Prevention Policies for Regulators

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Below is a list of prevention policies for regulators. Each of these policies is a standard template which can be included in the applicable case studies. We also have Prevention Policies for Individuals and Prevention Policies for Platforms.

To add a template to an article's Prevention section, select Insert > Template and Type "Prevention:Regulators:" followed by the title below. You can also use "Prevention:Regulators:No Funds Were Lost" if no funds were lost to platforms or users.

Platform Security Assessments

All platforms should undergo published security and risk assessments by independent third parties. Two assessments are required at founding or major upgrade, one after 3 months, and one every 6 months thereafter. The third parties must not repeat within the past 14 months. A risk assessment needs to include what assets back customer deposits and the risk of default from any third parties being lent to. The security assessment must include ensuring a proper multi-signature wallet, and that all signatories are properly trained. Assessments must be performed on social media, databases, and DNS security.

Cryptocurrency Education Mandate

Create a standard tutorial and quiz for all new cryptocurrency participants, which is required to be completed once per participant. This tutorial and quiz should cover the basics of proper seed phrase protection, strong password generation, secure two-factor authentication, common fraud schemes, how to detect and guard against phishing attacks, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space.

Blockchain Level Exploit Handling‎

In general, blockchain-level exploits can be resolved by reverting the blockchain to a prior state, which restores all funds to their prior ownership and limits potential losses to those who are transacting between the time of the exploit and the time of the revert. Effort should be undertaken by node operators to switch to a branch that eliminates the exploit as soon as possible to minimize losses. Any remaining losses would be resolved through the industry insurance fund.

Establish Industry Insurance Fund‎‎

Set up a multi-signature wallet with private keys held separately by delegate signatories from seven prominent platforms and services within the industry. Establish requirements for contributions by all platforms and services within the country, designed to be affordable for small platforms yet large enough to cover anticipated breach events. Any breach event can be brought forth by a member platform or a petition of 100 signatures for consideration by the delegate signatories. A vote of 4 or more delegate signatures is required to release any funds, which could partially or fully restore lost funds based on their assessment.

Physical Theft Prevention

Physical theft is best dealt with through traditional means. The rate of occurrence of physical theft can be reduced through providing effective exchange platforms and better education for individuals.

Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Prevention_Policies_for_Regulators&oldid=4517"