what is the purpose of launching a token? I believe that many exchanges that have launched tokens do so primarily for the purpose of fundraising and enhancing their market presence. However, we have always prioritized building a solid product and providing excellent services to our users over speculative financial instruments.
We have a clear vision for our business and a commitment to our users, which drives our decision-making process. Instead of relying on a token to create hype or speculative interest, we focus on delivering value through our trading platform and services. We believe that a strong foundation and a loyal user base are far more valuable than any token incentives could provide.
In conclusion, our decision to not launch a token stems from our commitment to sustainable growth, user satisfaction, and the integrity of our business model. We prefer to invest in our products and teams, ensuring that we continue to evolve and meet the needs of our users effectively, rather than engage in speculative ventures that do not align with our core values.What is the purpose of issuing tokens? Typically, tokens are issued to attract investors or to build a complete ecosystem that entices users to join. However, Bybit has never attempted to build its own ecosystem in isolation. We have always viewed ourselves as part of a larger ecosystem rather than existing as an isolated entity. Our business model has been closely aligned with influencers and KOLs from the very beginning, becoming part of their ecosystem. When we launched spot trading, we chose to collaborate with existing ecosystems like Solana and Ton instead of trying to establish a competing system. We found that this model avoids potential conflicts of interest. In contrast, many exchanges, due to their own ecosystems, not only need to compete with other exchanges but also with blockchain ecosystems like Solana, ultimately leading to a reduction in collaboration opportunities.
I believe that building your own ecosystem is only feasible when you are the absolute leader in the market. If you have enough market share and resources, you can indeed expand your suite of services through an ecosystem. But Bybit has never been number one in the market; we are more like a “dark horse.” Therefore, we have never had the conditions to attempt issuing tokens or building an ecosystem. Ultimately, we chose to focus on our core business without launching a token.
Kevin:
So, if the situation had been different this weekend, hypothetically, if Bybit had its own token, would there have been any differences?
Ben:
I don’t think there would be much difference. Frankly, I feel that the existence of a token is not directly related to this incident. If we had a token, what kind of impact do you think it would have?
Kevin:
Perhaps the market would start to short the token, leading to a rapid decline in its price, which could further worsen market sentiment and trigger more panic. In that case, you might face another crisis.
How to rebuild user trust after a crisis?
Kevin:
I heard that you experienced around $4 billion in withdrawals overnight. In the face of such pressure, how did you rebound and rebuild user trust?
Ben:
We have already begun to gradually restore trust. I think the key lies in how we respond to crises. Transparency and timely communication are central to rebuilding trust, and maintaining a professional attitude is fundamental to earning respect from the community. In this incident, despite facing enormous challenges, Bybit still demonstrated a high level of professionalism, which has been widely recognized. Many users even praised us during the crisis, believing that our performance was trustworthy. This trust comes not only from users but has also been acknowledged by global regulatory authorities. We are applying for licenses through multiple regulatory bodies. In the past few days, many people have reached out to us saying, “Hey, I think Bybit is doing very well.” They even have more trust in the future, believing that if we encounter any incidents or problems again, we will handle them in the same way. So from this perspective, this is actually the best way to show the world how we operate and our philosophy.
Cryptocurrency wallet security: Learning from lessons
Kevin:
What improvements does Bybit plan to implement in risk management going forward? I’m also pondering a question: is it reasonable to store $1.5 billion in one wallet? How should we allocate funds? What amounts are considered excessive, and what are not enough?
Ben:
This is a very important question and has sparked many discussions over the past few days. Our security team is actively researching new solutions to ensure that similar risks do not occur again. In the future, we plan to optimize our wallet system, such as by splitting wallets to reduce risk. This way, even if one wallet is attacked, it will not significantly impact the overall funds. We are also discussing which more advanced technological means to adopt. I believe Ethereum’s developments in this area are worth referencing, such as smart contract wallets. These wallets can enhance security through multi-signatures and permission management, even avoiding the risks of online signing. Some of our current wallets rely on online signing, which, while convenient, does not qualify as a true cold wallet because it requires browser operation. In contrast, most of our Bitcoin is stored in cold wallets, which are completely offline; all signatures and transaction operations are performed in an offline environment. Unless someone physically intrudes, it is nearly impossible to breach this storage method. So I believe we will design something that focuses on areas that are physically impermeable. Yes, I think these are some of our key concerns.
The future trend of self-custody in cryptocurrency
Kevin:
This brings to mind a core issue in the cryptocurrency space—self-custody. In this industry, we often say, “Not your keys, not your coins,” which is typically a reminder for individual users to avoid storing assets on exchanges and instead opt for self-custody. However, in the event of similar security incidents, this advice seems to hold little distinction. Your security measures are far more complex than the self-custody methods of ordinary users, yet they can still be subject to hacking.
Does this mean that both individuals and institutions may face security risks? In your view, what is the future direction of self-custody?
Ben:
That is a great question. We do face a critical challenge in that we are a very obvious target for attack. For hackers, large exchanges like Bybit are one of their preferred targets. One important lesson we learned from this incident is that our scale even surpasses some of the security service providers we rely on. Therefore, logically speaking, attacking us makes “sense” for hackers. While I’m not saying this incident occurred in that manner, it is something we need to be vigilant about. No matter how stringent our security measures are, as a large target, we are always at a higher risk. Hence, I think relying on third-party solutions is not the optimal choice. For ordinary users, the notion of “Not your keys, not your coins” is correct, but I believe it is also important to emphasize “diversifying risk.” When your assets reach a certain scale, you become a potential target for attack, so it is vital to diversify the storage locations of your assets. For institutions like Bybit, we actually need to apply the concept of “self-custody” to ourselves by using completely self-developed technological solutions rather than relying on third parties. Responsibility is the biggest lesson we learned from this incident. While we invested significant resources into security, problems still arose. This indicates shortcomings in some of our decisions, such as our choice of a solution that relied on browser signing, which is clearly not secure enough. In the future, we need to focus more on developing and utilizing our own security technology instead of relying on industry standards. While industry standards provide a certain level of assurance, they are not foolproof. The biggest problem with relying on third parties is that you transfer part of the responsibility to them, which can lead to a lack of vigilance on your part regarding critical issues. Especially for exchanges like ours, the longer the operating time, the higher the probability of becoming a target for attack. After this incident, we communicated with some industry peers. I found that many exchanges are using internally developed security solutions. Their viewpoint is, why rely on third parties? While third parties are not necessarily problematic, once an attack occurs, you lose control. This is a matter of life and death. You should not entrust your security fate to others. For Bybit, our Bitcoin and other crypto assets are mainly stored in an internally developed security system, but the handling of Ethereum is slightly more complicated. Developing Ethereum smart contracts is more challenging and requires a specialized expert team, which is where we have historically not invested enough resources. Looking back, this is one of my biggest regrets. We should have considered these issues during the policy-making phase. Although we now have relevant experts, the system has not yet been comprehensively upgraded, which is an important issue that needs to be addressed.
Comparing the security risks of ETFs and exchanges
Kevin:
Did the events of this weekend increase people’s attention to the demand for ETFs (exchange-traded funds)? ETFs require custodial assets, and these assets need to be stored somewhere. Do you think the custodial methods of ETFs face similar security risks as Bybit, or are they completely different?
Ben:
Essentially, ETFs and exchanges do face similar risks, but it also depends on how ETFs ensure the security of their assets. It is important to note that Bybit, as an exchange, operates quite differently from ETFs. Our wallet solutions require frequent adjustments and maintenance, almost needing redeployment every week. In contrast, ETF asset management is relatively static, mostly in deposit status, with occasional small withdrawals. Exchanges handle a large volume of deposits and withdrawals daily, including both small and large transactions, while ETFs can opt for safer but less efficient solutions because their operating frequency is lower. As an exchange, we must find a balance between efficiency and security. If withdrawal processing times are too long, customers will feel dissatisfied; therefore, our system must complete withdrawal operations within minutes.
Analysis of changes in Bybit’s assets before and after the hacking incident
Kevin:
What changes occurred in Bybit’s assets and liabilities before and after the hacking incident?
Ben:
Before the attack, our total customer assets were approximately $20 billion. In the first few days after the attack, our total assets dropped to $14 billion, and at one point, it fell further to $10 billion or $12 billion. However, as market sentiment gradually recovered, total assets rebounded to around $14 billion.
Kevin:
How do you prove that customer assets are secure?
Ben:
Our asset reserves are independently audited to ensure a 1:1 matching relationship, and I believe no other exchange can make such a claim. Throughout the incident, we kept the withdrawal channels completely open, allowing customers to withdraw their assets at any time. Even in the face of situations resembling a “bank run,” we did not refuse any withdrawal requests. If an exchange’s reserves cannot achieve a 1:1 match, it typically opts to pause or restrict some withdrawals to buy time to raise funds. But we completely…No one has encountered such a situation. This is actually the greatest test of our reserve system.
The Future Belongs to On-Chain
Kevin:
You have always emphasized that “the future is on-chain.” Does this weekend’s event further highlight the importance of a decentralized Bybit?
Ben:
My viewpoint has not changed. Although the future is indeed moving towards on-chain solutions, this does not mean that centralized exchanges will be eliminated. I believe this means that infrastructure will improve, and there will be more liquidity, similar to the growth of cryptocurrency over the past few years. From five years ago to today, the entire cryptocurrency industry has made tremendous progress, but this does not imply that the stock market is in decline. Therefore, my logic is that centralized exchanges are still crucial for the entire ecosystem. Most people need centralized products to enter the crypto world; users may briefly participate due to market hot spots, but there is no intermediate platform for them to dive deeper or use long-term. This is the true meaning of centralized exchanges: they provide multiple ecosystems or products where users can stay, explore, and ultimately become native crypto users. At some point, they may explore elsewhere. Even for most who are not attracted, they usually still have accounts with centralized exchanges and may have some balances in both places, with most of their balances often in the centralized exchange.
The Image Problem of the Crypto Industry
Kevin:
These days, there seems to be a significant event in the crypto industry almost every week. How can the public take this industry seriously? What do we need to do to have this industry treated with more seriousness?
Ben:
I agree that this industry does face some image problems, but we should also focus on the positive advancements the industry has made. I’m not trying to boast, but we have demonstrated a different approach in handling the recent hacking incident. I see some people comparing Bybit with FTX, but that is completely different. We handled the incident within just three days, and such efficient responses are rare in the industry. Although this hacking incident is regrettable, it has strengthened my resolve to fight against hackers. Additionally, we plan to launch a dedicated website this week to help victims better cope with their losses. I believe this is not just a problem for Bybit, but a common challenge that the entire crypto industry needs to face. However, other aspects of the industry have made significant progress. Especially in the area of on-chain activities, many solutions provided by decentralized exchanges (DEXs) can now address problems that could not be solved in the past. The crypto industry is still young; if you look back at the early adoption phase of the internet, there were also many issues and challenges, and the infrastructure was not perfect, but it takes time. Therefore, the crypto industry is still very young. I believe that most people no longer simply view cryptocurrencies as scams, and most countries are legalizing and regulating the crypto industry. So, I think this path, although filled with challenges, will only become more stable and rise higher.
Key Lessons and Greatest Regrets
Kevin:
You previously mentioned that one of your greatest regrets was not establishing an internal wallet infrastructure. Are there any other things you regret?
Ben:
In light of this weekend’s events, we have indeed identified some areas for improvement. For example, our withdrawal system could be designed to be more efficient and smoother. Even in crisis situations, we should ensure that customers can complete withdrawals quickly. The only regret is that we made some customers wait, and they might think we are deliberately blocking them, but that is not our intention. I really hope we can allow everyone to withdraw at any time. I hope to optimize the system in the future so that every customer can withdraw smoothly at any time. This not only enhances customer trust in us but also makes them feel more secure, knowing they can see their assets safely stored in personal wallets. Therefore, we need to upgrade the system to perform better in similar events. Additionally, I have learned some important lessons regarding the management of the wallet security team. For example, many people may not have noticed that my Chief Financial Officer (CFO) was the first signer, followed by one of our co-founders. Looking back now, one of my greatest regrets is why I let such a key role serve as a signer. After the hacking incident, he not only had to bear the pressure from the team but also from me, and even his family might be affected. Although we all know this is the responsibility of external hackers, such as those confirmed to be North Korean hackers, he would still feel guilty, thinking he has responsibility. I am very worried that he might ultimately choose to leave the company, and he has been an important partner who has fought alongside me for 4 or 5 years. I trust him completely, but I overlooked the fact that involving key roles in signing would place an excessive psychological burden on them during a crisis.
Kevin:
Who do you think is better suited for this role?
Ben:
It should be someone I trust, but not necessarily a core key personnel of the company. After all, the signer just needs to be a trustworthy person and should not bear too much company responsibility. If my CFO does not participate in the signing process, he would not find himself in such a situation. Therefore, in the future, I will definitely adjust this process to avoid putting key personnel at such risk. I cannot imagine the psychological pressure he endured this weekend; this matter makes me feel very regretful and has made me realize that the design of the process needs to be more comprehensive.
Advice for Future Entrepreneurs
Kevin:
Do you have any advice for future entrepreneurs wanting to enter the crypto industry? After all, similar crisis events may be difficult to avoid.
Ben:
I believe the beauty of our industry lies in transparency and direct communication between entrepreneurs and customers. We can compare ourselves to traditional financial industries, like banks. Even banks, when faced with similar crises, rarely handle problems in such an open and transparent manner. In the crypto industry, transparency and direct communication between entrepreneurs and customers are crucial. If someone experiences such an event, I believe transparency is key, ensuring communication is maintained. Let customers know that you are there; the market will reward you for your transparency.
Why Do Crypto Hackers Keep Succeeding?
Kevin:
You have been busy for three consecutive days. What will you do half an hour after returning home or to the office?
Ben:
I still have some important matters to attend to, such as whether we have figured out the truth of the situation. We are forming a dedicated task force to track the flow of funds, hoping to help the entire industry through this incident, not just resolve our own issues. During this crisis, many partners in the industry proactively reached out to help, often without asking for anything in return. Therefore, I feel we have a responsibility to make some contributions. Whether it’s Lazarus or other hacker problems, these are ongoing challenges within the industry. Currently, a major issue is that when you become a victim of a hacking attack, you often feel very helpless. Hackers know you will trace them, but they also understand that if you are just an individual victim or a small company, your resources are limited, and you cannot track the flow of funds over the long term. More tricky is that hackers often break down funds into smaller amounts, such as $100,000 each, and then transfer them through mixers, cross-chain bridges, or exchanges. By the time you contact the legal department of the exchange, the funds may have already been transferred, and after several attempts, you may give up. This situation is very common in the industry. Currently, we lack a dedicated information platform to consolidate data related to tracking funds. Although there are tools like Chainalysis, when you trace to a certain endpoint (like a mixer, cross-chain bridge, or exchange), the funds may have become untraceable or frozen. Hackers typically avoid using easily frozen assets, such as USDC. They use exchanges, mixers, and cross-chain bridges to delay your time and energy. Ultimately, you may find only two or three people constantly switching exchanges, and even if these exchanges respond quickly, for example, within half a day, the funds have already been transferred. Hackers exploit this delay tactic to win. To solve this problem, we need to build an industry-level information platform. This platform can show where funds ultimately become untraceable, such as mixers, while also recording the response speed ranking of these platforms. For example, if there are 200 transactions totaling about $50 million flowing to a certain mixer that cannot be traced, we can seek legal or regulatory assistance with such data. If these funds are related to Lazarus or other sanctioned organizations, we can take further action.
Lazarus Bounty Program: Helping the Industry Tackle Hacking Attacks
Ben:
We are launching a new website called HackBounty.com. This is an aggregation platform focused on tracking stolen funds, as I mentioned earlier. The interesting aspect of this platform is that anyone can become a “bounty hunter.” You can submit any leads on funds you wish to trace. Once you submit the target funds and trace them to their final whereabouts, we will register you as the bounty hunter for that lead. Subsequently, our team will contact the endpoint of the fund flow and initiate a countdown. The endpoint organization needs to take action: either freeze the funds or provide the next step for the funds. If they fail to respond in a timely manner, this delay will be documented and publicly displayed on the platform. This way, everyone in the industry can see which organizations have no response to the victims’ requests. As an exchange, I fully understand how this mechanism works. I do not want my users to see my exchange appear on the “non-cooperative list,” as this would imply we are helping sanctioned organizations, like North Korea. Therefore, I will definitely assemble a dedicated team to respond quickly to these requests. If it is a tool like a mixer, it may gradually be blacklisted by the industry for non-cooperation. Ultimately, I believe we need to leverage the core advantage of blockchain—transparency—to address issues within the blockchain industry. HackBounty.com will aggregate all relevant information, and anyone can release bounty tasks on the platform and become a bounty hunter. Through this platform, we hope to help all victims track stolen funds while enhancing the sense of responsibility and transparency across the entire industry.
