The Email That Said Too Much
In our previous analysis, we traced the anatomy of a liquidity crisis at Zondacrypto — Poland’s largest cryptocurrency exchange — through a hundred and fifty years of financial panics, a thicket of abusive contract terms, and the by-now-familiar spectacle of a C.E.O. insisting that everything is fine while refusing to prove it. The piece ended with a simple observation: the exchange’s clients don’t need to know how it processes withdrawals. They need to know whether it has anything left to withdraw.
Twenty-four hours later, we have something close to an answer — and it arrived, of all places, in a customer-support email.
One of our clients, whose withdrawal had been stuck in limbo for days, received a reply from Zondacrypto’s support team. Read quickly, it is the kind of boilerplate that any mildly frustrated customer has learned to skim: technical difficulties, manual processing, your funds are safe, we’ll be in touch. Read slowly — by someone who understands how cryptocurrency exchanges actually move money — it is something else entirely. It is the sound of a machine describing its own malfunction in terms precise enough to diagnose, yet euphemistic enough to deny.
Here, in full, is what the support team wrote:
“The suspension of the withdrawal is due to a general technical problem related to the operation of the system handling withdrawals, specifically in the area of automatic replenishment of the operational wallet (HOT wallet). The problem concerns the automatic selection of value from the HOT wallet per given asset — we receive an erroneous response on withdrawals. They fall into a status of ‘confirming’ or ‘rejected’ at the operator due to incorrectly selected funds, while on the account they appear as ‘pending.’
Funds are being manually selected by our Technical Department from deposit addresses to the hot wallet for each specific withdrawal. As a result, some transactions, including yours, currently require manual processing.
The withdrawal has not been cancelled and remains active in the system, and your funds are safe and remain under full control. We will inform you in a separate message when the withdrawal has been completed.”
At first glance, this reads like a reasonably detailed technical explanation. At second glance — which is to say, once you understand the architecture of the system being described — it reads like an accident report filed in the language of a maintenance bulletin.
Two Stories, One Exchange
The discrepancy begins with the cause of the delays.
Publicly, Zondacrypto’s C.E.O., Przemysław Kral, has offered a tidy narrative. In statements to the Polish media, he attributed the slowdowns to the “implementation of new, advanced security and transaction-monitoring systems” — a proactive business decision, controlled and deliberate, the kind of planned inconvenience that mature companies impose on their customers in the name of progress. The exchange’s public communications echoed the line: new security protocols required temporary manual verification of certain withdrawals. A renovation, not a rupture.
The support email tells a different story. It describes “a general technical problem,” “erroneous responses” from the withdrawal system, transactions falling into “rejected” status, and the necessity of selecting funds “manually . . . for each specific withdrawal.” This is not the language of a planned upgrade. This is the language of a system that has broken down and is being held together by hand.
One version sounds like a kitchen renovation. The other sounds like a burst pipe.
The Hot Wallet: By Design or By Default?
The contradiction sharpens when you examine what each narrative implies about the state of the exchange’s hot wallet — the internet-connected wallet from which customer withdrawals are executed in real time.
Publicly, the problem is framed as a matter of perception. The media, Kral argued, had confused the balance of the hot wallet with the exchange’s total reserves. Most funds, he said, are stored in cold wallets — offline vaults disconnected from the internet, invisible to blockchain analysts. The implication: the hot wallet is deliberately kept lean, as a security measure. Zondacrypto’s own website reinforces this framing, declaring that “all cryptocurrency funds are stored in so-called cold wallets.”
The support email, however, describes a hot wallet that is not lean by design but empty by circumstance. The automatic replenishment mechanism — the software pipeline that is supposed to move funds from cold storage into the hot wallet whenever its balance drops below a threshold — is not functioning. Funds are instead being gathered by hand, “from deposit addresses to the hot wallet for each specific withdrawal.”
These two accounts are mutually exclusive. If the low hot-wallet balance is an intentional feature of the security architecture, it should not produce system errors. If it is producing system errors — transactions returning “rejected,” funds being “incorrectly selected” — then it is not intentional. It is broken.
The scale of the breakage is quantifiable. An analysis by Recoveris, a cryptocurrency-forensics firm, published by the Polish financial-news outlets money.pl and Wirtualna Polska, found that the average monthly Bitcoin balance on Zondacrypto’s hot wallets had fallen from approximately 55.7 BTC in August, 2024, to just 0.18 BTC in March, 2026 — a decline of 99.7 per cent. On April 1, 2026, the balance stood at 0.086 BTC, the equivalent of roughly five thousand dollars. At no point in March did it exceed a single bitcoin. The figures were independently confirmed by Polish Radio, Bankier.pl, and Business Insider Polska.
Seventy-Six Million Zlotys Out the Door
Then there is the matter of the outflows. Recoveris analysts identified a series of five hundred and eleven transfers executed between December 18, 2025, and April 2, 2026, moving more than twenty-one million dollars’ worth of assets from Zondacrypto to a single deposit address on the Kraken exchange. Rzeczpospolita, Poland’s paper of record, confirmed the figure.
Publicly, Kral described these as “absolutely standard market operations” — market-making activity, liquidity management, execution of institutional-client orders.
The support email said nothing about them. Not a word. An individual client, waiting for a withdrawal that had been stuck on “pending” for days, received no explanation for why seventy-six million zlotys had left the platform while his money sat in a queue. The omission is itself a kind of information. “Liquidity management,” in the context of an exchange that cannot automatically fund its own hot wallet, is an expression that support evidently preferred not to repeat in a one-on-one conversation.
The Numbers the Support Team Didn’t Use
In his public statements, Kral declared reserves of more than 4,500 BTC and “over one-hundred-per-cent coverage of all obligations to users.” He told reporters that “funds were never blocked due to their physical absence.”
The support email offered the client only this: “Your funds are safe and remain under full control.” No numbers. No mention of the 4,500 BTC. No reference to the C.E.O.’s assurances. Support repeated the conclusion but declined to cite the evidence.
This suggests one of two things: either the front-line staff were not equipped with the data to substantiate their boss’s claims — a sign of poor crisis coordination — or, more troublingly, the people answering the phones don’t quite believe the numbers their C.E.O. is giving the press.
A third discrepancy concerns timing. Kral publicly promised a return to normal withdrawal processing by April 12th, with standard forty-eight-hour turnaround restored “within six days.” The support email told the client: “We will inform you in a separate message when the withdrawal has been completed.” No date. No reference to the C.E.O.’s deadline. The client received a promise of a future message — not a timeline. Zondacrypto’s Facebook page on April 8th apologized for manual processing and promised daily updates but likewise offered no restoration date. Fintek.pl noted that “the April 12th deadline was initially declared but not upheld.”
When customer support won’t cite a date that the C.E.O. announced publicly, something has broken in more than just the software.
Who Is the “Operator”?
Here the email yields its most technically revealing detail, though you have to know what you’re looking at to see it.
Cryptocurrency exchanges, even large ones, generally do not manage their wallet infrastructure in-house. They rely on third-party custodial platforms — Fireblocks, BitGo, Copper.co, Anchorage — that handle the grunt work of key management, transaction construction, signing, and broadcasting to the blockchain. These platforms operate what is known as multi-party computation (M.P.C.) architecture: the private keys that authorize transactions are split across multiple servers, so that no single point of failure — and no single rogue employee — can drain the vault.
The statuses “confirming” and “rejected,” which the support email attributes to an entity it calls “the operator,” are not statuses that the Bitcoin or Ethereum networks generate. The Bitcoin network does not return “rejected.” A transaction either enters the mempool and is eventually confirmed, or it is dropped by a node and never exists at all. “Confirming” and “rejected” are internal lifecycle statuses of a custodial platform. Fireblocks, for instance, operates a transaction pipeline that runs: SUBMITTED → QUEUED → PENDING_AUTHORIZATION → BROADCASTING → CONFIRMING → COMPLETED / FAILED / REJECTED. The REJECTED status may result from A.M.L. policy flags, insufficient funds, or failed transaction construction.
In other words, the “operator” in the support email is almost certainly not the blockchain. It is Zondacrypto’s external custody provider — the platform that actually holds the keys and builds the transactions on the exchange’s behalf.
(A caveat: Zondacrypto has never publicly disclosed which custodial provider it uses. The identification of “the operator” as an external custody platform is a technically grounded inference — the terminology matches custodial-platform conventions, not blockchain-network behavior — but it remains an inference, not a confirmed fact.)
The Empty Tank Problem
To understand why the custody provider is returning errors, you need to understand how Bitcoin actually moves.
Bitcoin does not operate on balances. It operates on something called UTXOs — Unspent Transaction Outputs. Think of it this way: a conventional bank account works like a jar of water. You pour in deposits, scoop out withdrawals, and the level in the jar tells you where you stand. Bitcoin works more like a jar of coins. Every deposit is a distinct coin of a specific denomination, and every withdrawal requires the system to select a combination of coins — UTXOs — whose total equals or exceeds the amount requested, plus the network fee. This selection process is called UTXO selection, and it is one of the fundamental operations that custody platforms perform thousands of times per second.
“Erroneous response on withdrawals” and “incorrectly selected funds” — the phrases from the support email — describe a UTXO-selection failure. This happens for one of three reasons: the available UTXOs are insufficient to cover the withdrawal (the hot wallet is simply too empty), the UTXOs are already reserved for other in-flight transactions (a race condition caused by hundreds of withdrawal requests hitting a nearly depleted wallet simultaneously), or the UTXOs are “dust” — fragments so small that the network fee required to spend them exceeds their value.
At a hot-wallet balance of 0.086 BTC — the figure Recoveris reported for April 1st — all three failure modes fire at once. A wallet holding a fraction of a bitcoin, attempting to service hundreds or thousands of pending withdrawals, will generate precisely the errors described in the support email: the custody platform tries to assemble a transaction, can’t find enough UTXOs, and the request drops into “rejected.” When it finds barely enough, the transaction enters “confirming” and hangs — stuck in the mempool with a fee too low for miners to prioritize, because the inputs were too small to leave room for a competitive fee.
Put differently: “a technical problem with automatic replenishment” is a technically accurate description of a situation in which the hot wallet is empty. It is also a technically accurate description of a car having “a fuel-system issue” when the tank is dry.
And if the hot wallet is empty, why doesn’t the custody provider simply return “insufficient funds”? Because platforms like Fireblocks and BitGo are designed with retry buffers and queuing logic. A submitted transaction that can’t be assembled is not immediately rejected; it is held in a pending state, on the assumption that the hot wallet will be topped up within minutes. The client’s dashboard shows “pending.” This is not a bug. It is a feature — engineered for momentary shortfalls that resolve in seconds. The problem arises when “momentary” stretches into weeks.
The Most Important Sentence
Of everything in the support email, one sentence matters most: “Funds are being manually selected by our Technical Department from deposit addresses to the hot wallet for each specific withdrawal.”
To grasp why this is alarming, consider the standard architecture of a cryptocurrency exchange. The flow of funds follows a three-layer pipeline. First, a customer deposits Bitcoin to a unique deposit address generated for their account. Second, the exchange periodically sweeps these deposits into a consolidated cold-storage wallet — an aggregated, offline vault. Third, when the hot wallet’s balance drops below a pre-set threshold, the cold wallet automatically feeds it, like a reservoir supplying a tap. The hot wallet then processes withdrawals. Three distinct layers, designed so that no single failure can halt the entire system.
The support email describes an architecture in which the middle layer — the consolidated cold wallet — either does not exist or is empty. Instead of transferring from cold storage to hot, the technical department is manually gathering funds from individual customer deposit addresses. This is the equivalent of a bank that, instead of paying withdrawals from its vault, walks to other customers’ safe-deposit boxes and moves their cash to the teller window.
Meanwhile, Zondacrypto’s own security page states that “all cryptocurrency funds are stored in so-called cold wallets.” The support email flatly contradicts this.
The implications are threefold.
First, the cold wallet in which Kral claims 4,500 BTC reside either does not function as a consolidated reserve or cannot be tapped. The reasons could vary — the funds may be encumbered by obligations, frozen by a third party, inaccessible due to key-management issues, or simply not there. But the diagnosis is the same regardless: if a cold wallet containing 4,500 BTC were operationally available, no technical department would be hand-picking scraps from deposit addresses.
Second, the exchange is effectively operating an internal peer-to-peer transfer system. Customer A’s withdrawal is funded directly by Customer B’s deposit. This is not “liquidity management.” This is the description of a system in which no aggregated reserve exists.
Third, processing each withdrawal “for each specific withdrawal” means that every transaction requires an individual decision — which client gets paid, from whose deposit, in what order. This is triage, not a technical operation.
The Proof That Isn’t Coming
There are, in fairness, two possible readings of the situation.
Under the first — call it the benign scenario — the exchange has a genuine software malfunction in the pipeline connecting cold storage to the hot wallet. The cold wallets exist and are fully funded. The manual workaround is temporary. If this is the case, the support email is truthful, and the problem is merely operational. But it raises a stubborn question: why, after weeks of disruption, is there no approximate repair date?
Under the second — the serious scenario — the hot wallet is empty because the cold wallets are insufficiently funded, encumbered, or not what they are claimed to be. “Manual processing” is a polite term for rationing. The exchange is deciding, one withdrawal at a time, who gets their money. This is the classical liquidity triage familiar from every crisis catalogued in our previous analysis — from Voyager Digital to FTX.
What separates Scenario A from Scenario B? One thing: a Proof of Reserves. A cryptographic attestation — publishable in hours, verifiable by anyone with an internet connection — proving that the exchange holds the assets it claims. If Scenario A were true, publishing a Proof of Reserves would be the single most obvious move available to management. It would end the crisis of confidence overnight, silence the press, and reassure clients. The cost: zero. The upside: immeasurable.
Kral declined to publish one. He argued instead that “official audits and compliance with capital-market regulators are the true ‘Proof of Reserves.’“
In the cryptocurrency industry, refusing a Proof of Reserves at the height of a confidence crisis carries roughly the diagnostic weight of a patient who insists he is perfectly healthy while declining a blood test. He may, in fact, be healthy. He may simply dislike needles. But the doctor — and the market — draws conclusions not from what the patient says but from what the patient refuses.
The Institutional Vacuum
On April 8, 2026, at the request of Poland’s Prosecutor General, Waldemar Żurek, the National Prosecutor’s Office announced a preliminary investigation into irregularities at Zondacrypto. The probe is being conducted within the broader framework of an investigation into the disappearance of Sylwester Suszek, the founder of BitBay — the exchange’s predecessor — who vanished in March, 2022, and has not been seen since. The investigation was confirmed by RMF24, money.pl, and Fakt.
Separately, Poland’s Office of Competition and Consumer Protection — the UOKiK, roughly equivalent to the Federal Trade Commission — has been conducting its own inquiry into BB Trade Estonia OÜ, Zondacrypto’s parent entity, since January 31, 2025. As of April 6, 2026, the agency had received nine complaints about the exchange — four of them filed this year.
The regulatory landscape is, by any standard, extraordinary. Zondacrypto is formally an Estonian company — BB Trade Estonia OÜ, registration number 14814864 — controlled by Divisio Holding AG, a Swiss entity domiciled in Zug. It operates under an Estonian Virtual Asset Service Provider license (No. FVT000209) that expires on July 1, 2026. Poland’s financial regulator, the KNF, has no supervisory authority over the exchange. As Business Insider Polska has analyzed in detail, even the EU’s Markets in Crypto-Assets Regulation — MiCA — would not change this, because MiCA assigns oversight to the home-country regulator, which in Zondacrypto’s case is Estonia, not Poland. President Karol Nawrocki has twice vetoed the law that would have transposed MiCA into Polish legislation — but even without the vetoes, roughly seven hundred and fifty thousand Polish users of the exchange would remain beyond the reach of their own country’s financial supervisor.
There is also a political dimension. Prime Minister Donald Tusk disclosed, citing intelligence from Poland’s Internal Security Agency, that Kral had donated more than seven hundred thousand zlotys to foundations linked to Zbigniew Ziobro, the former justice minister and leader of the right-wing Solidarna Polska, and to a foundation associated with Przemysław Wipler, a member of parliament from the libertarian-right Confederation party. Zondacrypto also served as the principal sponsor of the Polish edition of CPAC.
What the Email Means
Read by someone familiar with custodial architecture, the support email does not describe a software glitch. It describes an exchange whose hot wallet is empty; whose automated cold-to-hot pipeline is either broken or has nothing to pipe; and whose technical department is manually gathering Bitcoin from scattered customer deposit addresses to fund individual withdrawals — one at a time — through a custodial platform that returns UTXO-selection errors on every attempt at automated processing.
Every element of this description is consistent with the Recoveris data — 0.086 BTC on the hot wallet — and inconsistent with the public narrative of 4,500 BTC in cold storage providing “over one-hundred-per-cent coverage.” If those 4,500 BTC exist, and are operationally accessible, the question answers itself: why is the technical department picking through deposit addresses instead of drawing from the reserve?
That is the question the support email does not answer. And that, in a sense, is the answer.
Clients whose Zondacrypto withdrawals remain on “pending” should not wait for the next message from support. The practical steps — filing a formal complaint with the exchange, lodging a consumer grievance with the UOKiK, reporting to the prosecutor’s office, pursuing a civil claim with an injunctive-relief application — are detailed in our previous analysis. Under E.U. consumer-protection law, Polish consumers may sue Zondacrypto in Polish courts under Polish law, regardless of the Estonian choice-of-law clause in the exchange’s terms of service. Each of these steps is warranted now — while the entity against which they can be enforced still exists.
Robert Nogacki is a licensed legal counsel (radca prawny, bar registration WA-9026) and the founder of Kancelaria Prawna Skarbiec, a Warsaw-based tax- and legal-advisory firm.
Robert Nogacki – licensed legal counsel (radca prawny, WA-9026), Founder of Kancelaria Prawna Skarbiec.
There are lawyers who practice law. And there are those who deal with problems for which the law has no ready answer. For over twenty years, Kancelaria Skarbiec has worked at the intersection of tax law, corporate structures, and the deeply human reluctance to give the state more than the state is owed. We advise entrepreneurs from over a dozen countries – from those on the Forbes list to those whose bank account was just seized by the tax authority and who do not know what to do tomorrow morning.
One of the most frequently cited experts on tax law in Polish media – he writes for Rzeczpospolita, Dziennik Gazeta Prawna, and Parkiet not because it looks good on a résumé, but because certain things cannot be explained in a court filing and someone needs to say them out loud. Author of AI Decoding Satoshi Nakamoto: Artificial Intelligence on the Trail of Bitcoin’s Creator. Co-author of the award-winning book Bezpieczeństwo współczesnej firmy (Security of a Modern Company).
Kancelaria Skarbiec holds top positions in the tax law firm rankings of Dziennik Gazeta Prawna. Four-time winner of the European Medal, recipient of the title International Tax Planning Law Firm of the Year in Poland.
He specializes in tax disputes with fiscal authorities, international tax planning, crypto-asset regulation, and asset protection. Since 2006, he has led the WGI case – one of the longest-running criminal proceedings in the history of the Polish financial market – because there are things you do not leave half-done, even if they take two decades. He believes the law is too serious to be treated only seriously – and that the best legal advice is the kind that ensures the client never has to stand before a court.
