New ERC-4337 Smart Contract Standard Released to Enhance Wallet Security

By Christopher Lamb

According to reports, Ethereum has deployed a new feature known as “account abstraction,” which has been in development for two years and can “make it easier for users to recover crypto if they lose private keys to an online wallet.” Deployed via a smart contract called EntryPoint (formally known as ERC-4337), account abstraction “turns users’ wallets into smart contract accounts, in order to make Ethereum wallets more user-friendly and to prevent any loss of keys.” According to reports, account abstraction works by taking external owned accounts (EOAs), such as accounts used on MetaMask or Coinbase Wallet, and merges the code-based operation of contract accounts (CAs) “creating built-in mechanisms that can allow users to keep access to their crypto” in the event that users lose their private keys. Recovery systems include a “social recovery system” and the ability to create “multi-sig wallets” (where multiple users must sign off on a transaction) as an “extra safety mechanism.”

According to reports, the new ERC-4337 standard is “expected to help mainstream adoption by finally making crypto user friendly.” ERC-4337 has passed an audit and will be made available on every Ethereum Virtual Machine-compatible blockchain network. A major function of the new feature is that “[n]ew users will no longer need to learn about complicated seed phrases or the technical process of setting up a wallet to onboard into the decentralized world of crypto.” According to reports, in addition to the recovery of users’ wallets, the benefits include “two-factor authentication, signing transactions on your phone, the setting of monthly spending limits on an account, the use of session keys to play blockchain games without constantly having to approve transactions, [and] decentralized recovery of wallets; [and] smart accounts can be configured to autopay bills and subscriptions.”

For more information, please refer to the following links:

• Ethereum Says ERC-4337 Deployed, Tested, Beginning Era of Smart Accounts
• Stackup Brings Account Abstraction to Ethereum with ERC-4337
• Ethereum ERC-4337 ‘smart accounts’ launch at WalletCon: Account abstraction is here
• ‘Account abstraction’ supercharges Ethereum wallets: Dummies guide

US Federal Bank Regulators Issue Joint Statement on Crypto Liquidity Risks

By Robert A. Musiala Jr.

The three main US federal banking regulators recently published the “Joint Statement on Liquidity Risks to Banking Organizations Resulting from Crypto-Asset Market Vulnerabilities.” Among other things, the statement “highlights key liquidity risks associated with crypto-assets and cryptoasset sector participants that banking organizations should be aware of.” The statement specifically highlights certain liquidity risks related to “[d]eposits placed by a crypto-asset-related entity that are for the benefit of the crypto-asset-related entity’s customers (end customers)” and risks related to “[d]eposits that constitute stablecoin-related reserves.” The statement cautions that “when a banking organization’s deposit funding base is concentrated in crypto-asset-related entities that are highly interconnected or share similar risk profiles, deposit fluctuations may also be correlated, and liquidity risk therefore may be further heightened.”

According to the statement, “it is important for banking organizations that use certain sources of funding from crypto-asset-related entities … to actively monitor the liquidity risks inherent in such funding sources and establish and maintain effective risk management and controls commensurate with the level of liquidity risks.” In this regard, the statement lists the following effective risk management practices:

• Understanding the direct and indirect drivers of potential behavior of deposits from crypto-asset-related entities and the extent to which those deposits are susceptible to unpredictable volatility.
• Assessing potential concentration or interconnectedness across deposits from cryptoasset-related entities and the associated liquidity risks.
• Incorporating the liquidity risks or funding volatility associated with crypto-asset-related deposits into contingency funding planning, including liquidity stress testing and, as appropriate, other asset-liability governance and risk management processes.
• Performing robust due diligence and ongoing monitoring of crypto-asset-related entities that establish deposit accounts, including assessing the representations made by those crypto-asset-related entities to their end customers about such deposit accounts that, if inaccurate, could lead to rapid outflows of such deposits.

For more information, please refer to the following links:

• Federal Reserve, FDIC, OCC: Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency
• Regulators Caution Banks On Crypto Deposit Liquidity Risks

G20 Announces Forthcoming Reports Addressing Global Crypto Regulation

By Amos Kim

According to a recent announcement by the G20 – a group of the 20 largest economies in the world – the Financial Stability Board (FSB), the International Monetary Fund (IMF) and the Bank for International Settlements (BIS) expect to release various reports in 2023 with the goal of setting standards “to ensure that the crypto-assets ecosystem, including so-called stablecoins, is closely monitored and subject to robust regulation, supervision, and oversight to mitigate potential risks to financial stability.” Among other things, the FSB intends to release recommendations on the regulation, supervision and oversight of global stablecoins, cryptocurrency asset activities and markets in July and its joint “synthesis paper integrating the macroeconomic and regulatory perspectives of crypto assets” with the IMF in September. The IMF will also report on the “potential macro-financial implication of widespread adoption of [central bank digital currencies]” that same month.

According to the announcement, other expected reports include BIS’s “report on analytical and conceptual issues and possible risk mitigation strategies related to crypto assets” and a report from the Financial Action Task Force (FATF) on “the use of crypto assets to make transfers for terrorist financing.” These announcements were made after the conclusion of a two-day G20 financial meeting in India. According to reports, at the meeting, US Treasury Secretary Janet Yellen said it was “critical to put in place a strong regulatory framework” for cryptocurrency-related activities but noted that the US was not suggesting “outright banning of crypto activities.” In contrast, IMF Managing Director Kristalina Georgieva reportedly said that banning crypto should be an option for G20 countries.

For more information, please refer to the following links:

• G20 Chair’s Summary and Outcome Document First G20 Finance Ministers and Central Bank Governors Meeting Bengaluru, February 24-25, 2023
• FSB, IMF and BIS papers to set global crypto framework, says G20

IMF Addresses Crypto Policy; OSC Issues Notice for Crypto Trading Platforms

By Robert A. Musiala Jr.

The International Monetary Fund (IMF) recently published a policy paper titled “Elements of Effective Policies for Crypto Assets” to address questions by IMF members on “how to respond to the rise of crypto assets and the associated risks.” Among other things, the paper “presents a policy framework for crypto assets that aims to achieve key policy objectives such as macroeconomic stability, financial stability, consumer protection, and market and financial integrity” and “outlines key elements that are necessary to ensure that these objectives are met.”

According to a recent press release by the Ontario Securities Commission (OSC), the OSC has published a new Staff Notice that describes “a change in the CSA staff practice in connection with our expectation that crypto asset trading platforms (CTPs) that continue to operate in Canada while they seek registration and related exemptive relief file a pre-registration undertaking (a PRU) with the CSA.” The Staff Notice also provides additional guidance to CTPs, including a list of areas where the OSC is requesting “new commitments” from unregistered CTPs and new expectations for unregistered CTPs that are continuing to operate in Canada while pursuing applications for registration.

For more information, please refer to the following links:

• IMF: Elements of Effective Policies for Crypto Assets
• CSA Staff Notice 21-332 Crypto Asset Trading Platforms: Pre-Registration Undertakings – Changes to Enhance Canadian Investor Protection

DeFi Hack Victims Exploit Code Vulnerability to Regain Control of Hacked Crypto

By Christina O. Gotsis

According to reports, this week, a Web3 infrastructure firm and decentralized finance (DeFi) platform conducted a “counter exploit” on the Wormhole protocol hacker that stole roughly $321 million of wrapped ETH via a vulnerability in the protocol’s token bridge. The Web3 infrastructure firm and DeFi platform first became aware of the possibility of retrieving these assets when a Whitehat group reached out in February with a proposal to exploit a previously unknown vulnerability in the DeFi platform’s code. According to a blog post by the DeFi platform, on February 21, the High Court of England and Wales granted an order allowing the retrieval of the assets from addresses associated with the Wormhole exploit. The counter-exploit essentially allowed the DeFi platform to hack the hacker’s addresses and claw back $225 million of digital assets into a safe wallet.

For more information, please refer to the following links:

• Jump Crypto and Oasis.app ‘counter exploits’ Wormhole hacker for $225M
• Statement Regarding The Transactions From The Oasis Multisig on 21st Feb 2023

[View source.]