Why Did Binance Hackers Transfer Bitcoins into SegWit Addresses Only?

By Nivesh Rustgi
Published May 9, 2019 Updated May 9, 2019
Best Buy In



hack cryptocurrency china
Image Source - Shutterstock

Why Did Binance Hackers Transfer Bitcoins into SegWit Addresses Only?

By Nivesh Rustgi
Published May 9, 2019 Updated May 9, 2019

Binance hack restored more confidence in Bitcoins primarily because of the transparency of the ledger and that practiced by Binance under CEO, Changpeng Zhao.

Moreover, it also revealed certain characteristic features of Bitcoin that were earlier not popular among the investors and users like chain re-org, multiple-outputs in a single transaction and difference between SegWit addresses.

The hackers have placed the majority of the hacked funds in SegWit Wallet Addresses. SegWit wallet addresses are backward compatible with the old Bitcoin ‘Legacy Addresses’ and fundamentally advantageous for the entire network. However, they pose a serious legal risk which might have the accused, even if caught, walk free of all charges.

How SegWit Addresses Create Legal Ambiguity?

The 7074.18107031 Bitcoins from Binance were stolen from two addresses into 44 Bitcoin addresses through a single transaction. This feature is rarely explored and allowed by wallets. However, it was exploited by the hacked to disperse their tracks.

It is a common misconception that Bitcoins can only be transferred from a wallet A to Wallet B. In fact, Bitcoins can be transferred from multi-outputs to multiple addresses.

Bitcoin Transaction

Furthermore, notice how some addresses are different from others. The public addresses beginning with 1 are old, or Legacy Bitcoin addresses, i.e., the ones that follow the original Bitcoin protocol. While the addresses that are starting with bc1 and 3 are SegWit Addresses. The value transferred to the six legacy addresses where negligible; more than 99% of the funds were transferred to SegWit addresses.

Also Read: Binance Hack: CEO Advises Users to Update Security Settings To Safeguard Funds

Reportedly, the 7000 Bitcoins stolen from Binance Exchange, were being consolidated into seven single address. They all SegWit Addresses as well. E.g. bc1q2rdpyt8ed9pm56u9t0zjf94zrdu6gufa47pf62

The reason why Hackers chose SegWit addresses might have something to do with a legal loophole in the US state laws that makes it difficult to authenticate a transaction before a jury.

The US Government has placed laws that make it mandatory for “electronic signatures” must be “attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.

However, under SegWit this creates an ambiguity as the witness address is separated from transaction IDs, as Jimmy Nguyen chief intellectual property, communications, and legal officer of nChain earlier told Coindesk. It makes it difficult under the e-SIGN statutory requirements to provide validity to a digital signature. Hence, in the future, if the hackers are able to spend the bitcoins after enough reshuffling, it could become hard to prepare a legal case against them.

Do you think that the hackers will be able to successfully spend the Bitcoins with the entire crypto community tracking the movement of funds? Please share your views with us. 


The presented content may include the personal opinion of the author and is subject to market condition. Do your market research before investing in cryptocurrencies. The author or the publication does not hold any responsibility for your personal financial loss.
About Author
Nivesh Rustgi
1181 Articles
Nivesh from Engineering Background is a full-time Crypto Analyst at Coingape. He is an atheist who believes in love and cultural diversity. He believes that Cryptocurrency is a necessity to deter corruption. He holds small amounts of cryptocurrencies. Faith and fear are two sides of the same coin. Follow him on Twitter at @nivishoes or mail him at nivesh(at)coingape.com