Crypto & Digital Assets
PrivateA bootstrapped #2 CEX that survived the largest hack in crypto history on reputation alone — but its derivatives crown is being pincered (OKX above on CEX, Hyperliquid taking ~75% of on-chain perps), it has lost the US/Japan/Singapore/HK, and it is private with no audited financials. Watch, don't own — the IPO is the only liquidity event, and it isn't close.
Research
The verdict
A bootstrapped #2 CEX that survived the largest hack in crypto history on reputation alone — but its derivatives crown is being pincered (OKX above on CEX, Hyperliquid taking ~75% of on-chain perps), it has lost the US/Japan/Singapore/HK, and it is private with no audited financials. Watch, don't own — the IPO is the only liquidity event, and it isn't close.
What it is. Bybit is the world's #2 centralized crypto exchange (CEX) by trading volume, founded in 2018 by Singaporean entrepreneur Ben Zhou and bootstrapped — no traditional VC rounds. Headquarters relocated Singapore → Dubai (UAE) in 2022. It serves 80M+ registered users across 181 countries as of end-2025, up from ~50M entering 2025.
How it makes money — derivatives-first. Bybit is built around derivatives trading first, with spot, Earn, copy trading, bots and Web3 tools layered on top. The revenue engine is transaction fees on a tiered maker-taker model:
Key products. USDT/USDC/inverse perps, USDC options, leveraged tokens, spot (497 coins / 665 pairs), derivatives (859 pairs), Bybit Earn, Web3 Seed-Phrase Wallet (self-custody; Cloud & Keyless wallets decommissioned 2025), copy trading, trading bots, NFT marketplace, fiat on-ramp.
Main customers. Predominantly retail and prosumer derivatives traders in emerging markets (Asia ex-China, Eastern Europe, LatAm, MENA), plus a growing institutional/VIP tier. Explicitly excluded jurisdictions: US, Chinese Mainland, Hong Kong, Singapore, Canada, North Korea, Cuba, Iran, and various sanctioned regions — i.e. it has voluntarily or by force walked away from the entire developed-market regulated retail base. customers.csv empty.
Suppliers / counterparties. Market makers and liquidity providers (Wintermute, DWF Labs surfaced as partners during hack recovery), custody/HSM vendors, fiat-rail banking partners (the "MyBank" initiative), blockchain protocols it integrates for Web3, and proof-of-reserves auditor Hacken.
Competitors. Binance (#1), OKX, Coinbase (US-regulated), Gate, MEXC, Bitget, HTX — and increasingly the on-chain perp DEXs led by Hyperliquid (see Lens 3 & 13).
Bottom line (Lens 1): A derivatives-native, founder-controlled, bootstrapped exchange that scaled to #2 globally by being aggressive on product and geography — explicitly trading regulatory access in developed markets for reach and speed in the rest of the world.
A CEX's "supply chain" is its liquidity → matching engine → custody → fiat/settlement → user value chain. Named stakeholders along Bybit's chain:
Chokepoints & single-source dependencies: (1) Third-party multi-sig custody (Safe) — proven catastrophic single point of failure; (2) fiat banking access — structurally fragile for a non-US-regulated entity; (3) liquidity-provider concentration — a handful of MMs underpin perp depth; (4) regulatory licence per jurisdiction — each market is its own permission gate (Lens 10). supply-chain.md missing — chain mapped web-only.
Bottom line (Lens 2): The chain's fatal flaw was already realised — outsourced custody. The remaining live chokepoint is banking/fiat rails, the lever every regulator uses to throttle offshore exchanges.
Where Bybit genuinely wins:
Where the moat is thin / eroding:
positioning.md / bottlenecks.md missing — assessed web-only.
Bottom line (Lens 3): The real moat is brand trust earned by surviving the hack, plus derivatives depth. But there is no durable structural moat — no switching costs, no owned network effect, weak bargaining power, and a regulatory posture that is a liability rather than an asset against regulated incumbents (Coinbase) and trust-minimised challengers (Hyperliquid).
Hard data caveat: segments.csv is empty. Bybit publishes no audited segment P&L (private). The breakdown below is directional /, not reported figures — do not treat as sourced segment accounts.
By product (revenue mix, directional):
By geography: Concentrated in Asia (ex-China), Eastern Europe, MENA, LatAm; zero developed-market regulated retail (US/Singapore/HK/Canada excluded; Japan exiting 2026). Geographic mix is unaudited — n/a — private, not disclosed for hard splits.
Trend & cause: Direction of travel is deceleration in 2026 alongside the whole sector — total CEX volume $17.9T in Q1 2026, −32% QoQ and −42% from the Q3-2025 cycle peak of $31.0T, driven by the Oct-2025 tariff-shock $19B liquidation cascade that impaired market depth and leverage appetite. Within that, Bybit's derivatives rank slipped to #3 behind Binance and OKX ($376B Q3-2025 derivatives vol).
Bottom line (Lens 4): Mix is derivatives-heavy with a deliberately built #2 spot business; geographically it is an emerging-markets exchange with no developed-market regulated footprint. Both the sector and Bybit's relative derivatives position decelerated into 2026.
+privateoverlay swaps Phase B's earnings lenses for funding/traction lenses. There is no earnings print — there are funding events, volume prints, and the hack.
Funding history: Bybit was bootstrapped by Ben Zhou — no disclosed venture rounds. This is unusual and material: unlike Binance (also founder-led) and Coinbase (VC→IPO), Bybit has no priced VC round to anchor a valuation, no crossover-fund mark, and no cap-table syndicate to read IPO-proximity off. There is no 409A, no preferred round, no S-1 — n/a — private, not disclosed.
Valuation: No credible private valuation is publicly sourced. Ben Zhou's personal net worth is estimated at ~$45.5M (2026) — strikingly modest for the founder-controller of the #2 exchange, which means either the estimate excludes his (illiquid, unmarked) Bybit equity or the market is not ascribing Binance-scale equity value to a bootstrapped offshore exchange. Either reading is a flag: the equity is unmarked and illiquid. n/a for enterprise value.
The defining "print" — the Feb-2025 hack (the balance-sheet stress test):
Revenue — the disclosure gap (handle with care): No audited revenue exists. Public estimates diverge by ~6×: one analyst says ">>$1.5B/yr," another models ~$269.5M. Do not pick one. A defensible bottom-up frame:
2025 total volume ≈ **$1.5T**. Apply a blended take rate. Derivatives dominate at ~**0.02–0.03% effective** (mostly taker, after VIP discounts); spot ~0.05–0.08% effective. A blended **~0.02–0.025%** on $1.5T → **~$300M–$375M gross trading-fee revenue**. Adding Earn/copy/listing/fiat-ramp and funding-rate capture could push total revenue toward the **$0.4B–$0.7B** range. **This is arithmetic, not a disclosure** — the true number is unknown and could be materially higher if effective take rates or non-trading revenue are larger..
Bottom line (Lens 5): The "earnings" story is (a) no audited financials, no priced valuation, bootstrapped — so equity is unmarked and illiquid; and (b) the hack, which functioned as the ultimate solvency stress test, and Bybit passed it — it covered a $1.5B hole in 72 hours and grew users through it. That survival is the single most important fact in this dossier.
No earnings calls exist (private). The proxy is Ben Zhou's public messaging trajectory across 2026 conference circuit:
Sentiment read: Confident, expansionary, and consciously legitimising. Zhou is playing offence (super-app / RWA / institutional) while patching the trust wound. The risk in the narrative: it is the same "super-app beyond trading" story every CEX is now telling (Binance, OKX, Coinbase all claim it) — differentiation is thin.
Bottom line (Lens 6): Founder narrative is coherent and ambitious — be the tokenized-finance infrastructure layer, not just a casino — but it is a consensus pivot, and execution (not vision) will decide it. The post-hack pivot to "regulated, institutional, secure" is genuine and necessary.
Cap table: Founder-controlled, bootstrapped — no disclosed external equity syndicate. There are no tier-1 VCs, no strategics, and critically no crossover funds (Fidelity / T. Rowe / Coatue) on the cap table — the absence of a crossover mark is itself a tell: there is no IPO-proximity signal in the ownership. No mutual-fund markups/markdowns to read. No secondary-market marks are publicly sourced. n/a — private, not disclosed for cap-table detail and secondary marks.
Public-market comps (for context, since no private comps exist): The only clean public pure-play CEX comp is Coinbase (COIN):
| Company | Status | Mkt cap | P/E (TTM) | EV/EBITDA | Revenue (TTM) | Source |
|---|---|---|---|---|---|---|
| Coinbase | Public (US) | ~$42.9B (18 Jun 2026) | ~40–57.6× | ~40.9× | $6.29B | |
| Binance | Private | n/a | n/a | n/a | ~$16.8B (2023, dated) | |
| OKX | Private | n/a | n/a | n/a | n/a | — |
| Bybit | Private | n/a | n/a | n/a | **~$0.3–0.7B ** (Lens 5) | |
| Hyperliquid (HYPE) | Token (public) | (token-marked; not equity comp) | n/a | n/a | (protocol fees) |
Read-through: Coinbase trades at ~7× revenue / ~41× EV/EBITDA as a regulated, US-listed, compliance-moat exchange. A private, offshore, bootstrapped exchange with a fresh $1.5B-hack scar and no developed-market access would rationally trade at a steep discount to those multiples if/when it lists — the comp ceiling is informative, not a valuation. Do not fabricate a Bybit multiple.
Bottom line (Lens 7): No syndicate, no crossover mark, no secondary marks — zero IPO-proximity signal from the ownership. Coinbase's ~$43B / ~7× revenue is the public ceiling for a regulated exchange; Bybit would list (whenever) at a discount to it.
No stock exists, so the analogue is events that moved Bybit's volume, user base, and trust materially:
Pattern read: What moves Bybit is (1) trust events (hack/recovery, PoR), (2) regulatory access (MiCA up, Japan/US down), and (3) sector-wide leverage/volume cycles. Idiosyncratic security and regulatory news dominate; it is highly beta to the broader crypto liquidity cycle.
Bottom line (Lens 8): Trust and regulatory access are the swing factors. The hack recovery was a positive surprise; the 2026 leadership churn and market-access losses are the live negatives.
Capital-allocation history: Bootstrapped → reinvested into product/geography/users. The most consequential capital act was emergency, not strategic: closing the $1.5B hack gap with bridge loans + partner support. No buybacks/dividends (private). Reinvestment-led; no public ROIC.
Red flags (governance):
Bottom line (Lens 9): Founder execution is a strength; founder-dependence + post-hack C-suite churn with no succession is the risk. Zhou earned credibility in the crisis; the org around him just got materially thinner at the top at the worst possible moment.
Accounting/forensic (limited by privacy): With no audited financials, no 10-K, no segment P&L, standard forensic income-statement/balance-sheet analysis cannot be performed — which is itself the headline forensic flag for a private exchange: the only solvency evidence is the monthly Hacken Proof-of-Reserves (reserve ratio >100%, 32 assets, 100–124% collateralization; 107% BTC / 119% ETH). PoR is a point-in-time assets attestation — it does not verify liabilities completeness, off-balance-sheet leverage, intercompany loans, or the terms of the hack-recovery bridge loans (were they repaid? at what cost? n/a — not disclosed). Cash-flow vs earnings divergence, receivables/inventory, SBC — all n/a — private.
Regulatory findings:
Bottom line (Lens 10): The forensic verdict on a private exchange is "trust the PoR or don't" — and PoR proves assets, not the full liability/leverage picture. The regulatory profile is the bigger flag: structurally locked out of the US and exiting Japan, a global game of regulatory whack-a-mole, with an indirect but real AML/sanctions linkage via Garantex. EU/MiCA is the one clean positive.
Is Bybit tradeable / IPO-ready? No — and not close. Building the readiness assessment from scratch (Bybit absent from private-watch.json):
1=early/seed … 4=pre-IPO/secondary-active … 5=S-1 imminent). Rationale: no priced funding round, no crossover investors, no audited financials, no disclosed S-1 prep, and — decisively — locked out of the US, the only deep IPO market for a crypto exchange (the Coinbase template). A US listing is effectively foreclosed; a non-US listing (UAE/HK/Singapore) is conceivable but none is signposted.forecast.ts create skipped per --watchlist rules (no fiscal-EPS line for a private, no committed base case worth scoring).Write-back note: Bybit is not in research/private-watch.json and this is the --watchlist breadth loop (wave boundary forbids editing watchlist.json). I am not writing a new private-watch entry here. Recommendation for a later conversational pass: add bybit to private-watch.json with beat: crypto, stage: private, ipo_readiness: 1–2, lead_investors: "none — bootstrapped", catalyst: "audited financials + listable-jurisdiction path; US re-entry the gating item", dossier: companies/bybit/deep-dive-2026-06-30.md.
Bottom line (Lens 11): Readiness ~1–2/5. The IPO is the only liquidity event, the US is foreclosed, there is no valuation anchor, and the path is 3Y+ if it happens at all. Most likely outcome: Bybit stays private. This is the core reason the position is WATCHING, not BULLISH — there is nothing to own.
Bull case. Bybit is the #2 crypto exchange that proved its trust the hard way — it absorbed the largest hack in history and grew through it ($3.7B March inflows, users 50M→80M in 2025). It is founder-controlled, bootstrapped (no dilution, no VC overhang), and plausibly highly profitable on a ~$1.5T volume base. The "beyond-trading" pivot (RWA tokenization, stablecoin settlement, embedded AI, MyBank fiat rails) positions it for the tokenized-finance wave Zhou (and Goldman's conference) are betting on. MiCA authorization gives it a regulated EU beachhead. If crypto enters another bull cycle, a deep-derivatives, multi-product, trusted #2 exchange is a prime beneficiary with massive operating leverage.
Bear case (2–3 permanent-impairment risks).
Pre-mortem (18 months out, thesis broke — what happened?): Crypto volumes stayed depressed post the Oct-2025 deleveraging; perp DEXs (Hyperliquid/Aster) took another leg of Bybit's derivatives share; another jurisdiction (or an AML action tied to the Garantex flows) forced a retreat; the leaderless post-Liu org fumbled the RWA/super-app execution; and with no IPO and no valuation anchor, there was simply nothing for an outside investor to have owned.
Are multiples too high? No multiple exists (private). The relevant discipline is that Coinbase — regulated, listed, profitable — trades ~7× revenue / ~41× EV/EBITDA; a private, offshore, recently-hacked, US-excluded exchange deserves a steep discount to that, and there's no liquid way to express the view anyway.
Contrarian view (what the market refuses to see): The consensus crypto narrative treats CEXs as the durable rails. The contrarian read is that the most defensible derivatives venue of this cycle is on-chain (Hyperliquid), not the custodial #2 — and that Bybit's real, underpriced asset isn't its order book but its brand-trust + 80M-user distribution + EU licence, which make it an acquisition/merger or RWA-distribution target more than a standalone IPO story.
Bottom line (Lens 12): Bull = trusted, profitable, multi-product #2 riding tokenization; Bear = secular on-chain derivatives erosion + regulatory box-in + post-hack governance thinning + total illiquidity/opacity. The bear's structural points (Hyperliquid + US lockout) are the heavier weight.
Dismantling the bull case as a skeptic:
Bottom line (Lens 13): The short case is structural, not cyclical: derivatives migrating on-chain (Hyperliquid), a regulatory box closing (US/Japan out), a trust asset that's already been spent once, and total opacity/illiquidity. The bull needs many things to go right at once.
A toll-road compounder mispriced as a disruption victim — 60%+ margins and 16% top-line growth are intact while the market discounts a debit antitrust loss and a stablecoin bypass that the numbers (cross-border +17%, $7B stablecoin run-rate is on-network, not against it) do not yet support; structurally BULLISH, but the DOJ debit case and the interchange settlement's final approval are real, dateable downside.
A toll road on global consumption priced like a bond proxy — the moat is intact and value-added services are compounding at 2x the network, but the stock has de-rated to ~24x forward because the market is (rightly) pricing two live structural threats — stablecoin disintermediation and large-issuer network defection (Capital One/Discover) — that bulls keep waving away. WATCHING, lean BULLISH on weakness.