Hello, y'all. Welcome to the Wormhole. Our first dispatch. Saturday analysis straight from the Token Dispatch kitchen. Cooked and served by

The music quiz game that’s got over million plays. Who are you playing with then 👇

Play Music Nerd 🎵

The Federal Bureau of Investigation (FBI) feels Bitcoin exchange-traded funds (ETFs) are unsafe.

On Sept 3, the agency warned in a public notice about North Korean hackers targeting the crypto industry. Bitcoin ETFs are also vulnerable.

This is not exactly a travel advisory that countries issue for their citizens. This is about serious money. This is about serious players.

Read: The Lazarus Job ⛓💀

Taylor Monahan, lead security researcher at MetaMask, offers insights into the security landscape to DL News.

“The FBI’s PSAs are a high-effort, low-reward endeavour. PSAs are also a less effective method of warning at-risk businesses than directly contacting them.

Getting a PSA out to the public is a lot of work and requires a lot of people to coordinate and confirm the intel.

This usually means that the FBI has identified a long list of potential targets, possibly a long list of unknown targets, and is thus willing to go through the effort of releasing a PSA with the hopes that doing so [would] front run a hack.

If I were an ETF issuer (or even working at a company adjacent or brand affiliated with ETFs), I would definitely be reviewing my internal controls right now.

Identify single points of failure, ensure logging is on, revoke and rotate old or unused keys, and share this PSA with employees. Lazarus doesn’t mess around and they are very good at getting inside organisations.”

Support Token Dispatch

US spot Bitcoin ETFs are big. Proper.

It was a decade-long journey to a US spot bitcoin ETF, and they did not disappoint.

Together, they account for 4.7% of the circulating Bitcoin.

How do Bitcoin ETFs work, and why does this discourse matter?

Bitcoin ETFs allow US investors to gain exposure to cryptocurrencies without the complexities. Like traditional ETFs, they track the performance of underlying assets, but with a specific focus on digital currencies. In this case, Bitcoin.

Bitcoin ETFs need a custodian for safekeeping. Just as stock markets store the equities in Depository Trust & Clearing Corporation (DTCC). Custodians keep the Bitcoin safe, follow the rules, manage risks, handle transactions, and a whole lot of other things.

This way, it lets you invest in Bitcoin without the headache that comes with managing it directly. The volatility is not for the weak-hearted.

Brazil, Canada and Hong Kong have also issued some variants of Bitcoin ETFs. But none of them comes close to US.

Reason? size and scale of interest in ETFs.

So far all good, right? Not exactly.

Eight of these 11 ETFs use Coinbase as their custodian. The largest US the crypto exchange, so, what’s the problem?

It’s too much exposure and risk on a single custodian platform.

Think of hacking attempts and attacks. Or just operational challenges. It could disrupt billions of dollars in holdings.

US equities safely sit in the DTCC and cannot be hacked into. But that’s not how crypto custodians work.

If Coinbase is hacked, and the Bitcoin and Ethereum is stolen. It’s gone.

Byron Gilliam of Blockworks sums it up well.

No one ever worries about hackers stealing their stocks, for good reason: Hackers wouldn’t normally bother with your brokerage account because US equities exist in a Hotel California-like ecosystem (the DTCC), from which they can never leave.

There’s no point stealing something you can’t take with you.

Bitcoin and ether ETFs, however, are different because they are receipts for crypto that you can take with you.

It wouldn’t be easy, but if a North Korean hacker could gain access to an ETF issuer’s systems (probably by posing as a developer not from North Korea) and then somehow convince the issuer’s custodian to send some crypto somewhere, there’d be no retrieving it.

We like to mock regulators for fretting that crypto introduces new attack vectors on traditional finance, but this time it really has.

Monahan, explains that companies like Coinbase are aware of potential threats, the risk could also come from the issuers themselves

“Going after ETF issuers is certainly different than their recent DeFi/CeFi/CEX targets, but I’m not sure it’s necessarily an escalation.

Prior to crypto, these same hackers spent years successfully infiltrating banks around the globe and targeting the SWIFT system directly. They tend to follow the money and, today, ETF issuers have money.”

When things got out of hand on social, Monahan did a 360% explanation thread 👇

The Quiz Game For The Music Lovers

Musicnerd.io - is more than just a platform; it's a journey into the world of music.

It provides an interactive experience through quizzes and exploration tools. For artists it’s a powerful tool for artists to connect with their fans.

Check out Music Nerd

Through custom quizzes artists can engage their audience, receive direct feedback, and build a loyal following eagerly anticipating their next release.

The platform offers a direct line to fans, fostering a sense of connection that goes beyond mere listening.

But is it that easy? Not really.

Coinbase stores most of its Bitcoin assets in secure, offline cold storage facilities. Not in the hot wallets connected to the internet. This cuts the risk of hacking and theft.

Plus, Coinbase uses secure multi-party computation (MPC) technology. Meaning, each key is generated and shared among multiple parties. No one party sees more than their own meaningless share.

There’s another way to tackle hacking attacks. Insurance.

In March, the company explained the safety of custodying the assets.

Read: How we keep digital assets safe - Coinbase blog

The prospectus of the Blackrock Bitcoin ETF fund reads "Coinbase Global maintains a commercial crime insurance policy of up to $320 million.”

But there’s a catch. The insurance is shared among all customers, and is not specific to customers holding bitcoin with the custodian.

Insurance may not make business sense for a relatively new product such as Bitcoin ETFs.

Trezor CEO Matej Zak says that for existing Bitcoiners and aspiring Bitcoiners, the ETFs should not be the first port of call.

The ultimate aim for everyone holding Bitcoin should be to self-custody the asset in a hardware wallet where it is safe, private and protected.

With the current major inflow of capital into spot ETFs, Coinbase is likely to become the largest Bitcoin honeypot, attracting hackers, social engineers and other attackers in volumes never seen before.

Yet these bad actors may not be the highest risk in this case.

The major threat here comes from governments that may be tempted to confiscate bitcoin stored at Coinbase in whole or in part, such as. through specific taxes or simply just by legislating and confiscating.

Trezor is a self-custody wallet. This might sound like a perfect sales pitch. The CEO of a self-custody company sounding a false alarm. It’s not, it’s happened before. In 1933, with President Franklin D. Roosevelt’s Executive Order 6102.

Read: Bitcoin ETFs make Coinbase a ‘honeypot’ for hackers and governments.

Monahan uses a ship analogy to describe cybersecurity efforts.

"Water is CONSTANTLY seeping into the hull of the ship. Like … always. The ship expects this though. You just have float switch sump pumps in the basins that are auto triggered when the water reaches a certain level."

Proactive security measures to protect digital assets. That’s an approach that’s got to be endorsed, planned and implemented. For individual as well as institutions.

Stay vigilant. Keep calm.

Week in Funding 💰

• Balance. $30M. Web3 blockchain gaming platform, founded by the E-PAL team.

• Hypernative. $16M. Security for cyber threats, economic and governance risks.

• Puffpaw. $6M. Vape 2 Earn, Berachain dePIN to monitor and quit smoking.

• IDA. $6M. Fiat-referenced stablecoin HKDA built on public blockchain protocols.

• TrendX. $5M. AI-driven Web3 markets trend tracking and trading platform.

If you want to make a splash with us, check out sponsorship opportunities 🤟

This is The Token Dispatch find all about us here 🙌

If you like us, if you don't like us .. either ways do tell us✌️

So long. OKAY? ✋