Who walks away with the $3.6 billion in bitcoin that the U.S. recovered from the Bitfinex currency exchange hack has become the cryptosphere’s favorite guessing game.
David Silver, a lawyer who specializes in financial and cryptocurrency-related fraud, said since the seizure was announced Tuesday he has received dozens of calls from individuals saying they lost money in the 2016 online heist and they want to get their coins back. Twitter has been whipped into a frenzy as well, with posters asking how to claim lost crypto. Justice Department officials said they plan to establish a court process for victims to reclaim the stolen digital assets, which have since surged in value.
Figuring out to whom the crypto belongs may not be simple, however. Bitfinex considers that it has made investors whole, and said in a statement Tuesday that it will “follow appropriate legal processes to establish our rights to a return of the stolen bitcoin.” If Bitfinex and users start off on a collision course, the legal battle probably would be protracted.
“The world has changed dramatically since 2016, and everyone is going to lay claim to this newfound bag of bitcoins,” Silver said.ADVERTISING
Bitfinex, a unit of British Virgin Islands registered iFinex Inc., declined to comment.
At the heart of Bitfinex’s argument is a long-ago token distribution. After the attack in August 2016, when a hacker made away with more than 119,000 bitcoin, Bitfinex allocated losses of more than 30% to all customer accounts. It then created and credited BFX tokens to customers at a ratio of one for every $1 lost. Within eight months, all holders had those tokens redeemed, or had exchanged them for iFinex capital stock. During that time, bitcoin’s price had nearly doubled, according to Bloomberg data.
Bitfinex also created another coin named Recovery Right Token, or RRT, for holders who had converted their BFX tokens into iFinex shares. In case the stolen bitcoins were ever recouped, recovered funds would be distributed to RRT holders, as much as $1 per RRT. There are currently 30 million RRT tokens outstanding, according to Bitfinex. That could lead to a reimbursement of as much as $30 million.ADVERTISEMENT
Bitfinex plans to use a portion of at least 80% of the recovered net funds to buy up and destroy another token called Leo that it issued in 2019 to beef up its coffers.
“Bitfinex doesn’t owe me anything, they made me whole years ago,” said Erik Voorhees, an early crypto advocate who runs the ShapeShift cryptocurrency exchange.
Many customers disagree, particularly given bitcoin’s appreciation from less than $600 in August 2016 to around $44,700. The tokens were worth about $71 million at the time of the hack, with the total amount now valued at about $4.5 billion.
“I think that’s ridiculous,” Alan Aronoff, a 52-year-old San Francisco resident, said in an interview. “That’s my bitcoin that they took from my multisig wallet. I would like my bitcoin back.” Aronoff doesn’t remember whether he signed away any rights to his stolen bitcoin while accepting the Bitfinex reimbursement.
“They can have their equity back,” said Aronoff, who claims to own about $50,000 of “illiquid” Bitfinex stock. “I’ll take my bitcoin, thank you very much.”
Much will depend on what the user agreement Bitfinex had people sign in 2016 said, said Kyle Roche, of Roche Freedman, which is involved in litigation against Bitfinex. He has already fielded inquiries from about 10 people about how to claim funds.
Another difficulty may lie even in verifying customers’ identities. Even today, anyone with an email address can simply open an account on Bitfinex, without any further verification for most basic functions.
“I don’t believe DOJ will turn $3.6 billion to an organization that can’t identify who this bitcoin belongs to,” Silver said. iFinex had previously settled with the New York attorney general over false claims related to its Tether product, the world’s most popular stablecoin.
Many observers point out that creditors of defunct crypto exchange Mt. Gox are still waiting to receive reimbursements under a plan that became final and binding in November. Mt. Gox closed in early 2014 after losing the coins of thousands of customers.
Who hacked the Bitfinex is still unclear as well, and could be pertinent to any distribution, Silver said. The married couple who were arrested on Feb. 8 were accused of money laundering, not stealing the coins.
Assuming the couple enters a guilty plea, the criminal process could take a year to play out, said Kellen Dwyer, former assistant U.S. Attorney who is now an Alston & Bird partner and co-leader of the firm’s national security and digital crimes team. The determination of who is entitled to restitution and how much could take years, he said.
“That process could take the heck of a long time,” Dwyer said. “It certainly could be multiple years before anybody sees any cash.”