Since QuadrigaCX went offline late last month due to not being able access $190M in cold storage reserves after the purported founders death, many people have declared it to be an exit scam or fraud. QuadrigaCX has yet to disclose their cold wallet addresses, leading a small group of people to try and discover what those addresses are themselves through blockchain forensic analysis.
The Evidence So Far
Thus far the main person who has led the way in terms of forensic analysis in an attempt to find Quadriga’s cold wallets is @proofofresearch. Their analysis can be found in full in their chain analysis report. Their investigation suggests that Quadriga does not hold nearly the amount of Bitcoin as they claim to and questions whether cold wallets exist at all. Furthermore, after this report was published, @proofofresearch found evidence suggesting funds we’re being moved from some of the cold wallets, suggesting fraudulent activity.
Finding Conclusive Evidence
The analysis @proofofresearch has done is impressive given that he did all the work manually. However, a more thorough investigation is necessary to conclusively prove either that QuadrigaCX doesn’t hold the assets they claim to or that wallets that have had recent activity are not actually QuadrigaCX’s cold wallets.
The initial analysis by @proofofresearch involved individual people reporting hashes of transactions that they claimed were a deposit or withdrawal from Quadriga. One of the issues here is that only a few select people voluntarily submitted transactions. A much larger sample size is necessary to ensure there all of Quadriga’s hot wallet clusters are known. Furthermore, blockchain forensics software will be a necessity here, as @proofofresearch has spent a significant amount of time looking at only a small portion of transactions and wallets.
How Does Cryptocurrency Forensics Tracking Software Work?
Manually tracking transactions is always possible but forensics tracking software becomes far more useful, and practically necessary, in highly complex cases involving thousands of transactions and addresses. Software typically isn’t necessary when tracking ownership of assets owned by a single individual. At Cryptforensic Investigators, we don’t normally need to use such software ourselves unless the case is particularly complex or the individual has taken attempts to anonymize themselves or obfuscate their holdings.
Twitter user @proofofresearch believes the funds are currently being moved and a mixing service is being used to obfuscate ownership of funds. However, mixers do not fully obfuscate ownership of assets; they can merely make it more difficult to find.
Who at Quadriga is Committing Fraud
While there isn’t conclusive evidence suggesting Quadriga does have access to the funds in cold storage that they claim not to have access to, it’s not looking good for them so far. But, if true, who exactly is exit scamming? Who has access to the cold storage keys? Gerald Cotton himself (if he’s not dead), Jennifer Robinson (wife/widow of Gerald), Aaron Matthews (new CEO), Omar Dhanani (former co-founder and ex-convict), other QuadrigaCX employees, or a combination thereof are all suspect.
Despite fishy behavior among senior leadership at Quadriga, it seems unlikely that either Jennifer or Aaron would be the culprit. This is because many people, including authorities, are watching what they both do very closely. Furthermore, since they live in Canada, they’re relatively easy for authorities to track down. If one of these individuals is siphoning off funds there’s a variety of ways they can be caught such as through:
Since Jennifer and Aaron are more prone to being caught, charged and sentenced for fraud than someone who’s thought to be dead, it’s less likely that Jennifer or Aaron are siphoning off funds and committing fraud.
Whoever at or associated with Quadriga is siphoning off funds, if they are, is sure to be aware that blockchain forensics will be conducted to verify the accuracy of their claimed holdings. In fact, companies like chainalysis who design tracking software primarily work with 3 types of companies and institutions:
The cold wallet addresses have not been conclusively identified yet because blockchain forensic analysis takes time. The investigation into Mt.Gox took Chainalysis two months. Likewise, it will take a few weeks at the very least for the cold wallets supposedly containing up to $190M to be found, if they even exist.
Note: Nothing in this article is to be construed as legal, financial, or tax advice.
About the author:
Paul Sibenik is the owner of CryptForensic Investigators in Vancouver, Canada. His firm focuses on tracking and assisting in the recovery of cryptocurrency assets for family law matters including divorce and child support.