A former engineer at Alameda Research, Aditya Baradwaj, has blown the whistle on the hedge fund, revealing that the firm suffered losses of at least $190 million due to preventable scams and security incidents. Baradwaj alleges that Alameda’s focus on agility and speed led to a series of major security lapses.
Security Breaches and Exploits
In an exposé posted on October 12, titled “The Hacks,” Aditya Baradwaj disclosed that Alameda Research‘s rapid decision-making resulted in frequent “major security incidents,” occurring as often as every few months. One significant exploit detailed by Baradwaj involved a trader at Alameda who lost over $100 million of the firm’s funds after clicking on a malicious link that had been promoted to the top of Google Search results. The incident occurred while the trader was attempting to approve a decentralized finance transaction.
Incident #1:
An Alameda trader got phished while trying to complete a DeFi transaction by accidentally clicking a fake link that had been promoted to the top of Google Search results
Cost: $100M+
Postmortem: Implemented extra checks on our internal wallet software
— Adi (e/acc) (@aditya_baradwaj) October 11, 2023
Another substantial loss stemmed from Alameda’s involvement in yield farming on a blockchain of “questionable legitimacy.” This move ultimately resulted in the trading firm incurring losses exceeding $40 million.
Neglect of Industry Standards
According to Baradwaj, Alameda’s co-founder, Sam Bankman-Fried, prioritized speed as the “single most important thing” for both Alameda and FTX. This emphasis on rapid decision-making led to the firm routinely disregarding industry-standard engineering and accounting practices, including limited code testing and incomplete balance accounting.
The security practices at the company were lax, with blockchain private keys and exchange API keys stored in plaintext files accessible to several employees. This approach resulted in another security incident when an old version of these plaintext files containing keys to Alameda’s wallets was leaked. The attacker exploited this breach, moving funds from certain exchanges, ultimately causing losses exceeding $50 million.
Ongoing Revelations and Legal Proceedings
Aditya Baradwaj’s revelations follow the collapse of Alameda and FTX in November of the previous year. The former engineer has been publicly critiquing the actions of Sam Bankman-Fried, particularly the philosophy of Effective Altruism, which justified many decisions that Baradwaj found problematic.
These are just a few incidents – there’s many more, including from before my time at the company.
FTX had its own issues, including the MobileCoin fiasco that Gary recently testified about during the trial.
— Adi (e/acc) (@aditya_baradwaj) October 11, 2023
In recent legal proceedings, former Alameda CEO Caroline Ellison testified against Bankman-Fried in his fraud trial. Multiple former colleagues, including Adam Yedidia and Gary Wang, have presented additional evidence against the former billionaire.
Sam Bankman-Fried has maintained his innocence and pleaded not guilty to the charges brought against him in the ongoing trial.