A legacy of perception: inflated risk in crypto and the Walmart comparison

In its first few years, use cases for crypto were limited.  There was a lot of market speculation, a burgeoning online gambling scene, and the odd pizza trading for BTC 10,000, but much of the activity occurred on the dark web.  

From 2010 onwards, Bitcoin gained traction as a medium of exchange on the dark web, in use across a cottage industry of marketplaces that were selling everything from narcotics to stolen goods, weapons and abusive material.  

Into the Mainstream

In 2013, the largest dark web marketplace, Silk Road, was seized by US law enforcement.  Founded and run by US national Ross Ulbricht, aka Dread Pirate Roberts, Silk Road dominated the darknet ecosystem, reportedly facilitating around $1.2 billion in transactions and generating around $80 million in commissions between 2011 and 2013, with narcotics accounting for around 70% of the site’s listings.

The affair captured the public imagination - in part due to events surrounding its closure, but also due to the unsuspecting nature of Ulbricht, a well-educated, 20-something operating everything from his laptop.  Reporting focused heavily on Ulbricht, products available on Silk Road (which prohibited the sale of any items whose purpose was “to harm or defraud”, such as stolen credit cards, weapons, and child pornography), and the apparent bad actors operating on the site.

Silk Road’s collapse was followed less than a year later by the failure of Japan-based MtGox, a leading Bitcoin exchange.  For the majority of its operation, MtGox was the largest trading venue globally, at times handling over 70% of all Bitcoin transactions.  

In February 2014 MtGox filed for bankruptcy in Japan, announcing that it had lost almost 850,000 Bitcoin (roughly 7% of total Bitcoin supply) through suspected theft.  It remains one of the largest heists in the history of cryptocurrency at around $473 million, and has since been consistently reported on in the mainstream press.

So, embedded within crypto’s origins are two issues which have driven the wider perception of cryptocurrency as a haven for criminals.  This is a legacy that we are still dealing with today, even if Silk Road and MtGox are distant memories.

From CEX to DeFi

The succeeding years have seen many more hacks, some larger than MtGox.  The largest 40 hacks since (and including) then have resulted in the theft of around $5 billion.  A fifth of that amount is down to MtGox and CoinCheck, which lost $534 million in NEM tokens in 2018.  

But increasingly, centralised exchanges (CEXs) are avoiding catastrophic theft.  Since 2020, only four hacks of significant value were orchestrated on centralised exchange venues, the most recent being the theft of $77 million from Singapore-based AscendEx.  

Operational security at these venues has improved dramatically; AML checks, cyber security, and blockchain analytics are embedded in most compliance procedures which have made largescale thefts much harder to execute.  

Instead attention has turned to DeFi.  Shorn of KYC and AML checks, DeFi is fast becoming a lightning rod for regulators which is keeping it firmly in the public eye.  16 large thefts via DeFi protocols have occurred since April 2021.  This has resulted in around $1.12 billion in stolen assets (a figure which does not include hacks below the $50 million mark).  

In the first few months of 2022 alone, three decentralised protocols - Wormhole, Ronin Network, and Beanstalk - were hacked resulting in the theft of more than $1 billion.  All three were widely reported in the mainstream press; they have also featured in discussions on how to appropriately regulate DeFi.  

Add to that the recent high-profile exploit of Harmony, which lost $100 million last month, and it feels like hacks are more commonplace than ever.  And in a way they are, but that doesn’t tell the whole story.

The Walmart Comparison

Crypto hacks get a lot of air-time.  They make for interesting press coverage; to the outside world crypto still feels murky, complex, and fraught with risk.  It is easy to create the perception of crypto as a hotbed of crime, even if statistics tell us this is not the case.

The quantum of hacks is relatively small in comparison to the total market size of $760 billion.  Recent estimates are that illicit addresses received around $14 billion in 2021, representing around 0.15% of the total transaction volume of $15 trillion.  This number may well get revised upwards, but it would still be below crime committed in fiat currency, which hovers in the low single digit percentages.

The total value of crypto hacks for 2021 stood at a touch over $3 billion, or around 0.4% of the market value.  That is the same amount of theft that Walmart sees in a year, at 1% of its global revenue.  So despite being twice as large as Walmart, the crypto sector experiences less than half the amount of theft.  And that’s just a comparison to one supermarket chain!

The reality is that cold comparisons to issues with fiat currency don’t typically attract press attention.  Reporting on hacks in the ecosystem often hits the mainstream which drives a pervasive narrative that crypto is a more risky asset than others.  

Ultimately there is nothing about crypto which creates more theft.  It is that crypto is struggling to shake off its legacy and challenge misplaced perceptions about the sector.  Time will tell how well it succeeds.  

Meanwhile Walmart is quietly dealing with a crime spree bigger than that faced by the entire cryptocurrency sector.  Now there’s a story for you…

‍