黑客從東京的加密貨幣交易所Coincheck偷走了大約580億日元（5.3260億美元），引發(fā)了對(duì)于數(shù)字資產(chǎn)這個(gè)新興市場(chǎng)的安全和監(jiān)管保護(hù)的質(zhì)疑。

這是史上規(guī)模最大的加密貨幣被盜事件之一，以下是事件相關(guān)的一些問(wèn)題和答案：

NEM是什么？

NEM是2015年3月推出的一種加密貨幣，開(kāi)發(fā)者團(tuán)隊(duì)共有五人，自稱為Pat、Makoto、Gimre、Bloody Rookie和Jaguar。這個(gè)縮略詞的全稱是新經(jīng)濟(jì)運(yùn)動(dòng)（New Economy Movement）。像其他加密貨幣一樣，這種貨幣自稱是不受政府和中央銀行控制的數(shù)字貨幣，可以用于迅速的全球交易。

如今，NEM是全球第十大加密貨幣，總價(jià)值為90億美元，每個(gè)NEM幣的交易價(jià)稍低于1美元。

推出NEM是為了緩解財(cái)產(chǎn)高度集中的問(wèn)題，加密貨幣社區(qū)中的一些人認(rèn)為，它是比特幣的重大弱點(diǎn)。這種全球最著名的加密貨幣的早期嘗試者都成為了億萬(wàn)富翁。

要挖掘比特幣，就需要讓計(jì)算機(jī)競(jìng)速尋找運(yùn)算問(wèn)題的解。NEM的開(kāi)發(fā)者認(rèn)為，這種機(jī)制會(huì)讓富人變得更加富有，因?yàn)橛绣X人可以購(gòu)置更多硬件來(lái)運(yùn)算這類問(wèn)題。

NEM則會(huì)獎(jiǎng)勵(lì)參與這個(gè)經(jīng)濟(jì)系統(tǒng)的賬戶。這個(gè)平臺(tái)會(huì)綜合考慮賬戶的余額，使用賬戶交易的用戶，與其他人的交易量，根據(jù)結(jié)算的交易來(lái)計(jì)算賬戶的重要性。

Coincheck是如何被黑客攻擊的？

目前還有很多細(xì)節(jié)尚不明朗。

Coincheck的首席運(yùn)營(yíng)官大塚雄介（Yusuke Otsuka）周五表示，當(dāng)?shù)貢r(shí)間凌晨3點(diǎn)左右， Coincheck的一個(gè)NEM地址發(fā)送了大約5.23億NEM幣。8個(gè)多小時(shí)之后，Coincheck發(fā)現(xiàn)賬戶余額出現(xiàn)了異常減少。

Coincheck表示，NEM幣被儲(chǔ)存在“熱錢包”而不是“冷錢包”中。公司總裁Koichiro Wada稱這樣做是因?yàn)榧夹g(shù)上存在困難，人手也不足。

什么是熱錢包？

熱錢包是聯(lián)網(wǎng)的，因此容易遭到黑客攻擊。專家警告稱，在熱錢包中保存大量財(cái)產(chǎn)，相當(dāng)于隨身攜帶大量現(xiàn)金。

冷錢包，例如Trezor和Ledger Nano S，體積類似于USB閃存盤大小，可以把財(cái)產(chǎn)離線保存。一些人會(huì)把它們放在安全的地方。

日本如何監(jiān)管加密貨幣交易所？

去年4月，日本政府接受了比特幣作為一種支付的合法途徑，并要求交易所的經(jīng)營(yíng)者在金融監(jiān)管方登記。

這項(xiàng)要求是在當(dāng)時(shí)全球最大的比特幣交易所——東京的Mt. Gox在2014年遭遇黑客攻擊之后出臺(tái)的，目的是為了保護(hù)消費(fèi)者，打擊加密貨幣非法使用的情況。這也是首相安倍晉三通過(guò)金融技術(shù)領(lǐng)域刺激增長(zhǎng)的舉措之一。

金融廳要求希望成立的交易所配備完備的計(jì)算機(jī)系統(tǒng)，設(shè)置隔離的現(xiàn)金和加密貨幣賬戶，核實(shí)交易者身份，擁有風(fēng)險(xiǎn)管理系統(tǒng)。

截至1月17日，金融廳已經(jīng)批準(zhǔn)了16家日本加密貨幣交易所的注冊(cè)。另有16家左右的交易所在監(jiān)管方案出臺(tái)之前就已開(kāi)始經(jīng)營(yíng)，其中就包括Coincheck。監(jiān)管方允許這些交易所暫時(shí)繼續(xù)經(jīng)營(yíng)，并著手評(píng)估他們的操作流程。

被盜走的NEM幣還能被追蹤到嗎？

支持NEM區(qū)塊鏈技術(shù)的機(jī)構(gòu)NEM.io Foundation位于新加坡，該機(jī)構(gòu)表示，目前已經(jīng)掌握了Coincheck被黑的NEM幣下落，他們正在區(qū)塊鏈共享總帳上追蹤這筆錢。

這家機(jī)構(gòu)在媒體平臺(tái)Medium的聲明中表示，黑客目前還沒(méi)有轉(zhuǎn)移任何資金，并補(bǔ)充稱他們會(huì)在兩日之內(nèi)開(kāi)發(fā)出系統(tǒng)化的標(biāo)記系統(tǒng)來(lái)最終這批貨幣，鎖定任何收到它們的賬戶。

目前尚不清楚他們要如何確認(rèn)貨幣持有者的身份。

投資者應(yīng)當(dāng)如何避免被黑客攻擊？

比特幣的推廣者建議避免集中式的交易所，他們認(rèn)為，關(guān)鍵點(diǎn)就是不要把去中心化貨幣的控制權(quán)移交給中央銀行、商業(yè)銀行和交易所等第三方機(jī)構(gòu)，這會(huì)增加管理不善、詐騙或被黑的風(fēng)險(xiǎn)。

專家表示，只有在即將完成的交易中所需的錢才應(yīng)當(dāng)保存在熱錢包中。即使那時(shí)，也可以通過(guò)去中心化的交易所如Shapeshift、Changelly或Waves Dex，從貨幣持有者的錢包中直接取出來(lái)兌換貨幣，而沒(méi)必要從以交易所名義控制的錢包中取錢。

只有在貨幣持有者試圖把加密貨幣兌換成法定貨幣時(shí)，才存在被騙或被黑的風(fēng)險(xiǎn)，不過(guò)也可以把這些風(fēng)險(xiǎn)減少到最低。交易可以以P2P的方式，在安全、公開(kāi)的場(chǎng)所，與當(dāng)?shù)丶用茇泿派鐓^(qū)高信譽(yù)的會(huì)員，通過(guò)localbitcoins.com等網(wǎng)站或集中的交易所進(jìn)行。如此一來(lái)，僅有網(wǎng)上執(zhí)行交易的那一小段時(shí)間有可能被黑客攻擊。（財(cái)富中文網(wǎng)）

譯者：嚴(yán)匡正?

Hackers have stolen roughly 58 billion yen ($532.60 million) from Tokyo-based cryptocurrency exchange Coincheck, raising questions about security and regulatory protection in the emerging market of digital assets.

The following are some questions and answers about one of the largest heists of cryptocurrencies in the history:

What Is NEM?

NEM is a cryptocurrency launched in March 2015 by a team of five developers identifying themselves as Pat, Makoto, Gimre, BloodyRookie and Jaguar. Its acronym stands for New Economy Movement and, like other cryptocurrencies, markets itself as a digital coin outside the control of governments and central banks, which can be used for fast, global transactions.

It is now the tenth largest cryptocurrency, with $9 billion worth of NEMs in circulation, trading at just below $1 per coin.

NEM was launched to rectify the high concentration of wealth that some in the cryptocurrency community believe to be one of the key weaknesses of bitcoin, the world’s most widely known cryptocurrency, whose early adopters have turned into multi-billionaires.

For bitcoin transactions to clear, computers compete to find the solution to a computational problem, which NEM developers say makes the rich richer as those who have money can afford more hardware to solve such problems.

NEM rewards accounts that participate in the economy. The balance of an account, who transacts with that account, and how much it transacts with others are all combined to calculate an account’s importance, based on which transactions are cleared.

How Was Coincheck Hacked?

Many details are still unclear.

Yusuke Otsuka, Coincheck’s chief operating officer, said on Friday that around 523 million NEM coins were sent from a NEM address at Coincheck at around 3 a.m. local time. Over eight hours later, Coincheck noticed an abnormal decrease in the balance.

Coincheck said the NEM coins were stored in a “hot wallet” instead of a “cold wallet.” Company President Koichiro Wada cited technical difficulties and a shortage of staff.

What Is a Hot Wallet？

Hot wallets are connected to the internet, therefore vulnerable to hacking. Experts warn that holding large sums in hot wallets is the equivalent of carrying large amounts of cash in person.

Cold wallets, such as Trezor and Ledger Nano S, are devices which can be as small as a USB stick and can be stored offline. Some keep them in a safe.

How Are Crypto Exchanges Regulated in Japan?

Japan’s government in April recognized bitcoin as a legally accepted means of payment, and required exchange operators to register with the financial regulator.

The move — which came in the wake of the 2014 collapse of Tokyo-based Mt. Gox, then the world’s largest bitcoin exchange — was designed to protect consumers and clamp down on illegal use of cryptocurrencies. It also formed part of Prime Minister Shinzo Abe’s push to stimulate growth via the fintech sector.

The Financial Services Authority’s requirements for would-be exchanges include robust computer systems and segregation of cash and cryptocurrency accounts, checks on traders’ identities and risk management systems.

As of Jan. 17, the FSA had approved the registration of 16 Japanese cryptocurrency exchanges. A further 16 or so exchanges that were operating before the regulation was introduced — including Coincheck — have been allowed to continue operating on a provisional basis as their applications are assessed.

Can Stolen NEMs Be Tracked?

The NEM.io Foundation, a Singapore-based organization supporting NEM blockchain technology, says it has a full account of the whereabouts of Coincheck’s hacked NEM, tracing the currency on the blockchain shared ledger.

The hacker has not moved any of the funds, the foundation said in a statement posted to the Medium publishing site, adding it would create an automated tagging system within two days to follow the coins and identify any account which receives them.

It is unclear how the holders would be identified.

How Can Investors Avoid Being Hacked ？

Bitcoin evangelists recommend steering clear of centralized exchanges, arguing that the whole point of decentralized currencies was to not hand over control to third parties, such as central banks, commercial banks and exchanges, which raises the risk of mismanagement, scams or hacking.

Experts say only money needed for upcoming transactions should be kept in hot wallets. Even then, trading one cryptocurrency for another can be done over decentralized exchanges, such as Shapeshift, Changelly or Waves Dex, directly from the holder’s wallet and not from a wallet controlled by an exchange in their name.

Risks of fraud or hacking then only occur when a holder wants to exchange crypto assets for fiat currencies, but these can be minimized. Transactions can be done peer-to-peer in a safe, public place amongst members of the local crypto community rated by reputation on websites such as localbitcoins.com or via a centralized exchange, with the risk of hacking limited to the amount of time spent online to perform the transaction.