Security

Coinbase appeals SEC rulemaking petition denial as promised

Coinbase filed an appeal the same day its petition for a rulemaking on crypto used as a security was denied.

Coinbase is continuing its efforts to ensure adequate legislation on cryptocurrency used as securities. After the United States Securities and Exchange Commission denied Coinbase’s petition for rulemaking on cryptocurrency on Dec. 15, the crypto exchange appealed the decision on the same day.

Coinbase chief legal officer Paul Grewal promised immediate action as soon as the SEC’s denial became known. On Dec. 18, the U.S. Third District Court of Appeals ordered the SEC to file the record of its decision by Jan. 24, 2024.

In its appeal, Coinbase documented the lengthy process that was necessary to compel the SEC to respond to its petition. It called the SEC’s denial of its petition “arbitrary and capricious, an abuse of discretion, and contrary to law, in violation of the Administrative Procedure Act.” In addition:

NFT Trader’s stolen Apes returned after bounty payment

The hacker returned 36 BAYC and 18 MAYC after receiving a 120 Ether bounty payment from Yuga Labs co-founder Greg Solano.

All Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) nonfungible tokens (NFTs) stolen from the peer-to-peer trading platform NFT Trader have been returned after a bounty payment.

NFTs worth nearly $3 million were stolen in the hack on Dec. 16. As per public messages, the attacker attributed the original exploit to another user. “I came here to pick up residual garbage,” they wrote, requesting ransom payments to return the NFTs.

“If you want these NFT’s back then you need to pay me 120 ETH […] and then I will send you the NFT’s, it’s as simple as that, and I never lie, believe me […],” reads one of the messages.

KyberSwap exploiter linked to $50M HXA token movement

Blockchain security firm Cyvers said the KyberSwap exploiter’s acquired funds were spread across various externally owned accounts now recognized as the top HXA tokenholders.

Blockchain security firm Cyvers detected a movement of $50 million in HAXcoin (HXA), the native utility token of the Herencia Artifex nonfungible token project, linked to the KyberSwap exploiter.

The KyberSwap exploiter’s address got these tokens from an Ethereum address using the “transfer from function.”

Decentralized application users commonly use the “transfer from” function. It refers to a mechanism by which one party (sender) can transfer or send tokens from the balance of another party (owner) to a third-party address. However, improper use or vulnerabilities in implementing such functions can lead to security concerns.

Elon Musk’s xAI files with SEC for private sale of $1B in unregistered securities

“Spicy” AI chatbot Grok hasn’t been seen by the public yet, but it’ll be worth plenty after this securities issue.

Elon Musk’s X-linked artificial intelligence modeler xAI has an agreement for the private sale of $865.3 million in unregistered equity securities, according to a filing with the United States Securities and Exchange Commission made on Dec. 5.

XAI filed the SEC’s Form D to allow it to engage in the private sale of securities without registration. The form is used to comply with Regulation D of the Securities Act of 1933, which provides exemptions to the standard rules. On the form, Musk is listed as the executive officer and director of the business.

The xAI Form D further clarifies that the securities will be sold to accredited investors with restrictions on their resale under Rule 506(b). The form also indicated that $134.7 million in such securities have already been sold, with the first sale taking place on Nov. 29. Thus, the company is seeking to raise $1 billion.

New Jersey bill would make crypto sold to institutional investors a security

The bill complements one already on the governor’s desk that regulates digital assets owned by individuals.

The New Jersey General Assembly may consider a bill that would decide when a digital asset or “virtual currency’ is a security under state law.

All virtual currencies issued and sold to institutional investors would be considered securities in the U.S. state of New Jersey under the bill introduced by Democratic Assemblymember Herb Conaway, Jr. on Nov. 29. According to the short text of the bill, the legislation would supplement the New Jersey Uniform Securities Law, which currently makes no mention of virtual or digital currency or cryptocurrency.

The bill pertains only to institutional investors, which are defined as “a company or organization that invests money on behalf of other people.” It also specifies that stablecoins could be determined to be virtual currencies by the state’s Bureau of Securities.

Web3 firm detects major security flaw in common smart contracts

A security vulnerability potentially affecting hundreds of smart contracts that were pre-built using a commonly used open-source library has been reported by Web3 firm Thirdweb.

Smart contract development firm Thirdweb reported a security vulnerability that potentially “impacts a variety of smart contracts across the Web3 ecosystem.”

On Dec.

Highlighting the vulnerability’s potential to cause massive damage if not rectified immediately, Thirdweb stated:

“The impacted pre-built contracts include but are not limited to DropERC20, ERC721, ERC1155 (all versions), and AirdropERC20.”

Following the proactive warning to Web3 ecosystem, the firm cautioned users who deployed its contracts before Nov.

IMPORTANT

On November 20th, 2023 6pm PST, we became aware of a security vulnerability in a commonly used open-source library in the web3 industry.

This impacts a variety of smart contracts across the web3 ecosystem, including some of thirdweb’s pre-built smart contracts.…

— thirdweb (@thirdweb) December 5, 2023

Thirdweb also advised developers to help users revoke approvals on all affected contracts using revoke.cash, “which will protect your users if you choose not to mitigate the contract,” DefiLlama developer “0xngmi” commented on the request to revoke approvals.

btw this seems important, theyre asking to revoke all approvals to third web contracts (you might have interacted with them without knowing as theyre white-labelled, especially if you do stuff around nfts) https://t.co/T1YU9xnIRb

— 0xngmi (@0xngmi) December 5, 2023

Thirdweb has contacted the maintainers of the open-source library at the root of the vulnerability and contacted other teams potentially impacted by the issue.

It also pledged to increase investment in security measures and double bug bounty payouts from $25,000 to $50,000 while implementing a more rigorous auditing process.

US regulators doing ‘good job of alienating’ crypto sector — Cardano founder

Charles Hoskinson took a jab at the perceived inconsistency in applying decentralization standards by the U.S. SEC.

The United States’ approach to cryptocurrencies could do more harm than good, and it risks losing major players by the time they “get their act together,” Cardano founder Charles Hoskinson has said.

“When you look at some of the U.S.

*Charles Hoskinson speaks with Cointelegraph Arabic journalist Hermi De Ramos at the Abu Dhabi Finance Week. Source: Cointelegraph*

He took a jab at the perceived inconsistency in applying decentralization standards by the U.S. Securities and Exchange Commission, stressing that Cardano did not conduct an initial coin offering (ICO) and saying ADA (ADA) vouchers were sold in Japanese territory with no U.S.

“I guess, apparently, that’s under U.S.

Hoskinson also pointed out that Ethereum, which he said conducted an ICO for its Ether (ETH) token without implementing mandatory Know Your Customer (KYC) and Anti-Money Laundering (AML) checks, and Bitcoin (BTC) were labeled non-securities for “some reason.” He said:

“There are a lot of facts and circumstances that are insanely ambiguous, and it seems like it’s just the monster of the week. And if they can’t have success with a layer 1, like Ripple, then they go hit the exchanges… That’s not really a well-formed policy.”

On Nov. 20, the SEC filed a complaint in a federal court, alleging that crypto exchange Kraken commingled customer funds and failed to register with the regulator.

Hoskinson contends that the registration process with the SEC is vague, as “it’s not possible to actually operate these systems in a reasonable way.” He argued:

Brazilian authorities investigate Binance for guiding clients past stop order: Report

The Brazilian SEC has reportedly turned over screenshots from Binance’s Brazilian website with instructions for evading a stop placed on futures trading on the site.

Binance is under investigation in Brazil by the Federal Prosecutor’s Office and Federal Police, according to a report in Valor Econômico newspaper. The cryptocurrency exchange has allegedly been helping clients evade a stop order on cryptocurrency derivatives investments.

According to the newspaper, the Brazilian Securities and Exchange Commission (SEC) reported to the Attorney General of the State of São Paulo that Binance may have continued to offer cryptocurrency derivatives to its clients after the SEC had issued a stop order on those offerings in 2020. Futures contracts are considered securities under Brazilian law regardless of the nature of the underlying assets.

The SEC presented the police with screenshots made in August 2021 showing instructions for Brazilian users to change their language setting to access the Binance Futures section. The SEC also said there was extensive Portuguese-language content with no notices of restrictions on Brazilian users.

Public information seen by Valor Econômico showed that Binance responded to the charges in February by submitting a proposal for a commitment agreement. No decision has been made on that proposal.

JUST IN Binance under investigation by Federal Police in Brazil for “alleged financial crimes” – Globo pic.twitter.com/EsdDKMpB86

— Radar (@RadarHits) April 20, 2023

Binance told the newspaper in a statement that it “reiterates that it does not offer derivatives in Brazil, that it operates in compliance with the local regulatory scenario and maintains a permanent dialogue with the authorities for the development of the crypto and blockchain segment in Brazil and in the world.”

Binance has faced similar charges before. It operated in the Canadian province of Ontario for months after it told the Ontario Securities Commission it would cease activities. Binance reportedly acknowledged in February that it was working with United States regulators to settle compliance issues. In March, Binance was sued by the U.S. Commodity Futures Trading Commission over alleged trading violations.

Magazine: $54B fund partner runs women-only DAO, LatAm blockchain gaming guild

Gnosis Chain spends $5M on validator incentive program for decentralization

The program offers 388 mGNO to each of the first ten validators that runs in a listed country.

Gnosis Builders, developer of blockchain network Gnosis Chain, has announced a $5 million project to increase the number and diversity of validators through incentive mechanisms. The new project is called “Gnosis VIP,” according to an April 18 announcement from the company.

As part of the new project, Gnosis is launching a “Geographic Diversity Program” that seeks to increase the number of countries Gnosis Chain validators are located within.

The network currently has over 100,000 validators spread across 60 countries, and the program’s goal is to increase the number of countries to 180 by year’s end, the announcement said.

According to the program’s official webpage, for each of the 90 countries listed, the first ten validators that start operating within them will receive 388 meta Gnosis (worth $1,368.18 at April 12 prices) over the course of six months. Meta Gnosis (mGNO) is the wrapped and staked version of the network’s native coin, Gnosis (GNO). Each mGNO can be redeemed for 1/32 GNO.

The first payment of 38 mGNO ($134) will be disbursed after the first 30 days the node operates. The size of the payment will increase each month, and the last payment at the end of the six months will be for 98 mGNO ($345.57).

In an email statement to Cointelegraph, Gnosis CEO Martin Köppelmann expressed hope that the new program will help to improve both the security and performance of Gnosis Chain:

“A diverse validator set is paramount for a resilient and secure network […] Geographical diversity hedges the network against both natural and jurisdictional disasters [and] can also improve the performance of a network; by having validators located in different parts of the world, transactions can be processed more quickly and efficiently.”

Debates often rage in the crypto community over which networks are the most decentralized, with many experts claiming that a network cannot be scalable, secure, and decentralized at the same time. This conflict in design philosophy is often called the blockchain trilemma.

In his email statement, Köppelmann emphasized that geographical diversity is only one aspect of decentralization, and others are also important to ensure resilience and security.

All eyes are on stablecoins: Law Decoded, April 10–17

A week before a hearing in Congress, the United States gets stablecoin regulatory framework.

Last week came in preparation for April 19, when the United States House Financial Services Committee will hold a hearing on stablecoins. The hearing will include information collected by various federal government agencies over the last year. Among the participants are Jake Chervinsky, the chief political officer at the Blockchain Association, and Dante Disparte, the chief strategy officer of Circle.

On the hearing threshold, a new draft bill appeared in the House of Representatives document repository. The draft provides a framework for stablecoins in the United States, putting the Federal Reserve in charge of non-bank stablecoin issuers. According to the document, insured depository institutions seeking to issue stablecoins would fall under the appropriate federal banking agency supervision, while non-bank institutions would be subject to Federal Reserve oversight. Failure to register could result in up to five years in prison and a fine of $1 million. Foreign issuers would also have to seek registration to do business in the country.

Among the factors for approval is the ability of the applicant to maintain reserves backing the stablecoins with U.S. dollars or Federal Reserve notes, Treasury bills with a maturity of 90 days or less, repurchase agreements with a maturity of seven days or less backed by Treasury bills with a maturity of 90 days or less, and central bank reserve deposits.

SEC targets DeFi in a vote to revisit proposal concerning the definition of ‘exchange’

The U.S. Securities and Exchange Commission (SEC) has announced it will be revisiting the proposed redefinition of an “exchange” under the agency’s rules — a move that could include crypto market participants in decentralized finance (DeFi). Under the proposal, an “exchange” would be more closely defined as a system that “bring[s] together buyers and sellers of securities through structured methods to negotiate a trade” and explicitly include DeFi.

The commission proposed similar amendments in January 2022, keeping the comment period for the public open until June. Some crypto advocacy groups criticized the SEC’s actions at the time, suggesting it was an overreach of the commission’s authority.

Arizona governor vetoes bill targeting taxes on blockchain node hosts

Katie Hobbs, the governor of the American state of Arizona, has vetoed legislation that would have largely stopped local authorities from imposing taxes on individuals and businesses running blockchain nodes. The governor vetoed Arizona Senate Bill 1236, first introduced in January. The legislation aimed to revise sections of statutes pertaining to blockchain technology, mainly reducing or eliminating regulation and taxation of node operators at the state level.

The Italian regulator sets strict guidelines for OpenAI’s ChatGPT

Italy’s data protection agency, known as Garante, has specified the actions that OpenAI must take to revoke an order imposed on ChatGPT. OpenAI must increase its transparency and issue an information notice comprehensively outlining its data processing practices. Additionally, the statement requires OpenAI to implement age-gating measures immediately to prevent minors from accessing its technology and adopt more stringent age verification methods.

In addition, the regulatory agency mandated that OpenAI allow users to object to processing their data to train its algorithms. Also, OpenAI is required to conduct an awareness campaign in Italy to inform individuals that their information is being processed to train its AIs.