The OKX team is pleased to announce that the platform has fully restored its withdrawal functionality, following a temporary suspension due to an internal operational issue. The incident, which occurred on November 19, 2020 (HKT), has been resolved, and full user withdrawals will be reinstated by November 27, 2020 (HKT). Prior to the relaunch, OKX is conducting rigorous security audits and system checks to ensure the stability and safety of its hot wallet infrastructure.
We sincerely apologize for the inconvenience this pause may have caused. At OKX, user asset security remains our top priority. As part of our commitment to transparency and trust, we reaffirm our long-standing policy of maintaining 100% reserve backing for all user funds—ensuring no risk of a liquidity crisis or bank-run scenario.
To express our gratitude and make amends, OKX will soon launch a comprehensive reward program for both new and existing users. Details of this initiative will be shared in the coming days.
Proven Wallet Security Architecture
OKX has maintained a strong track record in digital asset security over the years, with no major breaches in asset management history. Our cold wallet architecture and security protocols are publicly documented to promote transparency and trust within the blockchain community.
👉 Discover how industry-leading security frameworks protect your digital assets today.
Our hot wallet system leverages a multi-layered security approach, incorporating:
- Multi-signature authentication
- Semi-offline signing
- Real-time big data risk monitoring
Every deposit and withdrawal transaction undergoes strict verification across multiple risk control checkpoints before being broadcast to the blockchain.
How OKX Secures Withdrawals: A Step-by-Step Breakdown
To better inform our users, we are sharing an inside look at our withdrawal verification process—a critical component of our overall security framework.
1. Initial Risk Detection
When a user initiates a withdrawal request, the transaction first enters our online risk control system. This layer performs real-time analysis to detect anomalies such as unusual withdrawal patterns, suspicious login activity, or potential signs of account compromise.
2. Transaction Preparation in Vault System
Once cleared by initial风控 (risk control), the transaction is passed to the Vault system, which generates an unsigned transaction. This step ensures that no private keys are exposed during early processing stages.
3. Semi-Offline Signing Process
The unsigned transaction is then transmitted—via a proprietary non-TCP/IP network protocol—to a semi-offline signing server. This unique communication method significantly reduces exposure to common cyberattack vectors.
This environment is referred to as "semi-offline" because it operates with limited connectivity, making remote hacking attempts virtually impossible. Even if attackers were to intercept network traffic, they would not gain access to any private key material.
4. In-Memory Multi-Signature Verification
On the signing server, a 2-of-3 multi-signature scheme is applied. Crucially, private keys are stored exclusively in volatile memory (RAM), not on disk. This means that even in the unlikely event of physical server intrusion, attackers cannot extract usable key data after reboot or shutdown.
Additionally, each transaction undergoes a second round of validation by the semi-offline risk engine. Only after passing this check is the transaction signed and sent back through secure channels to the online broadcasting node.
5. Blockchain Broadcast
Finally, the signed transaction is relayed to the appropriate blockchain network for confirmation and inclusion in the next available block.
This entire process is designed to prevent large-scale unauthorized withdrawals—even in the event of a partial system compromise—by introducing deliberate delays and layered approvals.
Root Cause of Recent Withdrawal Pause
The temporary halt in withdrawal services stemmed from an unexpected situation involving one of the private key signers in our multi-signature setup. While OKX maintains backup mechanisms for permanent incapacitation (e.g., death or long-term unavailability), the current case involved short-term unavailability of a keyholder—falling outside the scope of our original contingency design.
We acknowledge this gap and are actively enhancing our private key management policies to include temporary delegation protocols and expanded redundancy measures. These improvements will ensure uninterrupted operations under broader scenarios moving forward.
Commitment to Compliance and Industry Growth
From its inception, OKX has adhered strictly to global regulatory standards. We operate comprehensive KYC (Know Your Customer) and anti-money laundering (AML) systems, reinforcing our dedication to legal compliance as a cornerstone of sustainable growth.
We believe that clear, responsible regulation will play a vital role in shaping the future of blockchain technology and digital assets. As such, OKX remains committed to driving innovation through compliant product development and continuous investment in research and engineering.
Our mission extends beyond trading—we aim to advance real-world blockchain applications that deliver tangible value across industries.
Frequently Asked Questions (FAQ)
Q: Is my money safe on OKX?
A: Yes. OKX maintains a 100% reserve model, meaning all user deposits are fully backed. Combined with advanced cryptographic protections and multi-layered risk controls, your assets are safeguarded at every level.
Q: What caused the withdrawal delay?
A: A temporary inability of one private key signer to authorize transactions triggered the pause. Though rare, this scenario highlighted a need for improved short-term contingency planning, which we are now addressing.
Q: How does semi-offline signing prevent hacks?
A: By isolating signing servers from direct internet exposure and using custom communication protocols, OKX minimizes attack surfaces. Private keys never touch online systems and exist only in secured memory during active use.
Q: Will there be compensation for affected users?
A: Yes. A broad customer appreciation campaign—including rewards for both new and returning users—is being finalized and will be announced shortly.
Q: Are OKX’s security practices transparent?
A: Absolutely. We’ve published detailed explanations of our cold wallet design and security architecture on our official site to promote openness and accountability.
Q: When will full withdrawals resume?
A: Full withdrawal functionality will be restored by November 27, 2020 (HKT), following final security validations.
👉 Learn how cutting-edge blockchain platforms are redefining digital asset safety standards.
Security isn’t just technology—it’s culture, process, and transparency. At OKX, we’re building a future where trust is encoded into every layer of our service.
As we move forward, we extend our deepest thanks to our global user base for your patience, support, and continued trust. OKX remains dedicated to delivering innovative products, superior user experiences, and uncompromising security in every aspect of our platform.
Our journey toward excellence continues—driven by your feedback and powered by next-generation blockchain solutions.
👉 Stay ahead in crypto—explore secure, scalable platforms built for tomorrow’s challenges.