In the aftermath of one of the biggest cryptocurrency hacks in India, where WazirX lost $235 million from its Ethereum wallet, Liminal Custody, the company behind WazirX’s wallet infrastructure, has pointed fingers back at the exchange itself. According to Liminal, WazirX failed to fully utilize the security capabilities of its platform, which could have potentially prevented the hack.
WazirX: A Major Target in the Crypto World
WazirX, one of India’s largest cryptocurrency exchanges, boasts a massive user base of over 1.5 crore investors. On July 18, a massive cyberattack resulted in the loss of $235 million from the exchange’s Ethereum wallet, wiping out 45% of its holdings. Following this, tensions between WazirX and Liminal Custody have escalated, with both parties blaming each other for the security breach.
Liminal Fires Back at WazirX Allegations
On August 14, WazirX accused Liminal Custody of security shortcomings that led to the hack and ended its contract with the platform. However, Liminal has responded strongly, stating that even after terminating the contract, WazirX is still using its infrastructure to manage remaining user funds. According to Liminal, over $175 million of WazirX’s assets are still managed on its platform, with around $50 million sitting in wallets only accessible through Liminal’s infrastructure.
Liminal further clarified that it operates on a self-custody model, meaning any movement of WazirX’s funds requires approval from WazirX’s own team. Liminal cannot initiate these transactions without instructions from WazirX.
How Liminal’s System Worked for WazirX
Liminal provided a combination of hot, cold, and warm wallets to WazirX under a software subscription contract. Cold wallets, regarded as the most secure way to store crypto keys, are kept offline, preventing them from being hacked through the internet. In contrast, hot wallets are always connected to the internet, while warm wallets combine the quick access of hot wallets with an added layer of security, similar to cold wallets.
Liminal disclosed that the majority of WazirX’s wallets were hot wallets, with only a small number of warm or cold wallets managed on Liminal’s platform. Even after the hack, funds worth about $300 million were still sitting in some of these wallets for a few months.
Crypto Exchange Coinswitch’s Accusation
As the drama unfolds, Coinswitch, another crypto exchange, has accused WazirX of transferring crypto assets worth $73.6 million to global exchanges Bybit and KuCoin after the hack. This raises questions about how WazirX managed its remaining assets during the crisis.
Legal Relief for WazirX Amid Mounting Tensions
The legal situation surrounding WazirX is also complex. Recently, the exchange disclosed the balance of 2.40 lakh wallets on orders from a Singapore court. Its parent company, Jettai, based in Singapore, filed a moratorium application for restructuring its crypto liabilities and received court approval, granting it four months of legal protection from creditors. During this period, no legal actions can be taken against WazirX. Meanwhile, its Indian parent company, Gemnai, continues to handle the rupee side of the business.
As the situation develops, the future of WazirX hangs in the balance. Despite ongoing accusations, it remains to be seen whether the exchange can regain trust in the highly volatile world of cryptocurrency.
