Private Funds are the New Public Funds
February 10, 2022 | Back to News
Bitfinex
If you have $10,000 in your bank account, and thieves hack into your account and drain all of the money, and you go to your bank and establish that that’s what happened, and the hackers get away successfully, what will the bank do? The three main theoretically possible answers are:
- The bank will give you the $10,000 back and eat the loss.
- It won’t, and you will eat the loss.
- The bank will give you some of the money back, and you will split the loss.
Which one it chooses will be determined mostly by regulation and somewhat by how effectively you complain, but none of that is the point here. The point is that what will not happen is:
4. The bank will say “Well the dollars are gone, but we can credit you with 10,000 Theft Bucks, enjoy!”
I am not even sure I know what that sentence means. But let me try. A bank is a system of computers that keep lists of people who have stuff. For the most part, your entry on the list shows how many U.S. dollars you have at the bank. There is an important sense in which this entry means “the number of U.S. dollars that the bank has to pay you when you ask,” but there is a more important sense in which it doesn’t. Most people’s primary interaction with their bank is not withdrawing paper money; for most people, the number next to their name on the bank’s list simply is the number of dollars that they have. If they want to spend those dollars, they do it by sending electronic messages telling the bank to decrement the number next to their name and increment the number next to someone else’s name; the dollars never leave the banking system’s computers, never become paper money, always remain numbers on lists. The number on the list is not the number of dollars that the bank has to give you if you ask; it is the number of dollars that you have already. “Dollars” are entries on the bank’s list.
The bank controls the computers, so it is a little tempting to say that it could put any number it wants next to your name. It can’t, though, for important reasons of regulation and tradition and, you know, the whole banking system would crumble if the bank just made up numbers arbitrarily. Well, it would crumble if the bank just made up numbers of U.S. dollars. U.S. dollars are very important and widely accepted and there is a huge financial and regulatory apparatus built up around the function (banking) of keeping lists of them. But the bank could make up other numbers on other lists. The bank could say “every time you use an ATM we will give you 10 loyalty points,” and then it could keep a list of customers and their loyalty points, and then one day it could say “also we’ll give you 20 loyalty points every time you smile at a teller” without any particularly serious implications for the banking system. 3
And so you could just about imagine discovering that your account was hacked and that your $10,000 is gone, and going to the bank and saying “hey your list says I have $0 but I should have $10,000,” and the bank saying “well your entry on that list of dollars was decremented to $0 using the established procedures of banking, and we cannot reverse those procedures because that would mess everything up, but we will write another list, not of dollars, but of something else — call it Theft Bucks — that we just made up, and we can put 10,000 next to your name on that list, does that help?” And you will say, no, it absolutely does not, because dollars can be used to pay rent and buy sandwiches, while Theft Bucks are a thing that the bank made up just now.
But this is because there is a very stark binary, in traditional banking, between dollars, which are money, and other stuff, which is not. Move this bank into the world of cryptocurrency and the situation gets much hazier. Crypto tokens can be created arbitrarily, in a sense all of them are money, in another sense none of them are, and there is a continuum between the ones that feel a lot like money and the ones that don’t. If you have an account at a crypto exchange and it contains 10,000 Shiba Inu tokens, and a thief drains your account and you complain to the exchange and the exchange says “sorry about that, the SHIB are gone — immutable blockchain and all that — but to make it up to you we will create a brand-new Lost Dog token and give you 10,000 of them,” does that help? Maybe? The Shiba Inu tokens were worth a somewhat arbitrary and variable amount of money based on speculative interest, and the Lost Dog tokens will also be worth a somewhat arbitrary and variable amount of money based on speculative interest. Context clues here suggest that the Shiba Inu tokens are worth more, and have more general interest, while the Lost Dog tokens are just nonsense and won’t be worth much, but, I mean, are the Shiba Inu tokens not nonsense?
We talked yesterday about the Bitfinex hack. In 2016, Bitfinex, a cryptocurrency exchange, was hacked; thieves made off with 119,754 Bitcoins. At the time this was a $71 million haul. When I wrote about it yesterday, though, it was a $5.3 billion haul, as Bitcoin went up about 7,000% over the past six years. (As of this morning it’s a $5.4 billion haul.) We talked about it yesterday because the Justice Department arrested two people for allegedly trying to launder the money, and managed to recover at least 94,636 of those Bitcoins, worth $4.2 billion at yesterday’s price. And the Justice Department has promised to give the Bitcoins back to the victims of the hack.
The simplest way to interpret that is that if you had 10 Bitcoins in your Bitfinex account in 2016, worth about $6,000,and they went missing, then now the Justice Department will give you 8 Bitcoins (it recovered about 80% of the missing Bitcoins), worth about $360,000. From 2016 until now you had an asset — Missing Bitcoins — that appreciated by about 6,000%, which is a worse performance than actual Bitcoins but much better than, you know, the S&P 500. Owning Bitcoins stolen from Bitfinex was an incredibly good trade. Here’s Bloomberg’s Olga Kharif:
David Silver, a lawyer who specializes in financial and cryptocurrency-related fraud, said since the seizure was announced Tuesday he’s received dozens of calls from individuals saying they lost money in the 2016 online heist and they want to get their coins back. Twitter has been whipped into a frenzy as well, with posters asking how to claim lost crypto. Justice Department officials said they plan to establish a court process for victims to reclaim the stolen digital assets, which have since surged in value.
But there are other ways to interpret it. Bitfinex, in particular, has other views. 4 Bitfinex’s views are, approximately, “we gave you 119,754 Theft Tokens to make up for your 119,754 stolen Bitcoins, so you are fine and those Bitcoins are ours now.” Kharif:
Bitfinex considers that it’s made investors whole, and said in a statement that it will “follow appropriate legal processes to establish our rights to a return of the stolen Bitcoin.” If Bitfinex and users start off on a collision course, the legal battle would likely be protracted.“The world has changed dramatically since 2016, and everyone is going to lay claim to this newfound bag of Bitcoins,” Silver said. …At the heart of Bitfinex’s argument is a long-ago token distribution. After the attack in August 2016, when a hacker made away with more than 119,000 Bitcoin, Bitfinex allocated losses of more than 30% to all customer accounts. It then created and credited BFX tokens to customers at a ratio of one for every $1 lost. Within eight months, all holders had those tokens redeemed, or had exchanged them for iFinex capital stock. During that time, Bitcoin’s price had nearly doubled, according to Bloomberg data.Bitfinex also created another coin named Recovery Right Token, or RRT, for holders that had converted their BFX tokens into iFinex shares. In case the stolen Bitcoins were ever recouped, recovered funds would be distributed to RRT holders, at up to $1 per RRT. There are currently 30 million RRT tokens outstanding, according to Bitfinex. That could lead to a reimbursement of up to $30 million. …“I think that’s ridiculous,” Alan Aronoff, a 52-year-old San Francisco resident, said in an interview. “That’s my Bitcoin that they took from my multisig wallet. I would like my Bitcoin back.” Aronoff doesn’t remember whether he signed away any rights to his stolen Bitcoin while accepting the Bitfinex reimbursement.
I don’t know! The traditional analysis would be:
- If Bitfinex bought the customers’ claims from them — if it offered them BFXs and RRTs in exchange for an agreement saying “I relinquish any claim on the lost Bitcoins” — then it owns those claims, and the Missing Bitcoins that were such a good investment belong to Bitfinex. This is true even if it bought those claims at pennies on the dollar (because the ex ante likelihood of recovery was low). But of course even if it bought those claims at dollars on the dollar Bitfinex did well here, because Bitcoin has appreciated so much against the dollar since 2016.
- If Bitfinex just gave them those tokens as a gift then those Missing Bitcoins still belong to the customers.
In practice I assume that Bitfinex gave the tokens to the customers to make them less mad at Bitfinex, but you can do that with or without a signed contract selling the claims. I am not sure who wins here.
Elsewhere in those zany kids and their crypto hack, here is an Insider article about Ilya Lichtenstein and Heather Morgan, the couple accused of conspiring to launder the stolen Bitfinex Bitcoins:
The news has sent shockwaves through the tech circles that Morgan and Lichtenstein moved in. The pair, known to walk a leashed Bengal cat around Manhattan, may have been eccentric in a social sense. But in the world of tech and crypto, they were typical and utterly unremarkable startup entrepreneurs.The duo’s image as kooky, self-absorbed millennial techies was so convincing that acquaintances are struggling to believe them sophisticated enough to pull off the crime. A former employee of his wife’s startup was flabbergasted: “Based on my perception of these people, it is almost comical that this happened, that they’re capable [of this].”That was the impression that many — though not all — of their acquaintances came away with.”I find all this stuff online laughable saying they’re not capable of doing this from a technical perspective,” said a friend. “Because I 110% think they would be capable of doing it.”
Like I said yesterday, Morgan’s public persona of cringe business-rapper would be a great cover story. Also, my most often repeated advice in this newsletter is that you should not participate in any way in any sort of corporate rap, and I was pleased to see that a former employee of Morgan’s cold-email startup agrees:
Once, an event SalesFolk threw in New York was delayed in starting, so Morgan took to the stage and launched into an impromptu Eminem rap — without any backing track — to entertain the waiting audience. “That was when I walked out,” one former employee recalled. “I just can’t stay here.”