FTX chaos: Private keys stored on Amazon servers

Data management via Slack, Google and Excel

In addition to inadequate financial controls, the recording process in particular is said to have been extremely chaotic. FTX “relyed on a hodgepodge of Google docs, Slack communications, shared drives and Excel spreadsheets” to manage assets and liabilities, the filing said.

The restructuring team also found shortcomings in accounting: around 80,000 transactions were left behind as unprocessed accounting entries in “general QuickBooks accounts”. Mainly “small and medium-sized companies” use the accounting software. According to Ray, such a system is unsuitable for the management of a multi-billion dollar corporation.

Wallet keys on Amazon servers

Storing passwords online is a bad idea. It is even worse to keep private keys, i.e. the keys to a crypto wallet, on a centrally hosted server. The failed crypto exchange did not see this as a problem, as Ray explains: “FTX stored the private keys to their crypto assets via servers at Amazon Web Services (AWS).”

It’s a “particularly bad way of managing risk,” he argues. And indeed: Shortly after the collapse of the stock market, a hacker stole around 400 million US dollars from a hot wallet of the company.

Founders’ monopoly of power

The grievances at FTX are said to have been discussed internally. However, the influence of the founders on important decisions knew hardly any limits. Alongside Sam Bankman-Fried and Gary Wang, former technical director Nishad Singh was also part of the executive team.

In addition to the clear power monopoly, FTX would also have failed to Submit economic data at the end of financial reporting periods in a timely manner. In addition, no back-end checks were performed to identify and correct material errors.