Wall Street Journal reported that Binance was considering a "full exit" from Russia.21

Mastercard pulled the plug on a partnership with Binance to issue crypto-funded debit cards in Latin America and the Middle East. Binance says it's no big deal, because no one was using them anyway. This move by Mastercard echoes a similar action by Visa last month, in which Visa ended a partnership with Binance to issue cards in Europe.22

In other crypto news

BitBoy Crypto, now with 100% less BitBoy. I, along with what I assume is a large percentage of the other people out there who are familiar with this crypto influencer and shitcoin shiller, discovered this week when the business decided to fire him that BitBoy Crypto is not synonymous with Ben "BitBoy" Armstrong. For those lucky enough to not be familiar, Armstrong is someone whose poor reputation among us crypto critics may only be surpassed by the distaste for him broadly felt within crypto. He's come up once before in this newsletter, when he decided to sue a YouTuber for calling him a "dirtbag influencer", then dropped the charges after realizing he'd made a terrible PR mistake. Armstrong says his firing is a "coup";23 his company alleges that he "relapse[d] into substance abuse", and claims he perpetrated "emotional, physical and financial damage" on employees and the network's fans alike.24 Armstrong, who is open about his past addiction to methamphetamine and who previously worked as an addiction counselor, posted the negative results of a recent drug panel on Twitter.25 Anyway, who's to say what's really going on here. In my view, it's about as likely as not that this is a publicity stunt by a man who's known for his attention-grabbing and often misguided stunts.

Until recently, bitcoin has always been more of a metaphorical tire fire than a literal one. That could change if the Pennsylvania-based Stronghold Digital Mining wins approval from the state's Department of Environmental Protection to burn tires as fuel for its bitcoin mining rigs.26

CTO Paulo Ardoino of the notoriously dishonest Tether decided to tweet a photo captioned "One of Tether energy production and Bitcoin mining sites coming along well."27 The building in the photo featured a Tether logo somewhat incompetently photoshopped onto the side, which was quickly noticed by just about everyone who happened to see it.

Tweet by Paolo Ardoino: "One of #Tether energy production and #Bitcoin mining sites coming along well." The tweet includes a photo of a green building appeared to be made from a shipping container, with the Tether logo amateurishly photoshopped on the side.
Tweet by Paolo Ardoino

This led Ardoinoo write a massive, incredibly defensive tweet28 about why he lied, but only just a little bit, you see.

We tend to not share exact locations to avoid personnel harassment, a valid concern given the amount of detractors obsessed with Tether.  You can almost hear some of them screaming: "NOOOOOOOO if you don't tell us the address, zip code, surname of the cow that is eating the grass nearby, then it's not real!!!!!"  Then why the logo was overimpressed? We thought that the photo would have been shared on newspapers so the team wanted to brand it. And in fact this is exactly what happened. Moreover, putting gigantic Tether logos would not be great from physical privacy of the site point of view.  It has been quite entertaining to follow the "GOTCHA!!" moment of some paid groups, desperately hoping to have found the holy grail of their anti-Tether theories, as if companies would not usually put their logos on things they build. "NOOOOOOOO!!! If it's not real paint then the entire thing does not exist!!!"  So does it make it less real? No. It's really happening.
Ardoino, CTO of a stablecoin that claims to be worth over $80 billion, having an extremely normal one on Twitter (tweet)

The parent company of OnlyFans recorded an $8.45 million impairment after deciding to sink $20 million into ETH. Oops. I doubt they're losing too much sleep over it, though, after recording over $1 billion in revenue.29

The Web3 is Going Just Great recap

There were 12 entries between August 21 and August 30, averaging 1.2 entries per day. $27.34 million was added to the grift counter.

Criminal steals $50,000 in seized criminal funds


After the U.S. DEA seized $500,000 in stablecoins from accounts alleged to have been involved in drug trafficking, a criminal "seized" $50,000 of it for themselves. Using a common scam tactic called "address poisoning", the scammer took advantage of the unreadability of crypto addresses and the resulting habit of copying-and-pasting them from transaction history to trick a DEA agent into sending the funds to them instead of to the US Marshals, as intended.

Whether or not they knew it was the US government they were scamming for a relatively paltry $50,000 is a different question, and the FBI are already on the case.

Impact Theory provides a blueprint of how to most clearly describe a project as an unregistered securities offering


  • "Imagine that you could've gotten in on Disney when they were doing Steamboat Willie"
  • "Its like handing 20$ to Mark Zuckerberg in his dorm room"
  • "This is like being offered to invest in a booming company when they're Series A."
  • "Its like investing 10k with a 300k upside, for a small risk."
  • "Buying [our NFT] is like investing in Disney, Call of Duty, and YouTube all at once."

These are all things you probably shouldn't say unless you want the SEC to think you're marketing your NFTs as investments in a company and its future success.

These are also all things that Impact Theory wrote about its "Founder's Key" NFTs, which gave holders access to self-help content that supposedly taught viewers how to "unlock their potential and pursue greatness".

Perhaps next they will publish a series about how not to end up having to pay $6.1 million to settle with the SEC. They can at least claim to be trailblazers, as this is the first SEC enforcement action in which the agency alleges an NFT project is an unregistered securities offering.

Balancer warns of critical vulnerability, then gets exploited for more than $2 million

[link, link]

The Balancer protocol asked users with funds in some of the project's liquidity pools to withdraw them, citing a "critical vulnerability". Because it's crypto, Balancer can't simply patch the impacted code, and so they were left trying to contact anyone with money in the platform to get them to remove it. Fortunately for them, it was only a small percentage of the total value locked on the platform; unfortunately, the platform's TVL is massive, and it was still a substantial amount of money.

Several days later, attackers began exploiting the vulnerability, ultimately draining more than $2 million from the project. This is still considerably less than it might have been had the project not issued their warnings and succeeded in getting people to withdraw funds, but it did lead some to question why Balancer did not execute a whitehat attack against their own platform to try to safeguard remaining vulnerable assets.

Everything else

  • Clockwork project to shut down due to "limited commercial upside" [link]
  • NFT collector SOL Big Brain loses around $1.5 million to phishing scam [link]
  • Magnate Finance rug pulls for over $5.2 million [link]
  • Members of $PEPE team allegedly dump $16.9 million worth of tokens [link]
  • Former New Jersey prison guard charged by SEC over crypto pump-and-dump scheme targeted at cops [link]
  • DOJ charges two founders of Tornado Cash, arrests one [link]
  • Victim loses $900,000 to Google Ad phishing [link]
  • SEC cracks down on Titan crypto investment manager for advertising 2,700% returns [link]

In the news

Hyperallergic. "The Only Good Part of NFTs Is Being Phased Out".

I spoke to Elaine Velie for her article about OpenSea dropping creator royalty enforcement on their platform, and how the "NFTs are good for small creators" story we heard so much of during the NFT boom was largely just marketing.

Worth a read

Wired. "Sex Workers Took Refuge in Crypto. Now It's Failing Them"

Wired wrote about how the promises made by some crypto advocates to sex workers have not panned out. "The efforts of sex work advocates are better invested ... in campaigning for new laws that would make it illegal for banks to discriminate against sex workers on the basis of their profession, than in developing an alternative financial system," an employee of the Free Speech Coalition sex worker and free speech advocacy group told Wired.

Relatedly, the ACLU just filed a complaint to the FTC, asking for an investigation into Mastercard's discriminatory policies affecting online sex workers.

Techdirt Podcast. "Decentralizing Content Moderation".

Mike Masnick and former Twitter Trust & Safety lead Yoel Roth talk about online content moderation, and some of the specific challenges that come into play with decentralized social networks like Mastodon, BlueSky, or Nostr. I found this conversation absolutely fascinating, and it really gave me new perspective on the incredibly complex dilemmas that people working to design online moderation systems and policies have to tackle.

That's all for now, folks. Until next time,

– Molly White


  1. Letter filed on August 30, 2023. Document #240 in United States v. Bankman-Fried.

  2. Letter filed on August 29, 2023. Document #238 in United States v. Bankman-Fried.

  3. Tweet by Inner City Press.

  4. Tweet by Inner City Press.

  5. Opinion filed on August 29, 2023. Document #2014527 in Grayscale Investments LLC v. SEC.

  6. Sealed motion filed on August 28, 2023. Document #102 in SEC v. Binance.

  7. Tweet by John Reed Stark.

  8. Memorandum in Opposition to Motion filed on August 25, 2023. Document #36 in United States v. Eisenberg.

  9. Tweet thread by Avraham Eisenberg.

  10. Memorandum in Opposition to Motion filed on August 25, 2023. Document #36 in United States v. Eisenberg.

  11. "Police seek charges in cases against crypto businessman Moshe Hogeg", The Times of Israel.

  12. "Ronaldinho fails to testify in crypto scam probe, faces possible arrest in Brazil", CoinTelegraph.

  13. Tweet by FTX.

  14. Tweet by zachxbt.

  15. Affidavit/Declaration in Support of First Day Motion filed on August 24, 2023. Document #14 in In re: Prime Core Technologies Inc.

  16. Objection filed on August 21, 2023. Document #1376 in In re: BlockFi Inc.

  17. "Genesis Lender Group Opposes 'Wholly Insufficient' DCG Deal", CoinDesk.

  18. Order RE: Motion to Allow filed on August 25, 2023. Document #3359 in In re: Celsius Network LLC.

  19. "Binance, the Biggest Player in Crypto, Is Facing Legal Risks Over Russia", The Wall Street Journal.

  20. "Binance Delists Sanctioned Russian Banks From Peer-to-Peer Service", CoinDesk.

  21. "Crypto Giant Binance Considers Russia Exit", The Wall Street Journal.

  22. "Mastercard ends Binance card partnership in latest blow to crypto giant", CNBC.

  23. Tweet by Ben "BitBoy" Armstrong (the person).

  24. Tweet thread by BitBoy Crypto (the company).

  25. Tweet by Ben "BitBoy" Armstrong.

  26. "Pa. crypto plant wants to burn tires; environmental advocates ask regulator to say no", StateImpact Pennsylvania. NPR.

  27. Tweet by Paolo Ardoino.

  28. Tweet by Paolo Ardoino.

  29. "OnlyFans parent firm loses millions on ether investment", Protos.

Loved this post? Consider signing up for a pay-what-you-want subscription or leaving a tip to support Molly White's work, which is entirely funded by readers like you.