BTC $67,420 ▲ +2.4% ETH $3,541 ▲ +1.8% SOL $178 ▲ +5.1% BNB $412 ▼ -0.3% XRP $0.63 ▲ +0.9% ADA $0.51 ▼ -1.2% AVAX $38.90 ▲ +2.7% DOGE $0.17 ▲ +3.2% DOT $8.42 ▼ -0.8% LINK $14.60 ▲ +3.6% MATIC $0.92 ▲ +1.5% LTC $88.40 ▼ -0.6% BTC $67,420 ▲ +2.4% ETH $3,541 ▲ +1.8% SOL $178 ▲ +5.1% BNB $412 ▼ -0.3% XRP $0.63 ▲ +0.9% ADA $0.51 ▼ -1.2% AVAX $38.90 ▲ +2.7% DOGE $0.17 ▲ +3.2% DOT $8.42 ▼ -0.8% LINK $14.60 ▲ +3.6% MATIC $0.92 ▲ +1.5% LTC $88.40 ▼ -0.6%
Crypto Currencies

FTX Crypto Exchange: Post-Collapse Technical Forensics and Risk Lessons

FTX was a centralized cryptocurrency exchange that operated from 2019 until its collapse in November 2022. The platform offered spot trading, derivatives,…
Halille Azami · April 6, 2026 · 6 min read
FTX Crypto Exchange: Post-Collapse Technical Forensics and Risk Lessons

FTX was a centralized cryptocurrency exchange that operated from 2019 until its collapse in November 2022. The platform offered spot trading, derivatives, tokenized stocks, and yield products, becoming the third largest exchange by volume before its insolvency. This article examines the technical and operational structure that enabled its failure, focusing on custody architecture, internal control gaps, and risk assessment frameworks practitioners should apply when evaluating any centralized platform.

Custody and Fund Segregation Architecture

FTX’s technical failure began with its custody model. The exchange used omnibus wallet structures where user deposits pooled into shared addresses controlled by FTX’s internal systems. Unlike compliant models that maintain customer funds in segregated trust accounts with external attestation, FTX treated deposits as balance sheet assets.

The critical flaw emerged in backend accounting. While the frontend database showed individual user balances, the actual on-chain wallet infrastructure allowed unrestricted internal transfers. Alameda Research, FTX’s affiliated trading firm, held an account with a negative balance exemption in the core ledger. This exemption meant Alameda could withdraw customer funds without triggering standard balance checks that applied to other users.

The database modification creating this exemption bypassed typical exchange risk controls. Most platforms implement hard balance checks at the withdrawal queue layer, rejecting any transaction that would push an account below zero. FTX’s codebase contained conditional logic that whitelisted specific account IDs from this validation, effectively creating an unbounded credit line backed by customer deposits.

Internal Control and Audit Trail Gaps

Exchange platforms typically maintain immutable audit logs tracking every balance modification, withdrawal authorization, and internal transfer. FTX’s systems lacked comprehensive logging at critical junctures.

Withdrawal processing occurred through a custom backend service that interfaced with hot wallets and cold storage signing infrastructure. Evidence from bankruptcy proceedings revealed that this service allowed manual overrides with minimal logging. Administrators could move funds between internal accounts, adjust balances, or authorize withdrawals without creating detailed, timestamped records of the approving party and business justification.

Standard exchange architectures separate roles: traders cannot approve withdrawals, finance personnel cannot modify trading balances, and cold storage access requires multisignature approval from geographically distributed keyholders. FTX concentrated these capabilities within a small group. The cold storage infrastructure used multisignature wallets, but signers were primarily FTX executives in the Bahamas headquarters, eliminating the security benefit of geographic and organizational separation.

Balance Sheet Misrepresentation Through Token Valuation

FTX’s solvency reporting relied on inflated valuations of illiquid tokens. The platform created FTT, its native exchange token, and counted holdings at mark-to-market prices despite limited genuine liquidity.

The mechanics worked as follows: FTX issued FTT tokens and allocated significant portions to Alameda Research and company treasury. As FTT traded on FTX and other platforms, the exchange marked its FTT holdings at the highest trade price observed. When reporting assets to back customer deposits, FTX included billions in FTT valued at these marks.

The actual liquidity was orders of magnitude smaller. Order book depth analysis showed that selling even modest FTT quantities would crash the price. The token operated as a circular asset: FTX valued it highly because of trading volume on its own platform, then used that valuation to claim solvency while the underlying collateral could not be liquidated at reported prices.

Worked Example: Withdrawal Processing During the Bank Run

In early November 2022, users requested withdrawals exceeding $5 billion over 72 hours. Here’s how the system processed these requests:

  1. User initiates withdrawal request for 100,000 USDC via the web interface
  2. Request enters withdrawal queue, system checks user’s database balance (passes)
  3. Backend service aggregates queued withdrawals and determines required liquidity
  4. Service queries hot wallet USDC balance, finds insufficient funds
  5. System should either reject withdrawal or trigger cold storage transfer
  6. Instead, administrator manually processes selective withdrawals, prioritizing certain users
  7. For approved withdrawals, backend reduces user database balance and signs onchain transaction
  8. Transaction broadcasts, user receives funds, database updates as completed

The failure occurred at step 5. FTX lacked liquid assets to honor all withdrawals because those funds had transferred to Alameda. Rather than halting all withdrawals uniformly, the platform processed requests selectively, creating an undisclosed prioritization scheme. Users monitoring blockchain addresses observed withdrawals succeeding for some addresses while their own remained pending, revealing the liquidity crisis before official acknowledgment.

Common Mistakes When Evaluating Centralized Exchanges

  • Accepting proof of reserves without liabilities disclosure. Exchanges can demonstrate onchain asset control while hiding offsetting debts or obligations. Verify that attestations include both sides of the balance sheet.

  • Ignoring corporate structure complexity. Related entity lending, as between FTX and Alameda, creates risk that simple exchange terms of service do not disclose. Review parent company structures and affiliated trading operations.

  • Treating native exchange tokens as quality collateral. Tokens issued by the platform itself present circularity risk. Their value depends on platform success, making them ineffective bankruptcy protection.

  • Overlooking jurisdiction and regulatory gaps. FTX operated from the Bahamas with limited regulatory oversight. Geographic arbitrage often signals intentional avoidance of capital requirements and audit standards.

  • Trusting insurance claims without policy review. FTX marketed insurance coverage that applied only to hot wallet hacks, not fraud or insolvency. Read actual policy terms rather than marketing summaries.

  • Assuming multisignature equals security. Multisig provides no protection if all keyholders work in the same office under the same management. Verify geographic and organizational separation of signers.

What to Verify Before Trusting Any Centralized Exchange

  • Current proof of reserves methodology: Does it include liabilities? Who performs the attestation? How frequently?
  • Corporate structure and affiliated entities: Does the exchange lend to related parties? What disclosures exist?
  • Regulatory registration and capital requirements: Which jurisdiction supervises the platform? What minimum capital ratios apply?
  • Insurance coverage scope and limits: What events trigger coverage? What is the per-user cap?
  • Withdrawal processing architecture: Are there daily limits? What is the typical processing time? Does the platform maintain hot wallet reserves for expected daily volume?
  • Cold storage custody arrangements: Who holds keys? What is the signing threshold? Are signers organizationally independent?
  • Native token economics if one exists: What percentage of reported assets consists of the platform’s own token? What is realistic liquidity for that token?
  • Bankruptcy precedent in the operating jurisdiction: How have previous exchange failures resolved? What recovery rates did users experience?
  • Real-time onchain monitoring: Do the platform’s known wallet addresses hold assets consistent with claimed reserves?
  • Executive background and prior ventures: Have leadership figures been involved in previous failures or regulatory actions?

Next Steps

  • Implement portfolio allocation limits per platform based on regulatory jurisdiction and custody transparency. Concentrate funds on platforms with clear proof of reserves and regulatory supervision.
  • Set up onchain monitoring for exchange wallet addresses you use. Track reserve levels and large outflows that might signal liquidity stress before official announcements.
  • Evaluate self-custody options for holdings you do not actively trade. The security and control trade-offs of hardware wallets or multisignature solutions may outweigh exchange convenience for long-term positions.

Category: Crypto Exchanges

Topics: Crypto CurrenciesCrypto DerivativesCrypto ExchangesCrypto Investment StrategiesCrypto Market AnalysisCrypto NewsCrypto Portfolio TrackingCrypto Price PredictionCrypto RatingsCrypto RegulationsCrypto SecurityCrypto TaxesCrypto TradingCrypto Wallets

Related Stories