Kiffmeister’s #Fintech Daily Digest (20220804)

A pair of hacks rattle an already jittery crypto industry

Solana said that at least 7,700 wallets that held at least $5.2 million crypto-assets, including Solana tokens and USDC stablecoins, had been breached. Earlier in the week, Nomad, a blockchain bridge, acknowledged that about $190 million had been taken from it after a hacker infiltrated its system. (A blockchain bridge allows users to swap crypto from one blockchain to another making it vulnerable to “both sides” weaknesses on either blockchain.) The Nomad attack was a “free-for-all,” because the hacker’s original code allowed anyone to copy it and steal the crypto for themselves. [Read more at the Washington Post]

Slope wallet provider saved user seed phrases in plain text, Solana security researchers find

Solana also said that the closed-source Slope wallet may be responsible for the exploit. And security firm Otter reported that the Slope wallet app sent out users’ seed phrases to a centralized server. Slope hired this server from a company called Sentry. It added that seed phrases passed to Slope’s server were saved in the form of readable text. Since the phrases were not encrypted, anybody with access to this specific Sentry server could potentially access users’ private keys. [Read more at The Block]

Coinbase selected by BlackRock to provide Aladdin clients access to crypto trading and custody via Coinbase Prime

Investment manager BlackRock has formed a partnership with Coinbase to make crypto-assets directly available to institutional investors. Mutual customers of Coinbase and BlackRock’s investment management platform. The access will be granted through Coinbase Prime, an existing integrated trading platform for institutional crypto investors. Aladdin users will be able allow to manage their crypto-asset exposures directly in their existing portfolio management and trading workflows for a whole portfolio view of risk across asset classes. The platform integration and functions will be rolled in phases. [Read more at Coinbase]

Entity-based vs activity-based regulation: a framework and applications to traditional financial firms and big techs

The Bank for International Settlements (BIS) published a paper that proposes a framework for classifying regulatory measures with a financial stability objective as activity-based (AB) or entity-based (EB). AB measures constrain an activity on a standalone basis, whereas EB measures constrain a combination of activities at the level of entities. Since such combinations underpin much of financial intermediation, financial stability regulation features EB measures at its core, even though its ultimate objective is to make financial activities more resilient. In discussing the relative merits of AB and EB measures, the paper applies its framework to the regulation of banks, collective investment vehicles and big techs. When addressing systemic risk, neither AB nor EB regulation need be consistent with a level playing field, contrary to a widely held view. [Read more at the BIS]

An Illustrative Industry Architecture to Mitigate Potential Fragmentation across Central Bank Digital Currency and Commercial Bank Money

A paper by a couple of Barclays staffers aims to provide a mitigation to the risk that the adoption of central bank digital currency (CBDC) fragments payments markets and retail deposits. It introduces the concept of ecosystems providing a common programmability layer that interfaces with the account systems at both commercial banks and the central bank. The paper focuses on a potential U.K. CBDC, including industry ecosystems interfacing with commercial banks using open banking application programming interfaces (APIs). [Read more at Arxiv.org)

Upcoming events I’m affiliated with:

The CBDC Think Tank, in partnership with the International Monetary Fund and George Washington University, is hosting a full-day in-person CBDC Masterclass on October 12 in Washington DC. The sessions are designed as instructional deep dives with full presentations and Q&A components.  [Register here]