On July 19, 2025, CoinDCX—a leading Indian crypto exchange—suffered a sophisticated breach of an internal operational account used for liquidity provisioning, leading to a reported loss of approximately $44 million (around ₹368–378 crore). This incident has raised serious questions among users, investors, and the broader crypto community about the company’s financial resilience and its ability to absorb such a significant hit.
1.CoinDCX’s Official Statement on Covering the Loss
Company Response
CoinDCX’s leadership, including co-founders Sumit Gupta and Neeraj Khandelwal, has publicly confirmed the hack and repeatedly stated that the loss will be covered entirely by the company’s own treasury reserves. They emphasized that no customer funds were affected, as user assets are segregated and stored in secure cold wallets.
Nature of the Compromised Account
The affected wallet was for operational liquidity, not for direct user deposits or withdrawals. The exchange immediately isolated the compromised account, temporarily suspended certain services, and clarified that all user wallet infrastructure remained intact and untouched by hackers.
2. Financial and Insurance Buffer
Treasury Reserves
CoinDCX states that their “treasury remains healthy” and capable of covering the nearly $44M loss without impacting users.
The firm reiterated its intent to absorb the full financial impact from internal reserves, with public statements stressing that covering such hacks is a core responsibility.
3. Investor Protection Fund
CoinDCX operates a Crypto Investors Protection Fund (CIPF)—worth ₹50 crore (around $6 million)—intended to safeguard user assets in rare scenarios, such as hacks affecting customer wallets. However, since the July 2025 breach affected only an internal operational account, this fund’s use has not been triggered for this incident.
The CIPF receives 2% of CoinDCX’s brokerage income annually, with an expectation that the fund size will be increased over time to match international standards and growing platform volumes.
4. External Custody and Insurance
CoinDCX's user assets in cold storage are reportedly backed by insurance via BitGo, providing up to $100 million in coverage against external theft or loss. However, this insurance is targeted toward customer assets and not necessarily the company’s own operational or treasury funds.
5. Skepticism and Calls for Proof of Reserve
The crypto community, as well as some investigative journalists and independent researchers, continue to demand greater transparency. Many have asked for verified on-chain Proof of Reserve behind CoinDCX’s treasury claims, especially given the high-profile nature of the loss and historic under-reporting in the sector.
To date, CoinDCX has not publicly released detailed, real-time proof-of-reserve information or disclosed the precise addresses of operational or cold wallets. However, senior executives claim all commitments to cover the loss are factual and fully documented, with ongoing communication to users and regulators.
6. Business and Regulatory Continuity
Following the hack, the company reported that INR withdrawals and core trading services remained operational, suggesting sufficient liquidity and immediate solvency.
CoinDCX has pledged further security enhancements, a bug bounty program, and continued cooperation with cybersecurity investigators to increase confidence and accountability.
Conclusion
CoinDCX has publicly committed to covering the entire $44 million loss from its own reserves, without dipping into customer holdings or seeking external bailouts. While the company’s strong statements and continued platform operations offer reassurance, the absence of live, on-chain proof has led to sustained scrutiny from some users and watchdogs.
For now, all available evidence from the company and recent news reports points to CoinDCX’s ability and willingness to absorb the loss, though the community continues to press for independent verification and further transparency as the story develops
Top comments (0)