Crypto Exchanges are finding it Hard to buy Insurance

At present cryptocurrency exchanges are having a difficult time gaining an insurance policy because of security problems and countless cyberheists
27 June 2018   1952

As claimed by Business Korea, cryptocurrency exchanges are now in negotiations with insurance firms. The Korean Blockchain Association is having a conversation with Hyundai Marine & Fire Insurance Co. and Hanwha General Insurance Co. in order to understand how crypto exchanges can take out an insurance policy. The Korean Blockchain Association has been conducting the negotiations on behalf of their member cryptocurrency exchanges since April 2018. The Association aimed to choose a definite insurer that its members can acquire insurance from. Insurance firms have been extremely reluctant and hesitant to insure cryptocurrency exchanges because of security issues and insufficient credibility.

Firstly, the association considered it an excellent possibility for both parties if one insurer could secure many cryptocurrency exchanges in one go. They initially hosted an event to brief insurance firms and let the members to select their preferred insurer. After the Bithumb hack happened recently, insurance companies have become more unwilling and uncooperative, especially since the damages were worth approximately $31.46 million.

The Korea Blockchain Association emphasized a stronger internal control system and security at the earlier sessions. But we cannot trust it as even the largest cryptocurrency exchange in South Korea was exposed to cyber attacks. There are no statistics related to the risks of virtual currencies both at home and abroad and it is still not sure whether an insurer can accept exchanges as its policyholders as a group, which are smaller and riskier than Bithumb.
Official
The Korean Blockchain Association

Business Korea proposed that insurance organizations could compensate their risk by working with reinsurance companies, the structures that provide insurance for insurers, when the insurance companies decide choose not to work with crypto exchanges. The problem is reinsurance companies might not decide to insure the insurance firm if they cannot trust the level of security from cryptocurrency exchanges.

When insurance companies can increase premiums for cryptocurrency exchanges and enforce greater security measures, the question is, how efficient are the insurances? The present limit of liabilities when it comes to insurance for crypto exchanges is approximately $2.7 million to $4.49 million. Reuters informed in February 2018 that many insurers were not yet convinced the cryptocurrency industry would be large enough for premiums to cover potential losses. According to CoinMarketCap, the cryptocurrency industry’s total market capitalization was approximately $500 billion.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   1039

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.