It’s the spooky season in crypto and not so much spooky as weird, the Bitfinex hot wallet has gone from 6,000 eth or so, and the usual circa 50,000 eth, to 200,000 eth.
In the current circumstances of mass withdrawals, that wouldn’t be too news worthy, except for how it happened.
An address, 0xd2, received 100,000 eth from 0xcff, the WrappedTokenGateway for in particular wETH.
This 100,000 eth is first sent to an intermediary address and then to the Bitfinex hot wallet. It doesn’t move from that hot wallet, and there is no big 100,000 withdrawal from that hot wallet either, but the 0xd2 address nonetheless receives another 100,000 eth from the weth gateway.
That 100,000 eth is again, through an intermediary, sent to the Bitfinex hot wallet, and that’s how Bitfinex’s hot wallet ends up with 203,000 eth in just one hour with all this occurring about two hours ago (12:30 PM UTC).
Bitfinex has 1.4 million eth confirmed and about 2 million eth in total, so 200,000 eth is not such a huge deal, yet it is about 4x over the usual amount.
The hot wallet of course is hot because it can more easily be hacked than the cold wallet.
Usually therefore you’d expect such sums to move quickly to cold storage, but what might be interesting here is that we’ve checked about 15 wallets belonging to Bitfinex according to etherscan, and none of them is showing a withdrawal of 100,000 eth in the past 24 hours.
So, what’s happening? Well, we were looking to see if this 0xd2 address is actually Bitfinex’s, and that can matter because this d2 address is doing a lot of defi.
While everyone is mass withdrawing from exchanges, taking your $100 million, twice, from Aave or defi and sending it to Bitfinex would be a very curious thing to do unless you are Bitfinex.
This d2 address moreover has received about $100 million from the Tether Treasury, though that was three months ago.
Not that this necessarily proves d2 belongs to Bitfinex, if it did the headline would have been Bitfinex defis with 300,000 eth.
That would be defi-ing with customer’s money, at least in part, and presumably as Bitfinex nowadays maybe is rich enough to have its own corporate treasury from profits.
Not that d2 is doing much risky, they seem to be arbitraging, including borrowing USDc with USDt collateral, maybe to stabilize the USDt peg.
Yet we can not find any concrete evidence that d2 is Bitfinex’s and Bitfinex has not responded to requests made to confirm or otherwise.
But, these hot wallet transfer are sufficiently suspicious to at least wonder whether this d2 address belongs to Bitfinex, and thus whether Bitfinex or Tether is collateralizing and much else, and especially whether that’s with some of their customers’ money.
Source: https://www.trustnodes.com/2022/11/14/bitfinex-hot-wallet-spikes-to-250-million