a newsletter by Molly White
Sign in Subscribe

Issue 9 – How the mighty are falling

FTX goes from rescuer to rescuee, stolen Bitcoin is seized ten years after the theft, and a "whitehat" hack may not be so whitehat

Issue 9 – How the mighty are falling

I am pleased to report that I have returned from Portugal, where I was attending and speaking at the Web Summit conference. I survived being separated from my beloved dog, who himself had a lovely time staying with a friend of mine, and was properly spoiled in my absence. I am currently operating somewhere about halfway between Lisbon time and my usual schedule, which is actually kind of nice as someone who is not normally a morning person.

At Web Summit, I gave a talk on the Crypto stage titled "Is Web3 bullshit?" It was standing room only!

I've published a transcript for those of you who prefer that format, and the video is also subtitled.

Earlier that day, I joined fellow crypto skeptic Ben McKenzie on the main stage, along with Charles Hoskinson (co-founder of Cardano and Ethereum). The theme of the discussion was "is the crypto downturn a growing pain, or exposing irreparable weaknesses?". The one thing the three of us all strongly agreed on (backstage afterwards) is that twenty minutes is definitely not sufficient to allow for substantial discussion on these topics.

Last week was the calm before the storm in crypto-land, with a relatively uneventful week leading up to all hell breaking loose this week.

The biggest story is FTX, which in the blink of an eye went from being a giant in the crypto space who was bailing out other collapsing firms during the crypto downturn to itself needing a bailout. Rather than try to fit all of that context into this usual recap issue, I will make that the topic of my first deep dive issue, which will follow quite shortly after this one. I'll shelve the other deep dive that I was working on for the moment, as this one is much more timely, and the other can wait.

In the meantime:

In the courts


In a Celsius bankruptcy hearing on November 1, the judge instructed the independent examiner and the creditors committee to decide which of them will lead investigations into whether Celsius operated as a Ponzi scheme. The creditors committee is looking into this question already, whereas the examiner is considering some factors that would be relevant, but would need to expand the inquiry a bit.

On the one hand, creditors and Celsius are both concerned with the time and cost that would be added if the examiner broadened her inquiry to answer this question. However, the judge pointed out that the examiner addressing that question might be quicker and less costly than the many state regulators who are also likely interested in the answer.12



Before I started researching crypto, I spent a lot of time writing Wikipedia articles about alternative social media platforms that were popular among the far right. (Yeah, I've got a lot of weird hobbies.) One such project that I wrote about was LBRY, which is a blockchain-based protocol that's primarily used to power video sharing projects (most notably one called Odysee).

Like many social networks that promote themselves as "free speech platforms" with little moderation, they became a fairly popular choice for far-right extremists, COVID conspiracy theorists, and various others who fell afoul of YouTube's content moderation.

Anyway, one feature of the platform is its "LBRY credits", which are crypto tokens that are used to charge viewers per-stream or collect tips, and which users earn through using the platform or inviting others to join. In March 2021, the U.S. SEC filed charges against LBRY for selling unregistered securities. LBRY embarked on a social media campaign to try to garner support among others in the crypto industry, claiming in April 2021 that "if LBRY loses this case, it will cripple the cryptocurrency industry and create huge disincentives to build these businesses in the United States". Unfortunately for them, a federal judge has just granted the SEC's motion for summary judgment, finding that "no reasonable trier of fact could reject the SEC's contention that LBRY offered LBC as a security".

LBRY has claimed that the language of the finding could set a precedent to "[make] every cryptocurrency in the US a security", which… well, sounds about right.

Silk Road theft


The U.S. Attorney's Office for the Southern District of New York announced that they had convicted James Zhong for a 2012 theft of around 50,000 Bitcoin from the Silk Road marketplace. At the time, Bitcoin traded for between about $10 and $12.50, so the theft amounted to $500,000–$625,000 (assuming the thief had been able to cash out that amount of BTC). By the time the USAO seized the stolen coins in November 2021, which was also at Bitcoin's peak price, they would have been priced at around $3.36 billion. Today they're priced at closer to $1 billion.

Although the USAO's press release is very self-congratulatory about the "state-of-the-art cryptocurrency tracing and good old-fashioned police work" that went into apprehending Zhong, Protos reported that the man had called up a police department in Georgia to turn himself in.

Although the government might normally return seized Bitcoins to the entity from which they were stolen (as may happen with the recovered Bitfinex Bitcoins), the government has filed a motion in United States v. Ulbricht to grant them ownership of the coins, since the Silk Road's founder is currently serving two life sentences plus forty years for crimes pertaining his operation of the project.

In government

The U.S. Treasury Department rewrote the sanctions on Tornado Cash that were initially implemented in August. They've now added explicit allegations that the service has been used by North Korea to help generate revenue for DPRK weapons of mass destruction and ballistic missile programs.

They also added a section to their FAQ about the sanctions to argue that the "person" designated as the sanctioned entity refers to the Tornado Cash organization. They wrote, "OFAC has not designated Tornado Cash's individual founders, developers, members of the DAO, or users, or other persons involved in supporting Tornado Cash at this time. However, all Tornado Cash property and interests in property are blocked, and U.S. persons cannot transact with Tornado Cash or deal in its property and interests in property, absent authorization from OFAC."

The latter part may be a reaction to the challenges that have been filed in court in relation to the sanctions. One of the lawsuits (PDF), filed by Coin Center et al., balked at the Treasury's designation of Tornado Cash as a "person": "The term 'person' means only an 'individual or entity.' It does not cover an idea, a tool, or a technology."

The Web3 is Going Just Great recap

Note: If you're an avid follower of the W3IGG site and don't need a recap, you can scroll on past to the "In the news" section.

There were 12 new entries between November 1 and November 8, averaging 1.5 posts a day.

Big Bitcoin miners continue to falter


It's a tough time to be running a Bitcoin mining business.

In the past few months, two major Bitcoin miners have either filed for bankruptcy (in the case of Compute North) or warned they may have to (in the case of Core Scientific, who made the newsletter last week).

Now, Iris Energy is the latest to signal that they're in trouble, reporting that they are close to defaulting on the remaining $103 million in principle on loans they used to buy Bitcoin mining rigs. Bitcoin mining machines devalue extremely quickly, so selling off the machines isn't a particularly viable strategy—Iris estimates they're worth somewhere in the $65–$70 million range. But the machines also aren't mining enough Bitcoin to keep the ship afloat—they produce around $2 million in gross profits, which is substantially less than the $7 million a month Iris is paying in loan payments. Uh oh!

Skyward Finance throws in the towel after a hack


The NEAR-based project Skyward Finance suffered a $3.2 million hack following a "relatively simple" smart contract exploit that somehow took over a year to be discovered.

Unlike many projects, who insist they will be able to recover from devastating hacks and try to keep the project afloat (often ultimately unsuccessfully), Skyward simply wrote: "the Skyward Treasury has been drained through a contract exploit, rendering the Treasury and the $SKYWARD token effectively worthless…. We recommend users to withdraw their funds safely where they can and for the community to no longer interact with Skyward."

Gala Games is exploited, or isn't, or maybe it is


Some people were pretty startled to see various headlines about "$X billion in GALA tokens" reportedly being stolen from Gala Games, a platform for distributing blockchain-based games. First of all, this was shoddy reporting, which failed to clarify that if a bunch of tokens are suddenly mistakenly minted on some blockchain project, that doesn't mean that USD magically materializes to back them.

However, Gala Games and pNetwork later announced that the hack had not really been a hack, but rather an orderly draining of liquidity to be returned to the project, after pNetwork discovered a vulnerability in a smart contract that could have allowed a malicious entity to steal the funds.

All was assumed to be well until the crypto exchange Huobi publicly claimed that the pNetwork "action is not a 'white hat' operation, but a malicious hack driven by profit and bad faith." They allege that pNetwork profited more than $4.5 million from the operation, and that "multiple related addresses took planned and coordinated actions and made millions of dollars. Their combined profits are an excess of US$10 million, clearly indicating the purpose of the attack was to make profits."

pNetwork shot back that they had made no profits, and threatened to sue Huobi.

Everything else

  • Binance moves to bail out insolvent FTX [link]
  • Speculation emerges around Alameda Research and FTX solvency; Binance liquidates holdings [link]
  • Federal judge rules that LBRY sold tokens in violation of federal securities laws [link]
  • U.S. Attorney convicts individual in 2012 theft from the Silk Road, announces seizure of over 50,000 Bitcoin priced at more than $1 billion [link]
  • Pando exploited for $20 million [link]
  • Monkey Drainer steals dozens more NFTs, nets around $867,000 [link]
  • Oracle attack on Solend costs the project $1.26 million [link]
  • Rubic exchange private key compromised, token plummets [link]
  • Crypto exchange Deribit hacked for $28 million [link]

In the news

Fortune, "How a dodgy crypto influencer got rich on YouTube and Twitter—while the platforms and the SEC failed to act"

Zachxbt's stellar research laid the groundwork for a full-length Fortune article about the crypto influencer Lark Davis and his shady behavior pumping and dumping coins without disclosures. Davis came out swinging at Fortune, telling them "I don't have anything else to add about these BS allegations", but ultimately admitted that zachxbt's research was accurate and that it was "entirely possible" he hadn't disclosed properly. I'm quoted a bit towards the end, on the general phenomenon of crypto influencer pump-and-dumps.

Loved this post? Consider signing up for a pay-what-you-want subscription or leaving a tip to support Molly White's work, which is entirely funded by readers like you.