Bold new era: crypto’s evolution to superior asset custody 

The evolution of crypto asset custody is an urgent matter—one needing rigorous, audited controls and new-era key management to rebuild trust

by Bart Hillerich /
article-image

thinkhubstudio/Shutterstock modified by Blockworks

share

Following the 2022 crypto market crash, concerns around counterparty risk have risen to the forefront of the crypto risk management conversation, and will be one of the primary drivers in shaping the future of custody during the remainder of 2023 and beyond.

As this future becomes a reality and the regulatory framework surrounding custody becomes much clearer, anything deemed operationally insensible or inappropriate will face intense scrutiny. The crypto ways of old that FTX employed—storing assets in single-key wallets on a cloud server, a lack of a cybersecurity team, and the absence of systemized key management—will be entirely unacceptable to customers and regulators.

“I recall going through one of the FTX websites trying to figure out their custody, trying to understand their underlying custody system. I’d read of their fast withdrawal times for large transactions while seemingly maintaining the storage of the majority of assets in secure custody. How did they do this? I couldn’t figure it out. Of course, the answer was that FTX operated in a way that is the polar opposite to the way Bullish operates.”

Mick Horgan, head of custody at Bullish

As the adoption of digital assets continues to grow with 2022’s debacles in the rear-view mirror, how third-party digital asset custodians secure their funds will attract greater scrutiny than ever before—both from crypto participants and the regulators who aim to establish new, safer standards for the crypto industry. 

Essential to this evolution is the widespread implementation of multi-layer custodial systems built upon two foundational pillars: key management and rigorous, audited controls. Doing so will elevate the minimum acceptable level of security for asset custodians, and in turn, greatly contribute to the growth of crypto by reestablishing and growing institutional trust while preventing new black swan events, like sudden exchange collapses, from occurring.

Keys must be an obsession

Arguably, nothing is more important to crypto industry participation than the safe custody of assets, so why haven’t third-party custodians been held to a higher key management standard? In the case of FTX, when the firm did finally implement a multi-signature wallet, they stored all three keys in the same online location—defeating the purpose of a multi-signature wallet. 

“This is the equivalent of purchasing a secure high-grade vault, loading all your valuables into it, and then walking away leaving the vault door wide open.” – [Mick Horgan, head of custody at Bullish]

In moving forward as a wiser, stronger industry, prioritizing key management in a multi-layer custodial system is the clear benchmark for third-party custodians to reach. The following are key features that all custodians should implement, as recommended by Bullish.

Distribute private key storage

To ensure there isn’t one single point of failure that creates a catastrophic event if breached, private keys should never be stored in just one place. Instead, they should be isolated from one another and stored offline. 

In a well-designed multi-layer custodial system, a custodian’s key distribution would operate using a combination of cold, warm, and hot wallets to facilitate transfers while minimizing the risk of loss or theft. Under best practices, the majority of assets would be secured in wallets with keys secured offline.

Bullish’s wallet architecture | Source: Bullish

Enact hardware, software, and operational safeguards

Essential to key management is the establishment of safeguards across each level of the custodial system. Once in place, they provide institutions and individual crypto participants alike the confidence needed to engage in third-party custodian options. Here are some best practices to implement:

Hardware Safeguards

  • Keep all offline private keys isolated from one another and stored on secure storage devices.
  • Store online keys in secure modules on shielded cloud servers.
  • Ensure that cold custody is effectively used by storing a majority of held digital assets offline in cold wallets. 

Software Safeguards

  • All custody software components and operating systems should be cryptographically signed.
  • Signing processes should be distributed across independent actors via multi-signature wallets for collusion resistance.
  • Utilize blockchain-based oracles to verify the provenance of custody actions and stop man-in-the-middle (MITM) attacks.

Operational Safeguards

  • Protocols govern which wallets interact with one another, what keys are required to sign a transaction, and the limits to transaction size and velocity.
  • Asset custodians can implement disaster recovery systems that enable the backing up of keys, meaning all is not lost in a worst-case scenario. The key backups can be stored at remote locations in secure facilities around the world, ensuring maximum security.

World-class controls, or nothing

Everyone, whether an institution or individual, who has taken on the journey of discovering crypto has arrived at the question: “So if I lose my keys, that’s it…it’s all gone?”

This is a primary weed-out moment for the crypto industry today, where people either decide to bank on themselves or turn away due to the fear of losing their keys and its implications. The majority of institutions have no interest in managing their keys, but they care deeply about how their chosen custodians manage them on their behalf; adequate trust is make-or-break regarding their onboarding to crypto.

“The FTX failure reinforces the importance of custody. Custody, which at its simplest level is about the securing of keys, can only be truly effective with strong internal controls, thorough record-keeping procedures, and an obsession about the security of customers’ assets.”

Mick Horgan, head of custody at Bullish

Establishing rigorous, audited controls is essential in getting institutions over the hump by instilling confidence in third-party custodians. These controls can come in a variety of forms, each serving as a vital piece that contributes to forming a comprehensive security system.

Internal Controls

Internal controls help to safeguard customer assets; if properly enacted, they should detect,  prevent, and limit any problems with customer wallets that could arise. The following are controls that Bullish implements internally, setting a clear example for other firms to follow:

Segregation of duties – Duties like key generation, storage, and transaction approvals should be segregated to reduce the risk of fraud and theft stemming from collusion.

Wallet and disaster recovery – Firms should implement controls to recover wallets safely and securely at all times due to any loss of access to keys.

Private key management – The majority of assets should be stored offline in multi-signature cold storage wallets to mitigate the risks of online attacks. 

Risk assessment and management – Firms should continuously carry out security assessments and critical scenario analyses.

Segregation of assets – Customers’ funds must be segregated from company assets, ensuring that no co-mingling on any account or blockchain address ever occurs.

Monitoring – Real-time monitoring of wallets/transactions and reconciliation of all wallets and accounts should be enacted. In a best-case scenario, a dedicated cybersecurity team would take the lead in this control.

Access controls – Over 80% of security breaches are password-related, so in an industry plagued by cyberattacks and scams, passwords are no longer sufficient protection. Strict access controls and multi-factor authentication should be in place for access to all privileged systems.

Employees – Intensive security training programs should be implemented by a cybersecurity team to ensure each level of the firm is protected by contributors.

All internal controls and security policies should be regularly reviewed and audited by external auditors—this is the foundation of external controls.

External Controls

To complement internal controls and better appease institutions, third-party crypto custodians need to elevate auditing to, at the very least, the standards of traditional finance (TradFi). To do so, each custodian will need to implement regular, independent audits that are conducted by qualified auditors, such as the Big Four accounting firms

These audits should assess the custodian’s internal controls and overall security, ensure that customer assets are segregated from custodian assets, and analyze the custodian’s solvency by completing a proof-of-reserves audit.

Charting a secure future in crypto

For the crypto industry to continue its ascent to worldwide adoption, shortcomings of the past must remain exactly that, especially when it comes to crypto custody. If there’s one thing to take away from FTX, it’s this: crypto can not fully rely on governments, auditors, and regulators to protect its participants. Ultimately, it is up to each participating institution and individual to do their part in holding asset custodians accountable. If everyone plays their role, the industry will elevate to a new standard and become a global financial leader in transparency, risk management, and security.

For a preview of what’s coming next for the industry, look no further than Bullish. At the forefront of this movement, the firm is a reputable institutional exchange with leading industry security and velocity. It is a full reserve exchange audited by a Big 4 accounting firm, with a 1:1 reserve ratio firmly in place.

To learn how Bullish can provide peace of mind while maintaining custody of your institution’s assets, visit their website and follow them on X or LinkedIn.

This content is sponsored by Bullish

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Tags

Upcoming Events

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

learn more

recent research

Research report HL cover.jpg

Research

Hyperliquid Deep Dive: The Future of Perp DEXs

It's increasingly apparent that orderbooks represent the most efficient model for perpetual trading, with the primary obstacle being that the most popular blockchains are ill-suited for hosting a fully onchain orderbook. Hyperliquid is a perpetual trading protocol built on its own L1 that aims to replicate the user experience of centralized exchanges while offering a fully onchain orderbook.

by Carolina

/

news

article-image

Markets

Stocks bounce, cryptocurrencies trade sideways despite disappointing inflation data 

Cryptocurrencies look like they are closing out a volatile week relatively flat

by Casey Wagner /
article-image

Web3

Empire Newsletter: Unpacking the Consensys legal salvo

Consensys filed a lawsuit against the SEC in a Texas court on Thursday

by Michael McSweeney&Casey Wagner&David Canellis&Katherine Ross /
article-image

Business

A bitcoin mining giant is ahead of schedule on its post-halving expansion

Marathon Digital’s hash rate target of 50 EH/s by the end of 2025 may be achieved a year sooner than expected, CEO says

by Ben Strack /
article-image

DeFi

Algorand courts Python devs in ‘seismic change’

The Algorand Foundation touts the network as first to go after pool of 10 million global developers

by Macauley Peterson /
article-image

DeFi

MapMetrics ditches Solana blockchain for peaq

Drive-to-earn DePIN project MapMetrics will slowly transition to the peaq blockchain

by Bessie Liu /
article-image

Policy

SEC seeks to regulate ETH as a security, Consensys alleges in lawsuit

The suit, filed in a Texas court, alleges a regulatory overreach by the SEC

by Katherine Ross /