Is Celsius Network Safe To Put Your Money (I was Wrong. Updated Aug'22)

Disclaimer, I am invested in Celsius Network, and please make your own research before deciding whether to invest with Celsius Network.

Update Aug'22: I was wrong about the risks involved as it didn't have enough collaterals to cover its major loans. The best place to get updates is via Celsius Sub-Reddit and the only choice now is sell at probably 25% value to some bankrupt loan buyer (X-Claims or Claims Market) or just wait. I prefer to wait a while and keep building other things in the meantime.

I decided to share my feeling as I was so wrong over this and will probably lose a 6-digit amount in misplacing my trust in Celsius. While there were some warning flags before the freezing, I dismissed it as there were nothing concrete except FUD and trusted the CEO's words but listening closely to hints. There were many things in its roadmap and events so I didn't think things will go south so fast.

Nevertheless, I reflected and couldn't find a easy way to prevent this. I did removed my money from Gemini in case things go south elsewhere. Hodlnaut seems to have its issue unexpectedly so the crypto contagion did not seem to end yet after 3AC, Voyager and Celsius.  

(Update Aug'22: I rebalanced into NFTs but my remaining crypto was mostly gone) As the majority of my money is in Celsius Network earning interests, one key question whenever I rebalance my portfolio is whether Celsius Network is safe enough for the high-interest rates of over 5% to 10% it offers. 

Celsius was founded in 2017 with the mission to harness blockchain technology to provide unprecedented financial freedom, economic opportunity, and income equality for the 99%. 

There was 2 indirect hacks to Celsius currently

1. Phishing Email Attacks on Celsius Members
2. 2021 Dec - Celsius losing from BadgerDAO $120m hack (suspected to be around $50m of WBTC)

Phishing Email Attacks on Celsius Members (and Non-Members)

There were a reported phishing email attack to potential Celsius members and non-members, with the an above image of a phishing attack on both Celsius and non-Celsius members. This attack is not unique to Celsius and it is safe as long as you don't follow the instructions (e.g. send crypto or install malware that can steal your passwords).

Celsius losing from BadgerDAO $120m hack (suspected to be around $50m of WBTC)

The official Celsius Twitter released that there was a known unauthorized withdrawal in the BadgerDAO hack. Alex also spoke at the 4:40 in Youtube AMA about the hack not affecting users and Celsius would absorb the losses.

There were several unofficial sources in Twitter account (BigTimeCali) with information, including the wallet address in Etherscan. BadgerDAO uses user interfaces instead of a programmatic access, which can be prone to hacks like how normal end users are. Insurance does not cover the losses since it was treated as a human error and also Chainalysis is assisting in the investigation.

The BadgerDAO hack is definitely a red flag, regardless of the fact that Celsius will absorb the losses, since this is a weakness if Celsius relied on an individual to do the right thing. Nevertheless, it is not uncommon and I shall give it more chances as it is difficult to achieve yield and secure the fund easily even for myself. 

Even without going into details, there are many reasons Celsius Network continued to be safe and gains my trust such as :

• There were phishing SMSs and emails sent to both Celsius and non-Celsius members (fake email from mail-celsius.network instead of celsius.network) 
• The CEO Alex Mashinsky has a proven track record of being a successful early mover such as being early in VOIP and offering WiFi in mass transit
• While the Celsius Network support can be slow, the management team of Celsius Network is readily found on Youtube with AMA, Twitter.
• Transparency in showing the top 500 CEL (token promoted by Celsius Network) holders, including the CEO and Treasury
• Celsius employees are incentivized to make Celsius value goto $15 based on their internal reward tier
• Celsius used Fireblocks and PrimeTrust to provide insurance on its digital assets (note this is insignificant since most of the assets are loaned out to generate better returns)
• Celsius provides variable interest rates instead of fixed interest rates (this ensure survivability since it can adjust downwards in case of any unexpected losses)
• Besides due diligence, Celsius require borrowers' collateral of up to 150% (meaning borrowers of your crypto need to provide up to 1.5x the amount they borrowed)
• Borrowing from Celsius from App requires more collaterals than other lenders which support that they rather err on the safer side in bad debts
• Celsius offered a HODL mode for a 24-hour delay before any transfer out can be performed, in case your account was hacked
• Celsius offered 2FA login for authentication in the mobile app
• Celsius required verification for adding new withdrawal addresses to make it harder for hackers to withdraw from your account
• Celsius does multi-party computation to keep tokens secure.

Nevertheless, some risks to Celsius Network still exist including:

• hacking is still possible and partial losses to their assets or your own account
• Not your key, not your money argument
• underlying risks to the asset, e.g USDT or Maker DAO March 2020 Flash Crash which Celsius managed to avoid with prudent collateral requirements based on interview by CEO Alex

Lydia-Sweet10, a Reddit user with only posts on her negative Celsius experience, claimed her account was hacked and shared:

I personally got my Celsius account hacked in November 2020 and over 4 bitcoin ($82000) were stolen. Celsius was very slow to respond and has not managed the problem well at all. Additional security features should have been implemented when you sign up for Celsius. Hodl mode would have definitely helped but security is not where it should be. I am still trying to get to the bottom of this by hiring a fraud investigation firm. The Celsius servers went down in early November and I believe a breach occurred then when hackers were able to get some user names. Then Celsius locked me out of my account for a month when I could have been ramping up my security. Be super careful with anything in crypto wallets especially Celsius!

I hired a fraud investigator and the local police department who subpoenaed Celsius for the records to trace the theft of bitcoin. So far Celsius still says they are looking into it 3 mo after the theft with no explanation given. It’s been very frustrating!

Back in November, I had 4 1/4 bitcoin stolen from my Celsius Wallet, and for three weeks before the theft they had me locked out of my Celsius account for no apparent reason. Here it is three months later and they haven’t really responded in any coherent way. They say they’re working on it. They were absolutely impossible to get a response from for weeks while I was being locked out of my wallet and emailing them every day as to why. This was before all this onboarding. They really do have a big customer service problem. Etoro on the other hand already has a customer service rep assigned to me that calls me back instantly and gives me her direct line to ask any question I need. It was a complete 180 compared to the awful Celsius service.

Conclusion

I did not elaborate too much as I realized there are many details already just from my bullet point thinking to the safety of Celsius Network. Do let me know if you got anything to share or ask about Celsius as I do wish to see both side of the coin.

Links

https://celsiusnetwork.medium.com/celsius-employee-bonus-cel-treasuries-explained-5aeac1d52eae