Amidst the ongoing legal proceedings, a fresh wave of testimonies has emerged against Sam Bankman-Fried (SBF) and his operations. In this particular instance, outside the courtroom, a former engineer at Alameda Research, the sister hedge fund of FTX, has come forward with revelations of substantial losses in trading funds totaling at least $190 million.
Aditya Baradwaj, the individual in question, has provided a detailed account of the events in a post titled “The Hacks,” shedding significant light on the severe repercussions stemming from inadequate security practices within the company.
Alameda Research’s Poor Operational Practices Exposed
The collapse of FTX and Alameda Research has since attracted substantial attention, with numerous reports highlighting the lack of robust risk management structures at both entities.
Notably, bankruptcy lawyer John Ray III famously described the situation as a “complete failure of corporate controls.”
Concrete evidence provided by Baradwaj paints a disturbing picture of the company’s operational practices. Baradwaj revealed that Alameda Research’s founder and CEO, SBF, prioritized speed above all else, neglecting engineering and accounting standards considered customary in both technology and financial services industries.
Consequently, the company engaged in minimal code testing and incomplete balance accounting, only implementing safety checks for trading when necessary.
One of the most alarming revelations pertains to storing blockchain private keys and exchanging Application Programming Interface (API) keys in plaintext within a file accessible to several employees.
While this approach allowed for remarkable developer velocity, it also exposed the company to frequent security incidents.
Baradwaj highlighted several incidents as examples, each resulting in substantial financial losses:
In incident 1, an Alameda trader fell victim to a phishing attack while attempting a Decentralized Finance (DeFi) transaction, resulting in losses exceeding $100 million. Following this incident, the company introduced additional checks on their internal wallet software.
Incident 2 involved Alameda Research’s participation in yield farming on a questionable blockchain. According to Baradwaj, the creator of the blockchain held the funds hostage for months, resulting in losses of $40 million. Consequently, the company adopted a more cautious approach to selecting chains and protocols for trading.
In incident 3, an old version of the plaintext keys file was leaked, likely by a former employee. The attacker exploited this breach, transferring funds from exchanges and placing fraudulent orders, amounting to losses of $50 million. As a result, Alameda Research migrated their secret keys to a more secure storage system.
These incidents merely scratch the surface, as Baradwaj acknowledged the existence of numerous other security breaches predating his tenure at the company.
It remains to be seen how Alameda Research and FTX, in case of a future relaunch, will address these revelations and work towards enhancing their security practices to prevent future incidents and regain the trust of their clients and stakeholders.
On the other hand, the trial of Sam Bankman-Fried, the former CEO of FTX, is currently underway. Former employees and partners have taken the stand to provide testimonies against him. In the event of a conviction, Bankman-Fried could potentially be sentenced to up to 114 years in federal prison.
Featured image from Forbes, chart from TradingView.com