Rewards Hub 
The crypto industry lost $3.4 billion to security breaches in 2025. The Bybit incident alone accounted for $1.4 billion, while North Korean state-sponsored groups were responsible for more than $2 billion in stolen assets across the year.
These numbers are no longer outliers. They describe the environment exchanges operate in today.
For traders, the question has shifted from whether an exchange claims to be secure to whether that security can be independently verified. Phemex is built around that shift. Its custody and security architecture is designed to be auditable, transparent, and testable, rather than based on trust alone.
This is how that system works.
Institutional-Grade Custody with Fireblocks
Most exchange security discussions focus on incident response. Phemex places more emphasis on prevention.
Phemex partners with Fireblocks, an institutional digital asset custody provider securing more than $10 trillion in transactions across 120+ blockchains. Fireblocks is used by over 2,400 organizations, including banks, asset managers, and regulated custodians.
The foundation of Fireblocks custody is multi-party computation (MPC). With MPC, no single device or individual ever holds a complete private key. Instead, cryptographic key shares are distributed across separate secure environments. Even if one component is compromised, the key cannot be reconstructed.
This model removes the single-point-of-failure risk that has driven many of the largest exchange breaches. It is the same custody standard used by ETF providers and traditional financial institutions.
For Phemex users, this means assets are protected by infrastructure already proven in institutional finance.
Cold-Warm-Hot Wallet Architecture
Custody technology is one layer. Storage architecture is another.
Phemex operates a three-tier wallet system designed to balance security with operational efficiency:
Cold wallets hold more than 70% of user assets. These wallets are fully offline and require multi-signature authorization and manual verification for any movement. No single individual can access funds unilaterally.
Warm wallets act as a controlled intermediary layer, holding limited balances to support operations without direct internet exposure.
Hot wallets contain less than 8% of total assets at any given time, limiting exposure while supporting deposits and withdrawals.
This structure ensures that even in a worst-case hot wallet compromise, the majority of user funds remain isolated and unaffected.
Proof of Reserves: Don't Trust, Verify
After the FTX collapse, trust without verification became unacceptable. Phemex was among the early adopters of Merkle Tree Proof of Reserves, and the system continues to evolve.
What Phemex Publishes
Phemex provides both Proof of Reserves and Proof of Liabilities, allowing users to confirm that assets held exceed user balances owed. Cold wallet addresses are published publicly, enabling on-chain verification without reliance on third-party assurances.
How Users Verify
Each account balance is hashed with a random nonce and included in a Merkle Tree. Users can enter their Hashed Client ID on the Proof of Reserves page to confirm inclusion.
Reserve data is updated monthly, typically around the 25th. Covered assets include BTC, ETH, USDT, USDC, USD, TRON, BNB, XRP, SOL, SUI, and AVAX.
Phemex has publicly stated that it does not lend, borrow, or rehypothecate customer funds. Deposits are fully backed on a one-to-one basis.
Cryptographic Key Protection
Private key management is central to exchange security. Phemex applies multiple independent safeguards.
Shamir Secret Sharing divides each private key into multiple fragments stored across separate secure locations. A predefined threshold of fragments is required to reconstruct the key, rendering individual components useless on their own.
These operations run within AWS Nitro Enclaves, confidential computing environments that prevent full key exposure, including to internal personnel.
In addition, multi-signature authorization is required for significant fund movements, reducing both external attack risk and internal misuse.
Combined with Fireblocks MPC, these controls create layered key protection where compromising one system does not compromise the whole.
Defense in Depth Across the Platform
Custody and reserves are only part of the security model. Phemex applies defense-in-depth across its infrastructure.
Network security: Enterprise firewalls, DDoS mitigation, web application firewalls, and continuous monitoring
Data protection: Encryption, strict access controls, and system isolation
Secure development: OWASP compliance, automated vulnerability scanning, and mandatory security reviews
Proactive defense: Red-team testing, staff security training, and independent audits
Real-time monitoring: Behavioral analysis across all wallet tiers, operating continuously
Learning from Experience
In January 2025, Phemex experienced a security incident affecting its hot wallets. Emergency protocols were activated immediately. Operations were paused, Proof of Reserves was published showing cold wallets were untouched, and all user losses were covered from company reserves. Withdrawals resumed within days.
That incident accelerated security upgrades already in progress, including the Fireblocks integration, expanded MPC infrastructure, and enhanced monitoring systems now in production.
The breach was real. The response and subsequent rebuild define the platform’s current security posture.
Account-Level Security Controls
Platform security is reinforced by user-level protections:
Two-factor authentication (2FA)
Withdrawal address whitelisting
Anti-phishing email codes
Time delays for new withdrawal addresses
Strong password enforcement
These controls reduce account-level risk and complement platform infrastructure.
Frequently Asked Questions
How do I verify my funds are safe?
Visit the Proof of Reserves page, enter your Hashed Client ID (found in your dashboard), and the system shows your balance and position in the Merkle Tree.
What percentage of assets does Phemex keep in cold storage?
Over 70% of all user assets are stored in offline cold wallets, physically isolated from any network connection. Less than 8% sits in hot wallets at any time.
Who is Fireblocks?
Fireblocks is an institutional digital asset custody platform used by over 2,400 organizations including banks, ETF custodians, and asset managers. They secure more than $10 trillion in digital asset transactions across 120+ blockchains.
How often are reserves updated?
Proof of Reserves data is updated monthly, roughly on the 25th of each month, covering BTC, ETH, USDT, USDC, USD, TRON, BNB, XRP, SOL, SUI, and AVAX.
Does Phemex lend out user funds?
No. Phemex maintains 100% reserves and has publicly stated it has not borrowed funds and has no outstanding corporate loans.
Key Takeaways
Security in crypto is not a feature. It is infrastructure.
Phemex’s approach in 2026 combines institutional custody through Fireblocks, a three-tier wallet architecture with the majority of assets offline, verifiable Proof of Reserves, advanced cryptographic key protection, and layered defense mechanisms.
The standard is no longer reassurance. It is verification.
