When Mt. Gox collapsed in 2014 and roughly 850,000 Bitcoin disappeared, headlines said “Bitcoin hacked.” That framing was wrong in a specific and important way. The Bitcoin protocol was not compromised. The exchange was. That distinction, between what was actually breached and what was not, is the most important thing to understand about Bitcoin security. And it is the thing most consistently misrepresented in public commentary about Bitcoin.
| Point | What it means |
|---|---|
| The protocol has never been compromised | In over 15 years of continuous operation, no successful attack on the Bitcoin blockchain has occurred. Every confirmed transaction remains confirmed. |
| Exchange failures are not Bitcoin failures | Mt. Gox, FTX, Celsius, BlockFi: every major customer fund loss involved institutional failure, fraud, or mismanagement. Not a Bitcoin protocol flaw. |
| Self-custody eliminates custodial risk | If you hold your own private keys in cold storage, no exchange hack, fraud, or platform collapse can affect your Bitcoin. |
| Not your keys, not your coins | Holding Bitcoin on an exchange means holding a claim on Bitcoin, not Bitcoin itself. The security of that claim depends entirely on the exchange. |
| A 51% attack is economically irrational | Acquiring enough mining hardware to control 51% of Bitcoin’s hashrate would cost billions and likely destroy the value of the asset you just spent billions to compromise. |
What the Bitcoin blockchain actually is
The Bitcoin blockchain is a public ledger of every transaction ever made on the network. It is maintained simultaneously by tens of thousands of nodes, computers running Bitcoin software, spread across more than 100 countries. Each of these nodes holds a complete copy of the transaction history and independently validates every new transaction and block against the protocol’s rules.
There is no central server. There is no headquarters. There is no single point of failure. The network is extraordinarily difficult to shut down or corrupt because attacking it requires attacking all of its participants simultaneously, everywhere in the world.
To alter a confirmed transaction, an attacker would need to control more than 50% of the total computing power of the Bitcoin network at a given moment, what is known as a 51% attack. At Bitcoin’s current scale, the network’s hashrate is measured in hundreds of exahashes per second, representing millions of purpose-built mining machines. Acquiring enough hardware to exceed this threshold would require a capital outlay and ongoing energy cost that makes the attack economically irrational, even before accounting for the fact that a successful attack would likely destroy the value of the asset the attacker had just spent billions to compromise.
In over fifteen years of continuous operation, no successful attack on the Bitcoin blockchain has ever occurred. The transaction record is intact. Every transaction ever confirmed has remained confirmed. You can verify this yourself by reading Satoshi Nakamoto’s original whitepaper, which describes the security model in precise technical terms.
What has actually been compromised
Mt. Gox did not happen because someone broke the Bitcoin protocol. Mt. Gox happened because a Japanese exchange managed its security catastrophically badly. The exchange held Bitcoin on behalf of hundreds of thousands of customers in a centralised pool. Its internal accounting systems were compromised over an extended period. The Bitcoin that was stolen was taken from Mt. Gox’s operational wallet, not from the Bitcoin blockchain. The blockchain kept running. The blockchain still holds an immutable record of every Bitcoin movement involved in that theft, to this day.
FTX, the exchange that collapsed in November 2022 with somewhere between $8 billion and $10 billion in customer funds missing, was not a hack in the traditional sense. It was, by the evidence presented in subsequent legal proceedings, fraud: the systematic misuse of customer deposits by the exchange’s management. The Bitcoin protocol was not involved. The Bitcoin that FTX customers held was fine, sitting on the blockchain, until FTX’s internal records showed it as something it was not.
This pattern repeats throughout Bitcoin’s history. Bitfinex. Binance. Celsius. BlockFi. Coincheck. Cryptopia. In every significant case where customer funds were lost, the failure was in the human institution, not in the underlying protocol. Exchanges had weak internal controls. Custodians cut costs on security infrastructure. Fraudulent operators took customer money. These are the failure modes of financial intermediaries in every era. They are not unique to Bitcoin.
The distinction that matters: protocol versus infrastructure
The distinction between protocol security and infrastructure security is not a deflection. It is a real analytical difference that has direct implications for how you manage Bitcoin exposure.
If you hold Bitcoin on an exchange, your risk profile includes the exchange’s solvency, its regulatory standing, its internal security practices, and the honesty and competence of its management. Your Bitcoin is only as secure as that exchange’s weakest point, regardless of how robust the Bitcoin protocol itself is.
If you hold Bitcoin in self-custody, meaning you hold the private keys yourself and not on any exchange or custodial platform, your exposure to exchange risk is zero. The relevant risks shift entirely to your own operational practices: whether you have stored your seed phrase securely, whether your hardware wallet is genuine and properly configured, whether you have adequate backup procedures, whether you are susceptible to phishing or social engineering.
“Not your keys, not your coins” is the phrase that captures this distinction. It is blunt but accurate. If you do not hold the private keys that control your Bitcoin, you do not actually hold Bitcoin. You hold a claim on Bitcoin, mediated by whoever holds the keys on your behalf. The security of that claim is as good as the security of that intermediary, no better and potentially much worse.
Self-custody: what it requires and what it eliminates
Self-custody eliminates custodial risk entirely. If you hold your own private keys in proper cold storage, a hardware wallet kept offline with a seed phrase stored securely in a separate physical location, you are the only person who can authorise transactions from your Bitcoin. No exchange hack can touch you. No fraudulent custodian can abscond with your funds. No regulatory freeze of a third-party platform can affect your access.
What self-custody introduces is personal operational risk. Losing your private keys or losing access to your seed phrase backup means losing your Bitcoin permanently and irreversibly. There is no customer service line to call. There is no recovery mechanism. The Bitcoin protocol does not know who you are. If the private key is gone, the Bitcoin is gone.
This is not a fatal flaw. It is a design choice with explicit tradeoffs. The same property that makes Bitcoin resistant to seizure and censorship, that no one can authorise a transaction without the private key, is the property that makes lost keys unrecoverable. A system with a recovery mechanism is a system with a backdoor. A backdoor is a security vulnerability. Bitcoin chose not to have that backdoor. If you are going to hold significant value in self-custody, you need to treat the security of your keys with the same seriousness that you would treat the security of cash or physical gold.
For South African investors in particular, this is worth taking seriously. We operate in an environment where financial institutions have historically had meaningful failure rates, where political and regulatory risk is real, and where the ability to hold assets outside the traditional financial system has genuine value. Self-custody done properly is not paranoia. It is a rational response to a specific risk environment. SimplB’s security guidance covers this in practical terms, and the Simple Bitcoin Vault is designed for South Africans who want proper cold storage setup.
What institutional investors should think about
Most institutional investors, pension funds, family offices, corporations, and listed companies cannot self-custody in the way a private individual can. Governance requirements typically mandate third-party custody, segregation of duties, and audit trails. The individual holding the keys cannot simply be the CFO keeping a hardware wallet in a safe.
For institutions, the appropriate approach is a regulated custodian using multi-signature security and cold storage. Multi-signature means that any transaction requires cryptographic approval from multiple keys held by multiple parties, often a combination of the client, the custodian, and a third independent key holder. This eliminates single points of failure. No single employee at the custodian, no single piece of hardware, can unilaterally move funds.
The custody landscape for institutional Bitcoin has improved significantly since the early exchange era. Regulated custodians operating under financial services licences with insurance, audit requirements, and segregated client assets exist in multiple jurisdictions. The due diligence required to evaluate them is meaningful but not categorically different from the due diligence that applies to any financial custodian.
Reading the risk correctly
The risk profile of Bitcoin is routinely mischaracterised in mainstream commentary, almost always in ways that overstate protocol risk and understate infrastructure risk. People who lost money in Mt. Gox were not victims of a Bitcoin flaw. They were victims of a badly run business that had voluntarily taken custody of their assets. People who lost money in FTX were not victims of a cryptocurrency problem. They were victims of fraud by a specific set of individuals who chose to misappropriate customer funds.
Bitcoin’s protocol security is exceptional by any objective standard. No other financial asset or settlement system of comparable scale has operated for fifteen years without a successful protocol-level compromise. The appropriate response to that track record is not to dismiss it, but to understand it accurately and manage the risks that are real: custody risk, operational risk, and the risk of trusting the wrong intermediaries.
The confusion between protocol security and infrastructure security persists partly because it is more comforting to believe there is a fundamental flaw than to accept that Mt. Gox was a user problem. Accepting that implies users have a responsibility to understand what they are holding and how they are holding it. That is a harder message than “Bitcoin got hacked.” But it is the accurate one, and acting on it leads to much better outcomes.
Bitcoin’s underlying security is formidable. Whether your Bitcoin is secure depends on where you hold it and how. That is not a caveat. That is the whole point. See how SimplB approaches this for South African clients.
Frequently asked questions
Has Bitcoin ever been hacked?
The Bitcoin protocol has never been successfully attacked. In over 15 years of continuous operation, no confirmed transaction has been reversed or altered. What has been hacked are exchanges and custodians, businesses that held Bitcoin on behalf of customers. The distinction matters: those were institutional failures, not protocol failures.
What is a 51% attack and is it a real risk?
A 51% attack requires controlling more than half of Bitcoin’s total mining power. At current network scale, this would require billions in hardware and energy costs. Successfully executing the attack would likely crash the price of the asset, making it economically self-defeating. Bitcoin has never suffered a successful 51% attack.
Is it safe to leave Bitcoin on an exchange?
Holding Bitcoin on an exchange means holding a claim on Bitcoin, not Bitcoin directly. Your security depends on the exchange’s solvency, internal controls, and honesty. Mt. Gox, FTX, and numerous other exchange collapses demonstrate the risk. For anything beyond short-term trading, moving to self-custody or a regulated custodian is strongly advisable.
What happens if I lose my Bitcoin seed phrase?
If you lose your seed phrase and have no other backup, your Bitcoin is permanently inaccessible. There is no recovery mechanism, no customer service, and no backdoor. This is by design: the same property that makes Bitcoin seizure-resistant makes lost keys unrecoverable. Robust seed phrase backup procedures are not optional for anyone holding meaningful value in self-custody.
What is multi-signature custody and why do institutions use it?
Multi-signature (multisig) custody requires cryptographic approval from multiple independent keys before any Bitcoin transaction can be executed. This means no single person, device, or failure point can unilaterally move funds. Institutions use multisig because it satisfies governance requirements for segregation of duties and eliminates the single-key risk that characterised many early exchange failures.
Sources
- Satoshi Nakamoto, Bitcoin Whitepaper: original protocol specification including the security model, proof-of-work, and 51% attack analysis
- Saifedean Ammous, The Bitcoin Standard: analysis of Bitcoin’s monetary properties including its security model and decentralisation
- Lyn Alden, lynalden.com: research on Bitcoin infrastructure risk, exchange failures, and custody best practices
- Financial Sector Conduct Authority (FSCA): CASP licensing requirements including custody standards for South African providers
- Financial Intelligence Centre (FIC): AML and KYC obligations applicable to crypto asset service providers in South Africa
Want to secure your Bitcoin properly?
SimplB helps South African investors move to proper self-custody. A short call is a good place to start.
Book a Custody CallWritten by James Caw, Founder of SimplB. James has helped South Africans understand, buy and secure Bitcoin since 2015. SimplB operates as a Juristic Representative of CAEP Asset Managers, FSP 33933. Last updated: May 2026.
This article is for general educational purposes only and does not constitute financial, legal, tax or exchange control advice. The information reflects the regulatory position as at the date of publication. Your individual circumstances may differ and you should seek qualified professional advice before making any decisions.
