Some people always said in this forum that Bistamp lost 17% of client's BTC due to the hack on Jan 4.
This is wrong! Here is the main cold wallet of Bitstamp:
https://blockchain.info/address/1JoktQJhCzuCQkt3GnQ8Xddcq4mUgNyXEaFrom the earliest transaction of the address:
https://blockchain.info/tx/8f1d3a8ef6b2d4a25d2f499279e01518b4770819ccbc39a765c4c326170c61b3the source addresses and destination address are all cold wallets of Bitstamp. The total amount of these cold wallets are 135056+5237+5652+5785+6392+6907+8123+7977+6394+6129+5975=199627.
The 18664 BTC lost is about 18664/(18664+199627) =
8.55% of total client's BTC of Bitstamp. Not 17%! Also, there may be more cold wallet address of Bitstamp that we don't know, so the proportion of BTC loss may even lower than 8.55%
For fiat part, an exchange usually holds likely equal fiat value of BTC reserve, therefore, the total value loss of Bitstamp is 18K BTC / (BTC total reserve + fiat) < 4.28%
Based on the fact that the hack lasts for over 24 hours, we know that Bitstamp did not have any monitor program on their hot wallets!
Bitcoins flow in/out hot wallet are always traceable and should be monitored periodically. For flow in: there are only client coin deposit, for flow out: only to Bitstamp cold wallets and clients' withdrawal address!
Therefore, for a period time T(1 hour for example): the total flow in amount to hot wallets in T + the previous balance before T of hot wallets = amount flows to clod wallet in T + balance left in hot wallets + amount flows to clients' withdrawal addresses in T
Both l-value and r-value must always equal all the time, otherwise, alarm must be issued for human intervention. The monitor program is so simple to implement. Unfortunately, Bitstamp did not have a similar monitor program. If they had, the loss would be much lower!