A BATTLETESTED EXCHANGE
Security
Custody
0 CUSTOMER
FUNDS LOST
Since 2014, we've lost zero crypto.
Ensuring our exchange is safe, secure, and reliable is at the centre of all our operations.
Intrusion Proof
We're an exchange built by and for real derivatives traders. Our positions and margins are checked multiple times a minute, with balances cross-checked against on-chain records, every 10 minutes.
We also welcome the reporting of security issues through our bug bounty programme.
Bitcoin Custody
No private keys are kept on any cloud server.
Our Bitcoin custody involves multi-signature wallets, with a set of private keys that control access to the BitMEX public address. A quorum of signers are randomly nominated and required to sign before any transfer occurs.
Other Assets Custody
All other assets - as well as a minimal amount of Bitcoin to enable accelerated withdrawals - are secured via secure multi-party-computation (MPC).
Put short, no private key is ever held in one place. The creation, signing and revocation are done in a trustless distributed manner between a threshold of co-signing components.
Fully Protected Transactions
All transfers are additionally protected by transaction rules that are enforced to assure that any attack is blocked at a policy level.
We place a tremendous amount of focus on the segregation of duties. No one actor in the system can successfully sign a withdrawal from the system.
Every transaction requires multiple signatures and interaction with an untampered HSM to be valid.
Segregation of funds
You deploy your funds, not us. Client funds remain safely in our wallets.
They are securely segregated at the account level and ring-fenced from company assets thereby providing industry leading protection.
They aren’t lent, staked or traded.
We’re not a trading house, we’re an exchange, with no exposure to VC money or any other liabilities. For more, you can read our risk disclosure statement here.
Top Tier Customer Protection
We have one of the highest Insurance Funds in the industry, to ensure all our traders are protected from deleveraging events.
You won't ever have to worry about exchange solvency, with our verifiable Proof of Reserves and Liabilities updated twice a week.
FREQUENTLY ASKED QUESTIONS
What if there is an intrusion?
Our positions and margins are checked multiple times a minute. With balances cross-checked against on-chain records, every 10 minutes. Bugs, flaws or intrusions, causing positions not to match, will immediately halt our exchange.
How do you provide custody for Bitcoin?
Our Bitcoin custody involves multi-signature wallets, with a set of private keys that control access to the BitMEX public address. A quorum of signers are randomly nominated and required to sign before any transfer occurs. No private keys are kept on any cloud server, and even in the event of a full system compromise, there would not be enough private keys available to an attacker to steal funds that are held and protected by BitMEX.
What about custody for other assets?
All other assets - as well as a minimal amount of Bitcoin to enable accelerated withdrawals - are secured via secure multi-party-computation (MPC). Put short, no private key is ever held in one place. The creation, signing and revocation are done in a trustless distributed manner between a threshold of co-signing components.
How do you safeguard your transactions?
All transfers are additionally protected by transaction rules that are enforced to assure that any attack is blocked at a policy level. We place a tremendous amount of focus on the segregation of duties. No one actor in the system can successfully sign a withdrawal from the system. Every transaction requires multiple signatures and interaction with an untampered HSM to be valid.
What about the segregation of funds?
You deploy your funds, not us. Client funds remain safely in our wallets. They are securely segregated at the account level and ring-fenced from company assets thereby providing industry leading protection. They aren’t lent, staked or traded. We’re not a trading house, we’re an exchange, with no exposure to VC money or any other liabilities. For more, you can read our risk disclosure statement here.
