Top Stories of the Week - 12/30

In the newsletter this week, we cover a big drop in bitcoin hashrate following a sweeping storm that enveloped the United States, Solana’s abandonment by its biggest NFT project, and the leak of users’ exchange API keys from service provider 3Commas. Subscribe here and receive Galaxy's Weekly Top Stories, and more, directly to your inbox.

Bitcoin Hashrate Rebounds Following Strong Winter Storm

A winter storm in the United States caused 1/3 of Bitcoin mining machines to turn off, but hashrate has since rebounded. The massive winter storm that engulfed the United States leading into Christmas Day led to a sharp decline in hash rate as miners shut off their machines to conserve power. A May 2022 report from the Cambridge Center for Alternative Finance estimated that 37.84% of the Bitcoin network’s total hash rate now resides in North America, with much of it in Texas and the upper Midwest, regions that were hit hard with freezing temperatures in the days before Christmas.

On Christmas Eve, Bitcoin averaged 16.3 minutes between blocks, sharply above the 10 minute per-block interval target set by the network’s difficulty algorithm. On a daily basis, Bitcoin’s estimated hash rate on December 24 was estimated to have dropped by almost 38% to 156 exahashes per second (EH/s), down from 251 EH/s on December 21. Block times had already been up slightly since a 3.2% difficulty increase on December 19. The next difficulty change is expected on Tuesday, January 2 and is estimated to result in a downward difficulty adjustment of -6.8% to -7.5%. 

Our take

Bitcoin’s status as the most benign users of electricity was on full display last weekend. Many have blamed American bitcoin miners for their vast electricity consumption, but in most locations, Bitcoin miners are quick to shut down their operations when circumstances demand electricity be routed elsewhere. There are few industries that can pay for and consume vast amounts of electricity, thereby paying for expanded grid capacity, but turn off at a moment’s notice during an emergency, thereby freeing up significant capacity for other residential and commercial uses.

The reality is that US electrical grids are in shambles not due to Bitcoin miners, but due to chronic underfunding of their expansion, the closure of high-energy density producers (nuclear, in particular, capacity for which has been declining since 2012 and output which has been stagnant since 2002), and arcane rules like the Jones Act that force the purchase of LNG from Europe despite ample domestic production. The US has refused to recommit to nuclear energy and even hastened the deprecation of existing plants, refused to heed calls for pipeline regulatory reform, and vexingly focused on renewables like solar and wind while critically underfunding or blocking the development of key materials for those technologies like polysilicon and components like batteries, leaving China in a dominant position. The good news is that the tide is turning in the US in favor of nuclear energy and on-shoring of renewable energy components.

As a major grids like ERCOT look to shift their overall energy mix to include renewables such as wind and solar, which are inelastic sources of supply of energy, more elastic sources of demand for energy will be required to manage stability. Bitcoin miners will play a pivotal role in  the US’ energy transition to more sustainable sources as a grid balancer. Recently ERCOT recognized Bitcoin miners as large flexible loads and established the Large Flexible Load Task Force (LFLTF) with the goal of developing policy recommendations relating to the integration of Large Flexible Loads (LFL) directly into the ERCOT system.

If the US wants to get serious about electrical capacity and grid stability, the focus should be on growing production and distribution of all types, from renewables like hydro, wind, and solar, to petrochemicals like natural gas. Bitcoin miners are unique in their ability to pay for vast amount of electricity but curtail its consumption instantly, something that other large electricity consumers like aluminum smelting plants cannot do. That’s a unique feature of Proof-of-Work that helps strengthen, not weaken, electrical grids, and it was on display during the brutal storm that blanketed most of the country on Christmas this year. -AT

DeGods/y00ts to Leave Solana for Ethereum/Polygon

Solana’s top NFT collections are departing for greener pastures. The announcement comes after weeks of speculation that DeGods/y00ts founder, Frank (real name Rohun Vohra), allegedly demanded $5M from the Solana foundation to stay on Solana. The Solana NFT community has been divided in response. While some in the community applaud the move as a smart business decision, others have expressed frustration at the fact that Frank is abandoning Solana precisely when it’s trading at its lowest levels since early 2021.

The migration is scheduled to occur in late Q1 2023. DeGods will move to Ethereum while y00ts will move to Polygon, and DUST, the utility token, will be supported on both Ethereum and Polygon. Technical details about how the bridge will work are scant, but users will have to opt-in to migrate their assets. Nothing is stopping current holders from keeping their assets on Solana, though Frank has signaled that future support for features like staking rewards and minting will be exclusive to ETH/MATIC.

According to data from OpenSea, DeGods and y00ts have accounted for >50% of Solana NFT trading volume over the past 30 days. DeGods and y00ts are both owned by Dust Labs, which most recently raised a $7M round (including investment from Solana Ventures). If DeGods were to trade on Ethereum today, it would sit at a floor price of 3.96ETH ($4,753) (between Meebits at 3.45ETH and CloneX at 5.78ETH).

Our take

DeGods/y00ts leaving Solana is massive and would be the equivalent of Yuga Labs leaving Ethereum. The Dust Labs ecosystem is Solana’s NFT juggernaut, and there are no other players who can fill in those shoes in terms of trading volume, floor prices, and/or overall influence. This departure from Solana boils down to a desire for the Dust Labs ecosystem to keep growing in a bear market. Since Dust Labs historically denominates all earnings from mints and royalties in SOL, they are almost certainly down significantly now with the precipitous drop in SOLUSD (which is -75% since the beginning of the FTX saga in early November). In late April 2022, DeGods were the #1 non-Yuga Labs PFP collection on the planet (in USD terms). Their fall from grace probably motivated them to chase the relative stability of ETH, especially in the depths of a bear market.

Dust Labs isn’t the only major project abandoning their monogamous relationship with Solana. Solana unicorns Phantom and Magic Eden, have also recently announced support for both Ethereum and Polygon. The common denominator between these 3 companies is that growth on Solana has stalled, and moving on to new chains is the only way to keep growing. Solana founder Anatoly Yakovenko opined on this trend in a recent Tweet thread, citing the bittersweet nature of multichain ambitions for successful Solana projects.

According to Coindesk, Polygon paid for this move with a grant from their partnership fund (details of which will be released in the future). Ryan Wyatt, CEO of Polygon Studios, said in a TechCrunch article, “...we decided to go against the trend and focus on the untapped potential of web3 by onboarding large enterprise brands, DeFi platforms and gaming companies. We did this successfully through ecosystem fund investments and white-glove partnership support.” This strategy, though criticized by some as pay-to-play, has been successful in onboarding major brands like Starbucks, Disney, Nike, Reddit, and now Dust Labs. It will be interesting to watch if other blockchain ecosystems follow-suit.

Ultimately, no NFT collection with the scale of DeGods has ever attempted such as massive migration to a new blockchain. This unprecedented move will likely involve some technical speed bumps, so we wouldn’t be surprised if there are further delays. Regardless, this move may have major implications for NFTs at large. If Dust Labs pulls this off, we wouldn’t be surprised to see other major collections reconsider and/or renegotiate their existing relationships with Layer 1 blockchains. Finally, Polygon NFTs may be poised to flip Solana NFTs in trading volume in 2023 as Dust Labs debuts a Polygon NFT launchpad next year. -SQ

3Commas API leak Leads to Millions in Stolen User Funds

100,000 API keys belonging to 3Commas users were publicly leaked. This egregious finding came to light after on-chain sleuth @zachxbt confirmed that someone obtained a file containing API keys associated with 3Commas users across major exchanges such as Binance, Kucoin, Coinbase, etc. Consequently, 3Commas sent an emergency request to their supported exchanges to revoke all API keys connected to the platform. Prior to this discovery, customers of the popular trading bot platform reported unauthorized trades on their CEX accounts that were connected to 3Commas. One group of traders claimed that $22mn had been stolen using a compromised API key. $14.8mn were officially reported. The total amount of stolen funds is still unknown at this point.
 
For weeks, 3Commas publicly denied their responsibility for the API leak, originally claiming that the source of the API leak came from users falling for phishing attacks. Ultimately, 3Commas confirmed that a vulnerability on their end allowed customer API keys to be stolen.

Our take

The 3Commas saga highlights the inherent risks associated with granting third parties’ full access to exchanges API keys. Exchange API keys, which can often be tailored to allow full access (including withdrawals) or merely trading access, can be extremely dangerous. Depending on the level of API access, having an API key stolen can be as detrimental as having your wallet seed phrase stolen—it can allow the full theft of funds. Earlier this month, Yuriy Sorkin, CEO and founder of 3Commas, pointed out that attackers have been using phishing websites to trick users in exposing their API key. While phishing remains an omnipresent risk in the cryptocurrency ecosystem due to the nature of digital bearer assets, it is apparent that the lack of security measures used to protect customers API keys led to this event.
 
According to blockchain security firm Peckshield, this year the digital asset industry experienced over $3bn in stolen funds from hacks. Recent events like the 3Commas hack and the apparent misappropriation of user funds by FTX show that relying on the security and good governance of third parties can be extremely risky in crypto. The best alternatives to storing funds with entities like these is the use of large, regulated custodians (for institutions) or secure self-custody, ideally using a redundant multisig setup. Since the collapse of FTX, crypto exchanges have seen large outflows of funds, presumably indicating a renewed interest in self-custody, which is healthy for the ecosystem overall. Recent record breaking sales in Ledger and Trezor wallets last month further underscores this point. Along with self-custody, we expect the exchange landscape to eventually move to tri-party custody arrangements and credit-based trading in which funds are held in separate, secure custody until required for trading, much the way the securities industry operates today. The famous "Not your keys, not your coins" saying has never been more apropos.. -GP

Other News

• Mango Markets exploiter Avi Eisenberg arrested on market manipulation charges

• SBF to enter plea in FTX/Alameda fraud case next week

• New judge assigned to SBF case after previous assigned judge recused over potential conflict of interest

• Kraken to shut down operations in Japan

• Japan considering enabling foreign-issued stablecoins (e.g., USDC & USDT) to list on local exchanges

• BTC.com suffers $3m loss in cyberattack

• Fidelity files three crypto-related trademark applications including a trading platform in metaverse