Add hot-wallet-hack research + real-hardware photo

- docs/exchange-hot-wallet-hacks.md: itemised, adversarially-verified history of
  exchange hot-wallet/server compromises (the threat this defends against)
- README: hero photo (Coldcard in HSM mode in the rack) + link to the research

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

README.md

@@ -1,5 +1,7 @@
 # Multisig HSM — a distributed, policy-enforced 2-of-3 threshold signer
 
+![A Coldcard in HSM mode, plugged into a host between rack-mounted servers](docs/img/coldcard-hsm-rack.jpg)
+
 **An automated treasury tier that signs its own cold→hot refills under on-device policy — with no human
 in the loop, and no single machine able to move a satoshi.**
 
@@ -58,6 +60,7 @@ deployment, backup/DR rehearsal, and an operations runbook tailored to you.
 ```
 docs/        OPERATOR-MANUAL.md — the full security model + setup + operations guide
              QUICK-START.md     — the one-page provisioning + on-call checklist
+             exchange-hot-wallet-hacks.md — why this exists: a cited history of exchange hot-wallet hacks
 reference/   The coordinator (orchestrator.py) + wallet/HSM/signing scripts and the
              simulator demo rig — the working reference behind the live signet demo
 ansible/     Signer-host bootstrap skeleton (Tailscale + ckcc-protocol + signer agent)

docs/exchange-hot-wallet-hacks.md

@@ -0,0 +1,111 @@
+# The recurring tax — exchange hot-wallet & server-compromise hacks (2011–present)
+
+*An itemized, multi-source, fact-checked history of incidents where a cryptocurrency exchange's
+internet-connected **hot wallet — on a server that was compromised — was drained** of customer funds. This
+is the specific failure mode the mineracks multisig HSM is designed to remove.*
+
+> **Why this document exists.** "Run the hot wallet on a server" is a bet that the server won't be
+> compromised — and it has been lost, on a roughly annual cadence, for more than a decade. Below is the
+> catalogue, with the unrelated failure modes (fraud, exit scams, signer-UI manipulation) deliberately kept
+> separate, and disputed figures flagged rather than asserted.
+
+## Scope
+
+**In scope:** an internet-connected *hot wallet* on a *compromised server* was drained — the attacker
+obtained the online signing keys, leaked a key file, or pushed unauthorized withdrawals. This is exactly
+what an automated cold→hot **multisig HSM** defends against: the signing keys never leave tamper-resistant
+hardware, and no single compromised host (or operator) can move funds.
+
+**Out of scope — and why it would be dishonest to lump them in:**
+- **Fraud / exit scams** — QuadrigaCX, FTX, Africrypt. Funds were misappropriated by insiders, not stolen by
+  an external server breach. No HSM stops an owner stealing from themselves.
+- **Signer-process / social-engineering compromise** — e.g. **Bybit** (Feb 2025, ~$1.46B, the largest crypto
+  theft ever): attackers injected malicious JavaScript into the multisig signing UI to trick *legitimate*
+  signers during a routine transfer, bypassing cold-wallet controls at the signing step. A different (and
+  growing) threat than a remote hot-wallet drain.
+- **Non-Bitcoin headline losses** — Coincheck (Jan 2018, ~$530M) was **NEM**, not BTC.
+
+## The incidents
+
+| Date | Exchange | Attack vector (server / hot wallet) | BTC lost (approx.) | ≈USD at the time | Outcome |
+|---|---|---|---|---|---|
+| Mar 2012 | **Bitcoinica** | Linode web-host server breach → hot wallet drained | **43,000 BTC** | ~$220K | Customers repaid; folded later. Motivated the Trezor hardware wallet. |
+| Sep 2012 | **BitFloor** | Server hacked; unencrypted wallet-key backup left on disk | **24,000 BTC** | ~$250K | **Not made whole** (partial only); ceased Apr 2013 |
+| (late 2011 →) Feb 2014 | **Mt. Gox** | Hot wallet quietly drained over ~2 years | **~750,000 customer BTC** (≈850k total) | ~$450–500M | **Bankrupt**; ~200,000 BTC later recovered |
+| Jan 2015 | **Bitstamp** | Staff phishing → operational/hot-wallet credentials | **~18,866 BTC** | ~$5M | Survived |
+| Aug 2016 | **Bitfinex** | Online BitGo multisig hot wallet; unauthorized withdrawals bypassing limits | **119,756 BTC** | ~$72M | Survived; users issued BFX tokens, redeemed at 100% within ~8 months |
+| Jun 2018 | **Bithumb** | Hot wallet compromised (mixed assets) | **~2,016 BTC** (1,993 traced) + others | ~$30M | Covered from reserves; survived |
+| Sep 2018 | **Zaif** | Hot-wallet compromise | **5,966 BTC** | ~$60M | Parent company covered losses |
+| May 2019 | **Binance** | Phishing/malware harvested API keys + 2FA → single hot wallet (~2% of BTC) | **7,000 BTC** | ~$40M | Made whole in full via the SAFU insurance fund |
+| Sep 2020 | **KuCoin** | Hot-wallet private-key leak (APT); mixed assets | **~1,008 BTC** (of ~$275–285M total) | ~$280M | ~84% recovered; users made whole |
+| Jun 2024 | **DMM Bitcoin** | Wallet/key compromise (FBI-attributed to DPRK/Lazarus) | **4,503 BTC** | ~$300M | Parent group covered; wound down |
+
+*Borderline:* **Cryptsy** (Jul 2014, ~13,000 BTC) was an IRC backdoor planted in the exchange's wallet code,
+but the founder was later indicted for fraud — so it straddles "hack" and "insider," and is excluded from
+the in-scope counts.
+
+## What the numbers say
+
+- **Cadence.** There is at least one well-documented hot-wallet/server drain in nearly every year from 2012
+  onward — roughly **1–3 per year**.
+- **Most common cause.** The peer-reviewed dataset of 220 exchange incidents 2009–2024 (Bello/Olushola et
+  al., *Frontiers in Blockchain*, 2025) finds **hot-wallet / unauthorized-key access is the single most
+  frequent centralized-exchange attack vector — 39 incidents (~$1.21B)** — ahead of system/server exploits
+  (10), insider theft (7), and data leaks (6).
+- **Total Bitcoin.** The in-scope losses sum to on the order of **~1,000,000 BTC**, overwhelmingly
+  concentrated in **Mt. Gox (~750,000+)** and **Bitfinex (~120,000)**, with a ~100,000-BTC tail across the
+  rest.
+- **Who survived.** The exchanges that survived (Bitfinex, Binance, Bitstamp, KuCoin) generally had the
+  reserves or insurance to absorb the loss. Those that didn't (Mt. Gox, BitFloor) collapsed — and their
+  customers were not made whole.
+
+## The lesson the data points to
+
+Every incident above shares one root cause: **a private key that could sign was reachable from a
+compromised, internet-connected machine.** The defenses that actually work are the ones that (1) keep the
+signing key on tamper-resistant hardware it can *never* leave, and (2) require **more than one** such device,
+on **more than one** host, to agree — so owning a single server, or coercing a single operator, moves
+nothing. That is precisely a **2-of-3, policy-enforced multisig HSM**.
+
+It does *not* replace a high-throughput hot-wallet engine — see the operator manual (§1.2). It secures the
+**cold and warm tiers and the cold→hot refill pipe**: low-throughput, high-stakes, and exactly where the
+incidents above happened.
+
+## Disputed / imprecise figures (flagged honestly)
+
+- **Mt. Gox** — sources range from ~750,000 BTC (customer) to ~850,000 BTC (incl. company coins); ~200,000
+  BTC were later recovered; USD ~$450–500M at the Feb 2014 filing. (One widely-copied list states "$45M" — a
+  tenfold transcription error.)
+- **Bitfinex** — precisely **119,756 BTC**; contemporaneous value **~$72M**, *not* the ~$623M figure some
+  lists quote (that is a later, higher valuation).
+- **Bithumb** — 1,993 BTC traced on-chain vs ~2,016 BTC officially reported.
+- **KuCoin / DMM / Zaif / Bithumb** — mixed-asset thefts; the BTC portion is shown where it could be pinned
+  down (KuCoin's bulk was ETH/ERC-20).
+
+## Method & sources
+
+Compiled via a fan-out research process: five parallel search angles, 21 sources fetched, 101 candidate
+claims extracted, and the leading claims **adversarially verified** — three independent skeptics per claim,
+each trying to refute it; a claim had to survive a majority refutation attempt to be kept. 22 of 25 verified
+claims were confirmed; 3 were killed (including the inflated "Bitfinex ~$350M via BitGo" and "Mt. Gox 840k
+BTC via stolen credentials" framings).
+
+Primary and secondary sources include: Chainalysis (2025 crypto-theft report), TRM Labs (2026 crypto-crime
+report), Elliptic (Bithumb on-chain tracing), the *Frontiers in Blockchain* 2025 academic dataset, exchange
+post-mortems (Binance SAFU update; the 2016 Bitfinex disclosures), and contemporaneous reporting (CoinDesk,
+Wikipedia, Fortune, *The Register*, *Bitcoin Magazine*, NPR). Key links:
+
+- Chainalysis 2025 stolen-funds report — <https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2026/>
+- TRM Labs 2026 crypto-crime report — <https://www.trmlabs.com/reports-and-whitepapers/2026-crypto-crime-report>
+- Frontiers in Blockchain (Bello et al., 2025), 220-incident dataset — <https://www.frontiersin.org/journals/blockchain/articles/10.3389/fbloc.2025.1713637/full>
+- Elliptic — following the money from the Bithumb hack — <https://www.elliptic.co/blog/following-money-from-bithumb-hack>
+- 2016 Bitfinex hack (Wikipedia) — <https://en.wikipedia.org/wiki/2016_Bitfinex_hack>
+- Bitstamp $5M hot-wallet hack (CoinDesk) — <https://www.coindesk.com/markets/2015/01/05/bitstamp-claims-5-million-lost-in-hot-wallet-hack>
+- Mt. Gox (Gemini Cryptopedia) — <https://www.gemini.com/cryptopedia/mt-gox-bitcoin-exchange-hacked>
+- Unchained — crypto hacks timeline — <https://www.unchained.com/resources/hacks>
+
+---
+
+*Compiled 2026-06-26 for the [mineracks multisig HSM](https://multisighsm.com) project. Figures are
+best-available estimates priced at the time of each incident; where disputed, a range is given rather than a
+single number. Corrections welcome via the repository.*