Infrastructure

A startup is launching a solution that protects users from exchange hacks

Quick Take

  • It’s common for crypto exchanges to get hacked and DEXs aren’t gaining much traction yet
  • A startup called Arwen is coming out with a solution that lets users maintain custody of coins while trading on a centralized exchange
  • Arwen is peer-to-exchange Layer 2 blockchain protocol that works by opening escrows
  • If there is an attack on the exchange, the coins can be recovered if the escrow is closed before the expiry time

Bitcoin was launched with the premise of disintermediating the financial system. Yet here we are ten years later and centralized exchanges are still holding large amounts of cryptocurrencies on users’ behalf. Coinbase has approximately $5 billion worth of cryptocurrency under management – 5% of all bitcoin, 8% of all ethereum, and 25% of all litecoin in circulation.

Why is that a problem? Because centralized third parties become the central points of failure that cryptocurrencies are so desperately trying to eradicate. A large wallet controlled by an exchange becomes a honeypot for hackers. Thieves have made off with more than $1.4 billion from exchanges so far, according to research by The Block. The Block also found that at least 8% of bitcoins in circulation have been stolen at some point.

In the most recent case, about $137 million in cryptocurrencies are claimed to have been lost from a Canadian exchange QuadrigaCX after the founder, who was supposedly the only one with access to the private keys of the wallets, died suddenly in December.

Potential solutions emerge

There have been some efforts to fix this, however. One of them being a movement ‘Proof of Keys’, which tries motivate users to take possession of all bitcoins held by trusted third parties on their behalf. The third parties would actually have to prove that they have all the reserves that they claim to have.

There is also the development of peer-to-peer (P2P) exchanges – non-custodial and decentralized exchanges (DEXs) where users are in the possession of their own private keys. Even if an exchange was hacked, users would not lose anything. But the decentralized exchanges have failed to gain traction so far. The DEX volumes have dropped to a new all-time low of $49 million for the month of January according to Diar. The lack of liquidity as well as blockchain constraints are among the reasons DEXs haven’t caught on yet.

Boston-based startup Arwen is proposing a new solution – software that lets users maintain custody of coins while trading on a centralized exchange. Instead of peer-to-peer, Arwen built a system that is more like peer-to-exchange.

Arwen was co-founded in 2017 by Sharon Goldberg and Ethan Heilman. It chose the traditional VC route instead of running an ICO like many other companies did at the time. Arwen has raised a seed round led by Underscore VC and from other firms including Digital Garage, Notation Capital and Highland Capital Partners.

On top of being CEO, Goldberg is an associate professor in the Computer Science Department at Boston University with more than ten years of research experience in network security and cryptography. Heilman was originally Goldberg’s PhD student, and before co-founding Arwen he also co-invented the TumbleBit protocol for anonymous Bitcoin-backed payments.

A Lightning Network for trading

Even before founding Arwen, Goldberg thought that trusting centralized third parties was counterintuitive to the ethos of the whole cryptocurrency ecosystem. She and Heilman knew they could build a system that allowed users to trade on centralized exchanges without trusting the exchange. She told The Block: “I was actually a little bit surprised to see the whole rise of the centralized exchanges… But we never had the viewpoint that the centralized exchange is somehow bad and we need to get away from that.”

Arwen is a Layer 2 (L2) blockchain protocol similar to the Lightning Network, for example. Goldberg said that it can be viewed as a Lightning Network for trading as opposed to payments. Goldberg said: “If you want to have a blockchain backed protocol that has actions that need to happen really fast, you need to build a Layer 2 system for that. You can’t have trades that settle on blockchain because it simply takes too long.”

Goldberg said that one of the challenges of designing a L2 solution that works across multiple blockchains is that Arwen needed to make as few assumptions as possible about what is actually being recorded on the blockchain. Bitcoin doesn’t come close to Ethereum’s level of richness when it comes to possibilities for its programming language. And since Arwen also wanted to support Bitcoin Cash, they needed to design a solution that would withstand transaction malleability.

Like every L2 protocol, Arwen is fully collateralized, which means there is cryptocurrency on the blockchain backing each action ultimately taken off. Goldberg said that she and Heilman have thought about expanding the protocol to support margin trading but they haven’t actually finished any of that work yet.

Every trade requires two escrows; one funded by the user and one by the exchange. When the trade is finalized, there is an atomic swap and coins in the user escrow change ownership. An exchange has to be able to fund their escrows, either be from their own inventory or set up like a securities lending product where users can opt in to use their own coins to fund the escrows and earn interest. The lending product’s development is planned but hasn’t commenced yet.

Whenever a user asks the exchange to fund an escrow to do a trade, there is an escrow fee proportional to the amount of coins and time. The exchange providing the coins therefore earns some interest on their escrowed holdings. Unlike some of the decentralized protocols, Arwen doesn’t have a built-in token for fees. Instead, the fees are handled by using the escrows themselves. When a user opens an escrow with an exchange, he pays the fee out of his own escrow. Similarly if a user closes the exchange escrow early, he gets a rebate of the fee immediately as he closes it.

All the escrows have expiry times. Arwen’s guarantee is that if the escrow is closed before the time expires, the coins are always safe. If the escrow is not closed before the expiry time, the exchange will close the escrow for the user, but there’s no guarantee that the coins will be safe if an attacker takes over the exchange in that time.

If the trade doesn’t complete properly or if an escrow doesn’t close properly, that would indicate that a user is being attacked, and the software would automatically give a time window for recovering the coins. Arwen is structured so that if the other side attacks or becomes unresponsive, the user can recover the coins on his own.

The trade-off

Arwen launched on testnet in late January and KuCoin was the first exchange to commit to integrating a beta version of the protocol. Arwen’s value proposition for exchanges is security. Goldberg thinks Arwen has the advantages of self-custody without some of the drawbacks that DEXs usually have. “If an exchange is looking for a DEX strategy because they are looking to satisfy the desire for self-custody, Arwen is the more effective way to do it because they already have the liquidity, users, good prices so why not just plug into it?”

Goldberg told The Block: “It’s a bit surprising to me that we have a completely different solution than everyone else. When we started the company, I thought that there would be other approaches that were similar to ours but there are not. Everything has gone in the peer-to-peer direction, which we chose not to do because of all the constraints such as speed limitations of blockchains and lack of liquidity.”

Goldberg thinks that after Arwen is implemented on exchanges, anyone who manages their own private keys will be able to use it. “Arwen is going to go through some evolution of the UI/UX over the next year and it will only get easier. This is only the first version of our UI and we have some designs that have been sketched up but haven’t been built yet. The target audience here are the people that actually run their own wallets, and the institutions that want to maintain custody of their own assets while they trade.”

Ultimately, the reality is that the majority of people are still lazy or lack the technical know-how to manage their own private keys. Utilizing Arwen for self-custody will be incomparably safer than trading on an exchange without it but will be slightly more expensive and slightly less convenient. It remains to be seen whether that’s a trade-off that exchange users will be willing to accept.