Bitcoin Forum

I'm reminding everyone here of the frequent collapse of centralized exchanges, which has resulted in many assets and wallets being drained and dried for trusting their money on centralized exchanges despite many warnings of not your keys, not your coins. I have a message for everyone, and I hope they take it seriously, especially those who have yet to withdraw their coins from centralized exchanges or custodial services.

The new designs of exchanges share a similar pattern and there is something I have noticed, Defi wallet integrated into Binance exchange wallets as a sub wallet and very soon, other exchanges will imitate the same style just to acquire more liquidity from users or traders.




Binance has integrated a Defi sub-wallet into their exchange, the option requires you to add a recovery phrase from your wallet to interact with its own BSC blockchain, we all know how important seed phrases or recovery phrases are meant to be with you, no third party. It should be with you alone because that way, no one can get to your coins, they want you to keep your recovery phrase on their exchange please don't do that, care less of their policy whether they save it or not, centralized exchanges are element of the same company that cannot be trusted. Your seed phrase or recovery phrase is intended for you and only you.

Some of the things you need to know:
1. Not your keys, it’s not your coins.
2. Don’t paste your recovery phrase on any exchange, I know very soon other exchanges will follow the same pattern which will result in the stealing of funds.
3. Do not rely on centralized exchanges/ leave your coins on centralized exchanges.
4. Don’t share your private keys with people
5. Back up your recovery phrase and make sure they are properly secured and safe from threats and thieves.

You probably mean seed phrase, not passphrase.
Seed phrase (also called recovery phrase or mnemonic seed) is different from passphrase. Seed phrase is a series of words, usually 12 or 24 words. Passphrase is the additional word(s) or characters which is added to the seed phrase for more security.  

That was typo. I’m very much familiar with passphrase and is different from seed phrase. It has been modified.

So far, I've only connected my wallet to AMM (pancakeswap, Uniswap) for altcoins, and have never imported my bitcoin account into any 3rd party wallet. I better send btc when I need to send for withdrawal, and keep it in a trusted wallet (the one I use, electrum). If there is such an wallet integration feature on Binance, users need to create another wallet that is specifically designed to receive only a certain amount. Don't integrate a primary wallet which has big money value in it to any exchange even with seed phrase import feature, learn from any hacked exchange in history, when people lost their asset from this case. and we never know, where 3rd party saving our seed phrase, if it stored on server, its mean your account not really save.

Noted, I am very much aware of all these crypto wallet / centralized exchanges warning but my goal now is a Decentralized trading platform that works just like a centralised exchange, a crypto trader still have no choice but to use cex for trading and this will make them to send their BTC to CEX.

I hope future crypto developers are already on this, we need to move away from CEX completely. The moment someone sends their BTC to an exchange anything can happen, that's why CEX needs to go.

And I can say that OP your topic can not be over emphasized enough, still we have people who still go against all that, Binance are part of the bad tooth in Crypto-currency that slowly may affect the ecosystem negatively.
I was asked by a colleague of mine to teach him how to trade I don’t have full knowledge of trading but willing to help asked him to move his coin to an exchange he feels comfortable he acted shocked like how can someone own a wallet that’s not on an exchange. It’s now this bad people having their Crypto-currency portfolio on exchanges. If you consider your safety then You need to own your private wallet.

The major reason why DEX is not favoured by many is cause most have low liquidity when compared with bugger centralized exchanges, and this is a result of most users opting to use such centralized exchanges, boosting the userbase and its liquidity.

Having more people shift to decentralized platforms would make then more profitable to operate and run and also make them more attractive to other traders.

No matter how small one's funds in crypto currency are, non custodian wallets should be advised mostly to new investors because they are the ones that will fall to this trick.

Just a month ago Binance had its BSC blockchain hacked and now wants recovery phase integrated there. This isn't only exposing it to Binance team but to also potential hackers and attacks.

Thank you OP for the info

Exchanges like Binance are helping the adoption of bitcoin. That is why I don't criticise them too much. If you remove exchanges and be fair in your judgement you will understand that things of bitcoin is not easy for everyone to handle. Especially people that are stressing everyday looking for how to make food for the family.
This people look for people to trust for their coins because their memories can fail them anytime.
No matter what we preach exchanges will be modifying the way they operate and if care is not taken, they will centralize many aspect of bitcoin.
We can only teach but we won't force people how to use their money.

There is nothing developers can do about this, there would be centralized and decentralized exchanges in the industry and it is left for crypto users to choose the one that they want to use, at the moment the majority of people are going with centralized exchanges, they want things fast and easy, even though it is less secure and they lose their privacy; the only way the numbers will favor decentralized exchanges is if more centralized exchanges keep misusing users funds, going bankrupt and getting breached, i believe that way crypto people would have no choice but lose faith in centralized exchanges for the numerous cons that they do have.

never and will not even link my personal wallet with any application or exchange. The main personal wallet that I hold is not connected to anything. I use 2 personal wallets, the first wallet as a single wallet to store all assets and the second wallet as a liaison wallet between the first wallet and a temporary shelter.
Handing over Seed Phrase like this will only give you more risk, not your wallet, not your coins, who has the seed Phrase then he owns it. Even though Binance is the most trusted centralized exchange, I will not give my seed phrase for this kind of thing. I might just use it for trading only and nothing more.

I did this before because I had no choice in selling my token on a centralized exchange, but instead of using my main wallet, I created a new one intended to connect to the exchange API.  If anyone has the same case as this, you can create a new account or let's say a dummy wallet to link to exchnage, never use your hardware wallet or any cold wallets directly linked to exchanges.

All OP said was right, we should value our crypto assets like valuable stuff.  Never trust anyone else and avoid dealing with random people on the internet.
As long as it's valuable, there are too many of them to have an interest.

Previously theymos also warned all forum users about the dangers of storing assets on the Exchange here https://bitcointalk.org/index.php?topic=5421039.0.
This topic is very helpful for anyone who hasn't had a chance to see the topic theymos created. Placing this topic in the B&H section is very appropriate, because there are so many Newbies who have just joined the forum who still don't know thoroughly about how to store assets properly. Asset safety is the responsibility of each individual, we can only remind the best for anyone to keep their assets safe.

Likely we can copy and paste our password on exchanges rather than copy and paste recovery phrase (seed phrase).

Sometimes we can copy and paste our private keys on browsers or on search engines by mistake. When we make that mistake, we should response very fast by
- Moving our coins from that wallet to another new wallet
- Never use that wallet again

Because that private key is already leaked and others can have access to that wallet. If we have coins in that wallet, they can move our coins too.

Don't forget, copying the private key or seed phrase is already not safe since if you use keyboard from unknown source and they can memorize every words you've pasted, you're in danger. Moreover if your device has malicious malware or virus that will change the address when you want to send your coins to the the new wallet How to lose your Bitcoins with CTRL-C CTRL-V  (https://bitcointalk.org/index.php?topic=5190776.0).

So make sure you only install a trusted source keyboard, don't memorize any words that you've pasted, and only copy few parts about it, don't entire the private key.

Your device can be infected and keyboard is one of things can be infected. Hackers can see see words and steal your coins if your device is infected.

I only warned that if you make a mistake by pasting your private key to a browser, a search engine, you should swap or move your coins instantly and discard that wallet forever. You can response faster than hackers if you are fortunately when they are sleeping.

Many traders opted to use Centralized exchange to convert their coins to their local currency I'm also doing this with our local centralized exchange but if you're going to do this don't store it right away only trade money that you will cashout to your local currency and if you have no choice but to use a centralized exchange like tokens that you're holding can only be traded on a centralized exchange be sure to check the reputation of that exchange, unfortunately, these centralized exchanges are here to stay, they just need to be regulated to protect their users.

Noted. I haven't seen or heard about this before, but thanks for the heads up. With Binance utilizing this feature, it serves as another warning to the use and reliance on centralized exchanges with our funds, which I hope we all take note of.
Because of one or two known and important reasons, I believe most people continue to leave their funds in exchanges despite being aware of the possible risks. However, adopting precautions and preventive measures is required in any circumstance.

I think that it is for such people that we should constantly remind them that trusting strangers on the Internet very much is fraught with big troubles. People who are in great need are very nervous and emotional; any loss for them is a crisis, exactly like the promise of quick profit, and will not be regarded as fraud.
Everything we leave on the web will leave a trace, and the data on the exchange will necessarily be controlled, despite the promise of the exchange to maintain confidentiality. Laws change at the speed of light, and today we trust third parties, but tomorrow we may be very surprised to hear that our funds have been stolen or simply taken away.

Trusting my private keys to anyone in the name of centralized exchange or any name as follows is that last thing I'll rather do with the height of insights I have in this space. Perhaps, they have forgotten that that's why its called private keys, it's non sharable.
Not my keys, not mine coins!!

You will not even have a private key with centralized exchange, what you will have is just a wallet address that is peculiar to your account and every other control of the funds in the wallet is in the hand of the exchange. That is how bad the situation is, as the owner of the money you do t have access to it and the exchange will do whatever their like with the money. I don't trust exchange and I categorize them under risk assets such like gamble anything can happen, but if you have your money in your private wallet with your keys properly save 💾  in a secured place were you can recover the wallet at any time and anywhere then you have a financial freedom you desired. Exchange is just a marketplace where trades happen but when it comes to storage of your asset it is secured to have them in your cold wallets and having the private keys in your control is the guarantee for a secured financial future.

I don't want to go into too much detail about exchanges because this topic is about how beginners should focus on keeping funds and recovery phrases safe, but if most users had followed this little warning, most of the users who got bitten by the FTX exit wouldn't be in the mess they are today, considering they were the second exchange by volume after Binance. Exchanges are important for cryptocurrency, but trust me when I say that his little cautions are as significant.

The majority of new investors come on board true centralized exchange and because they are new to the system, it is always very hard to convince them that CEX is not the best place to keep their assets, some of them don't really trade that much, they buy whatever they want to buy and keep it there instead of sending it to their own personal wallets, maybe they are too lazy to watch over their own investments their self. I'm not sure why would anyone will buy bitcoin and keep it on an exchange, for what exactly!

There is also the automation and ease of use.

On a centralized exchange like Binance, you create your buy/sell order and when the price hits that sweet spot, the order gets filled automatically. You don't need to be online or do anything else.

If we compare that with the most popular DEX, Bisq, the process is completely different. You need to check if the order is still valid, then you are required to make a security deposit. You need to be online and the other party needs to be online as well. Then the other party needs to make a security deposit. You have to manually check if your fiat transaction went through before releasing the crypto. Each transaction requires on-chain confirmations. That's going to depend on the congestion of the blockchain, the mining fees you want to pay, and how much time needs to pass until the next block is found.

It requires more time and more user input compared to automated CEXs. Since people are lazy, most will just use the stuff that requires the least amount of time no matter the security or privacy aspect.   

I believe this message has been loud and clear over the years and the forum should not have a problem with this, but the target group going forward should be for those crypto users that aren't part of the forum and ignore these messages because they believe an exchange is too big to fail or can't be hacked. The best option should be to put all centralized exchanges to be responsible for sending out such messages to their clients so that such losses are minimized and the exchange liability will equally reduce .

Sometimes its hard to convince newbies to avoid such things because majority of newbies has been introduce on new tokens which they bought on pre-sale and there's nothing they can do with it since mostly those tokens is listed on low tier exchange which is very risky to trade on. Also some of them got hype and stay because they think about good thing to do trades because they see a lot of option to choose if they want to trade that's why its good to see some fair warning like this since soon they realized for their selves that its not good to put 100% on a platform where you didn't hold your own keys.

A lazy newbie will continue to be a lazy one, and in the world of cryptocurrency, being a lethargic person usually means losing money. Since it's so challenging for new pre-sale projects to get listed in an A-tier exchange, they usually settle for the least expensive options, that been said. However, I believe that most of the layer 1 blockchains on which these projects were built have decentralized exchanges where users can buy and sell coins without having to leave them on centralized exchanges.

I can't speak for everyone, but I can say that despite the newbie excuses, some of them have learned to keep their coins in personal wallets as a result of what we have all experienced with CEX. I can also say that despite all the hacks and incidents, there are some people who have been in this space for more than half a decade that have yet to learn to be their own custody, they would rather watch their investments on CEX on high risk.

not your coin or your keys is one of the most frequently used expressions I've heard on the forum, and it's truly helped me. Even when I'm on air presenting at work, I love using the terminology to warn people about how risky it is to keep your assets in your wallet. When you are purchasing and holding, I think security comes first. What happened to FTX should serve as a lesson about why it's not a good idea to leave your coins on any exchange, but people aren't listening. Additionally, since scammers have tried to get you to connect your wallet to the exchange by pasting your recovery phrase, everyone should be vigilant and careful.