✅ Factcheck: Is WazirX laundering money?

Namaste, this is the Doodhwala, the only newsletter that’s as good as hot masala chai and sizzling bhajiya on a rainy evening. 🫖

Sit back and relax, we’ve got a lot to unpack today:

• Factcheck: Is WazirX laundering money?

• The fault in our Solana wallets

• A crypto hacker’s target #1

• Meme of the day

Factcheck: Is WazirX laundering money?

WazirX is one of the largest exchanges in India.

But yesterday, they were accused of money laundering.

The thing is, they weren’t laundering anything. So, what gives?

Here are some quick facts about WazirX:

• Daily trading volume of $4 million

• 6 million registered users

• Behind the #IndiaWantsCrypto movement

• Acquired by Binance in 2019

The link with Binance, WazirX’s parent company, caused problems for the exchange with India’s ED.

ED does not stand for what you think it does. Get your head out of the gutter.

It stands for Enforcement Directorate. We’ve never heard of them, so here’s what Google says:

The ED claims WazirX used Binance’s systems for its transactions. And since Binance is registered in the Cayman Islands many transactions are not recorded on the blockchain and they were “cloaked in mystery.”

Sounds like someone in the ED is reading a lot of Chetan Bhagat.

The ED said that WazirX was used to send crypto worth Rs 2,790 crore ($350 million) to unknown wallets.

Media companies, fact-checking sleuths, jumped to call this “money laundering.”

So, was this money laundering?

Lol no.

WazirX is owned by Binance. It uses Binance for its liquidity (finance talk for making trades). In fact, most Indian exchanges do this. Like most Indian exchanges read the Doodhwala.

That explains why WazirX has a Binance wallet.

Since WazirX is owned by Binance, there’s a direct bridge between the exchanges. Any transaction from a wallet on WazirX <> Binance does not happen on a blockchain and is internal.

That explains why many transactions were off the blockchain.

Again, we’re no crypto detectives or lawyers here. We just see it like it is. And it is a-okay.

The fault in our Solana wallets

Picture this: You wake up one morning and the tokens on your wallet are all gone. It’s empty, like the theatre during a Ram Gopal Varma movie.

You ask yourself, “Is the exchange hacked?”

But your cryptos are on a hot wallet. And you hold the private keys!

You then ask yourself, “Did I interact with a shady DeFi protocol?”

But your hot wallet was inactive for months.

You then ask yourself, “If my cryptos weren’t on an exchange, and my wallet was inactive, then where is my crypto?”

Bhaiyo and bheno, this is what thousands of Solana users woke up to this week.

Hackers stole close to $4.5 million (Rs 35.7 crore) from 15,000+ Solana wallets. These tokens (mainly SOL and the stablecoin USDC) were moved to 4 wallets.

The two Solana wallets affected were — Phantom and Slope. 

Phantom said Slope had a vulnerability in their mobile wallet which led to the attack, but Slope claimed no responsibility. Sounds like a conversation between a 🌷 and ✋🏽 supporter.

It’s not just cryptos sitting in the wallets that were siphoned.

Even cryptos present on a DeFi app like a lending protocol or a liquidity pool were stolen. These were no lazy attackers!

In fact, the hackers were damn chaalu!

They knew that people can’t remember passwords, even if these passwords secure millions in crypto. And some use the same password for multiple wallets.

So, they tried the Solana password on the Ethereum address.

And ta-da-aa, it worked.

This allowed them to drain a few Ethereum wallets as well, mainly hosted on TrustWallet.

Meanwhile, the ones with a Metamask wallet are going:

If you got a Solana wallet, I feel bad for you, son. I got 99 problems but SOL ain’t one. 🤞

A crypto hacker’s target #1

Crypto bridges are kinda cool.

They allow you to hop from one blockchain to another.

But they’re hella unsafe, according to a report by Chainalysis, a company that spends hours looking at blockchain data.

In fact, out of $2.9 billion (Rs 23,000 crore) in crypto stolen from attacks this year, bridge attacks accounted for 69% of them.

If you’re done laughing at the 69 joke, imma proceed.

Why are bridges a target for hackers?

Well, like with everything else, the problem is centralization.

Bridges have one storage point of funds. These funds back all the assets that can be bridged between blockchains.

This means that a bridge has to have funds on the sending and receiving to execute a trade.

Because of so much activity in and between blockchains, bridges have a unique value proposition. But because they have central storage, they’re sitting ducks for hackers.

Doodhwala’s take: Be safe when using bridges.

Meme of the day

That’s all for today people! See ya tomorrow!

Aakash "Dahi Cheeni" Athawasya & Arvind "Doodh Peda" Krishna

Yo! Our legal and financial advisors (aka our good ol’ conscience) have asked us to add this boring disclaimer.

None of what you read here is financial advice. We aren’t here to get to buy or sell a crypto. We’re only here to tell you what’s up in crypto today and make you laugh. So, if you screwed up on a trade, that’s on you G. Stay safe in the markets.