OKEx denied using a single signature Bitcoin cold wallet after the exchange stopped all withdrawals since October 16, according to reports that we have in our blockchain news today.
OKEx suspended withdrawals after the founder of the exchange was taken away by the police. Rumors went on by that the exchange was using a single signature Bitcoin cold wallet. OKEx denied using it and pointed to its security policies. The exchange paused the withdrawals but said that the source for a story purporting to be from Chinese news outlined is not accurate. The story spotted by Sino Global Capital CEO Matthew Graham claimed that the exchange relied on a single-signature bitcoin cold wallet. This would be an important development given that the exchange paused withdrawals after the founder Xu Mingxing who is a private key holder was taken by police earlier this month.
I’m deleting this tweet because it may be photoshopped, I’m sorry about the FUD https://t.co/Szs4luBUgM
— Matthew Graham (@mattysino) October 29, 2020
While it still remains unclear what has to happen for withdrawals to resume, a spokesperson said that it could not “reveal any information that may put our users’ funds at risk” but it is likely that the story is not true after all but it was actually fabricated. Graham, the China resident, deleted the original post and now there’s no record of a story on the Jinse Caijing website where the story was originally posted.
When asked whether OKEx uses a single-sign bitcoin wallet, the spokesperson from the exchange pointed to an incident report of a 51% attack on the Ethereum Classic network which details the withdrawals process and the semi-offline multisig for hot wallets. According to the reports, 95% of the funds are stored in cold wallets. As the page detailing the security of the cold wallets stated, when generating private keys, the Advanced Encryption Standard password is “controlled by two OKEx company personnel in separate locations- one in OKEx’s Beijing office, one in a city on the West Coast of the United States. In order to withdraw the funds, this has to happen:
“A staff member goes to “the bank safe near the office and retrieve[s] the appropriate number of unused encrypted private keys.” They then scan the keys’ QR code into two separate offline computers. Then “the holder of the AES master password decrypts the encrypted private key on a completely offline computer” before scanning the QR code into another offline computer.”
The most confusing step here is the “signing trading on another computer completely offline and after the transaction, signature synchronized to a computer with internet broadcast transaction through USB drive.” No matter the procedure, OKEx users are still restless. The exchange maintains that the funds are safe but are inaccessible for withdrawals.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post