WazirX Ends Partnership with Liminal Custody after $230 Million Hack

As a seasoned analyst with years of experience under my belt, I find myself constantly scrutinizing the actions and responses of companies in the face of adversity. In the case of WazirX and Liminal Custody, I must commend WazirX for its swift response and proactive steps to enhance security following the significant breach. Their decision to migrate assets to new multi-signature wallets is a prudent move, demonstrating their commitment to user protection.


As a crypto investor, I’ve recently learned that WazirX, the Indian cryptocurrency exchange I’m associated with, is cutting ties with Liminal Custody due to a major security breach that happened in July. This incident led to the loss of approximately $230 million, which is around 45% of the total customer funds held by the exchange. In an effort to enhance security and prevent such incidents from happening again, WazirX announced on X that they are transferring their assets from Liminal to new multi-signature wallets as part of a strategic move.

In summary, although our own systems are safe, the recent incident exposed vulnerabilities in Liminal’s custodial services. As a proactive step to safeguard your assets following the July 18th event, we are transferring funds to new digital wallets for enhanced security.

WazirX intends to make public a record of newly created wallets after the migration process is over, boosting transparency for its customers. The platform has also shared a tracking link for all chain transactions concerning the hack, enabling users to keep tabs on their account’s status.

Response from Liminal and User Reactions

In a comprehensive analysis following the hack that occurred on July 19, Liminal Custody asserts that their systems were not responsible for the breach. Rather, it appears the intrusion targeted WazirX’s own hardware directly. The multi-signature wallet system employed by WazirX had six different signatories, among which were Liminal and members of WazirX’s internal team. To execute the attack, the hacker managed to gain control over three of these authorized parties.

In this scenario, an intruder triggered a legitimate transaction from WazirX’s devices. Liminal’s server generated a “safeTxHash” to verify the transaction. Unfortunately, the attacker manipulated this hash with an invalid one, causing the transaction to fail. By leveraging signatures from other transactions, the attacker managed to validate a new transaction, which was successfully processed on the Ethereum network.

Liminal pointed out that WazirX could swiftly take out the funds following the hack, but instead opted to postpone the transfer process. After the breach, WazirX has received backlash from users due to delays in withdrawals and concerns about transparency. The exchange’s co-founder is asking for understanding as they address these issues and enhance security measures.

WazirX Restoring User Balances

As an analyst, I’m sharing that WazirX has recently communicated about the process they’re undertaking to restore user balances. They plan to do this by referencing transaction data from the time of the hack, which will help identify users who are entitled to compensation. To ensure a safe and seamless transfer of assets, they have temporarily halted trading and withdrawal functions for security reasons.

As an analyst, I can confirm that WazirX has made it clear that their primary focus is on restoring user balances, and they are taking extra steps to enhance security to prevent any future incidents. Moving forward, their dedication to transparency and robust safety measures will be essential in rebuilding trust among users and creating a more secure trading environment.

Read More

Sorry. No data so far.

2024-08-14 16:53