Crypto's people problem
This is why we really need decentralized finance
This week, news broke about a massive insider breach at Coinbase. But the interesting thing is what didn’t happen. No smart contracts were drained. No wallets were hacked. No blockchain protocol was compromised.
Instead, the weak link was people.
Specifically: a few overseas customer service contractors were targeted, bribed, and convinced to hand over sensitive internal credentials. From there, attackers accessed and exfiltrated identity documents, account balances, contact information, and other user data for over 50,000 customers.
Coinbase now expects to spend up to $400 million mitigating the fallout across legal, regulatory, and reputational fronts.
Humans are the vulnerability
Social engineering remains one of the oldest, cheapest, and most effective attack vectors in security. Advanced cryptography becomes meaningless if someone can be convinced or coerced into handing over access, the defenses evaporate.
In this case, attackers targeted customer support contractors who has broad systems access. With a few incentives and well-crafted scripts, these workers gave attackers enough internal access to scrape critical KYC information: passport scans, banking details, addresses, balances.
And that’s the real problem. This wasn’t a sophisticated exploit of novel cryptographic tooling. It was a basic human exploit of a very traditional system:
- Centralized databases of sensitive identity data
- Minimal role-based access controls
- Legacy trust architectures in a supposedly trustless domain
It’s a story that plays out in corporate IT departments, call centers, and cloud dashboards around the world. The difference is, crypto was supposed to be better than this.
Instead, we’re watching new institutions re-create the same attack surface they were meant to obsolete.
Why this matters
Plenty of coverage has focused on how the attack unfolded (here's a good summary from Reuters), who was affected, and how much it will cost Coinbase.
Here's more of a backgrounder on the crypto threat space:
Daniel McGlynn
What’s missing is a serious conversation about the how this most recent insider attack could have been avoided. Not just in terms of patching access controls or changing employee work flows, but in terms of rethinking the architecture entirely.
This is where Open Money principles come in. They provide a blueprint for resilience — not just in cryptography, but in system design.
Steps to decentralize a crypto exchange
| Move | What it changes | Qhy it matters |
|---|---|---|
| Non-custodial trading | Trades settle on-chain | Prevents fund misappropriation and enables easy proof-of-reserves |
| zk-KYC credentials | Users prove identity without sharing docs | Breaches leak meaningless hashes, not sensitive data |
| Custody opt-outs by default | Users control wallets, not staff | Insiders can’t move funds—there’s nothing to bribe |
| Transparent sequencing | Order-matching is verifiable | Front-running becomes detectable; regulators get open audit trails |
| DAO-style controls | Keys and thresholds move to multisig | Bribe-one-employee attacks turn into bribe-five-signers-and-a-public-record attacks |
- Custody layer – Users hold their own assets. Exchanges coordinate trades, not control funds. Smart-contract escrows, MPC wallets, or account-abstraction wallets act as programmable vaults.
- Data layer – Identity is proven, not stored. Exchanges verify zk-KYC credentials or decentralized ID attestations, but never retain raw documents.
- Matching / settlement layer – Orders match and clear on-chain via automated market makers or rollup-powered order books. The system runs even if the operator disappears.
- Governance layer – Code and upgrade paths are publicly auditable. Key decisions — like upgrades or asset listings — are gated by multisig or DAO-based governance.
- Support & ops layer – Access to off-chain systems is split across multisigs, rate-limited, time-locked, and publicly logged. You can’t bribe your way into the vault if no one person has the key.
The result of this new kind of architecture isn’t just a new product that’s harder to exploit because there are fewer soft spots and fewer humans holding the bag.
Update on the Open Money Project
This week we jump into a new section all about the economics that underpin Open Money. We'll cover topics like game theory and open source capitalism. My goal when I started this project was to have the posts that would form the basis of the draft of Open Money complete by now.
But because of delays and a few changes in the outline, it's looking like I will wrap this up over the summer and hopefully complete the edits sometime in the fall.