Bold new era: crypto’s evolution to superior asset custody
The evolution of crypto asset custody is an urgent matter—one needing rigorous, audited controls and new-era key management to rebuild trust
thinkhubstudio/Shutterstock modified by Blockworks
Following the 2022 crypto market crash, concerns around counterparty risk have risen to the forefront of the crypto risk management conversation, and will be one of the primary drivers in shaping the future of custody during the remainder of 2023 and beyond.
As this future becomes a reality and the regulatory framework surrounding custody becomes much clearer, anything deemed operationally insensible or inappropriate will face intense scrutiny. The crypto ways of old that FTX employed—storing assets in single-key wallets on a cloud server, a lack of a cybersecurity team, and the absence of systemized key management—will be entirely unacceptable to customers and regulators.
As the adoption of digital assets continues to grow with 2022’s debacles in the rear-view mirror, how third-party digital asset custodians secure their funds will attract greater scrutiny than ever before—both from crypto participants and the regulators who aim to establish new, safer standards for the crypto industry.
Essential to this evolution is the widespread implementation of multi-layer custodial systems built upon two foundational pillars: key management and rigorous, audited controls. Doing so will elevate the minimum acceptable level of security for asset custodians, and in turn, greatly contribute to the growth of crypto by reestablishing and growing institutional trust while preventing new black swan events, like sudden exchange collapses, from occurring.
Keys must be an obsession
Arguably, nothing is more important to crypto industry participation than the safe custody of assets, so why haven’t third-party custodians been held to a higher key management standard? In the case of FTX, when the firm did finally implement a multi-signature wallet, they stored all three keys in the same online location—defeating the purpose of a multi-signature wallet.
“This is the equivalent of purchasing a secure high-grade vault, loading all your valuables into it, and then walking away leaving the vault door wide open.” – [Mick Horgan, head of custody at Bullish]
In moving forward as a wiser, stronger industry, prioritizing key management in a multi-layer custodial system is the clear benchmark for third-party custodians to reach. The following are key features that all custodians should implement, as recommended by Bullish.
Distribute private key storage
To ensure there isn’t one single point of failure that creates a catastrophic event if breached, private keys should never be stored in just one place. Instead, they should be isolated from one another and stored offline.
In a well-designed multi-layer custodial system, a custodian’s key distribution would operate using a combination of cold, warm, and hot wallets to facilitate transfers while minimizing the risk of loss or theft. Under best practices, the majority of assets would be secured in wallets with keys secured offline.
Enact hardware, software, and operational safeguards
Essential to key management is the establishment of safeguards across each level of the custodial system. Once in place, they provide institutions and individual crypto participants alike the confidence needed to engage in third-party custodian options. Here are some best practices to implement:
Hardware Safeguards
- Keep all offline private keys isolated from one another and stored on secure storage devices.
- Store online keys in secure modules on shielded cloud servers.
- Ensure that cold custody is effectively used by storing a majority of held digital assets offline in cold wallets.
Software Safeguards
- All custody software components and operating systems should be cryptographically signed.
- Signing processes should be distributed across independent actors via multi-signature wallets for collusion resistance.
- Utilize blockchain-based oracles to verify the provenance of custody actions and stop man-in-the-middle (MITM) attacks.
Operational Safeguards
- Protocols govern which wallets interact with one another, what keys are required to sign a transaction, and the limits to transaction size and velocity.
- Asset custodians can implement disaster recovery systems that enable the backing up of keys, meaning all is not lost in a worst-case scenario. The key backups can be stored at remote locations in secure facilities around the world, ensuring maximum security.
World-class controls, or nothing
Everyone, whether an institution or individual, who has taken on the journey of discovering crypto has arrived at the question: “So if I lose my keys, that’s it…it’s all gone?”
This is a primary weed-out moment for the crypto industry today, where people either decide to bank on themselves or turn away due to the fear of losing their keys and its implications. The majority of institutions have no interest in managing their keys, but they care deeply about how their chosen custodians manage them on their behalf; adequate trust is make-or-break regarding their onboarding to crypto.
Establishing rigorous, audited controls is essential in getting institutions over the hump by instilling confidence in third-party custodians. These controls can come in a variety of forms, each serving as a vital piece that contributes to forming a comprehensive security system.
Internal Controls
Internal controls help to safeguard customer assets; if properly enacted, they should detect, prevent, and limit any problems with customer wallets that could arise. The following are controls that Bullish implements internally, setting a clear example for other firms to follow:
Segregation of duties – Duties like key generation, storage, and transaction approvals should be segregated to reduce the risk of fraud and theft stemming from collusion.
Wallet and disaster recovery – Firms should implement controls to recover wallets safely and securely at all times due to any loss of access to keys.
Private key management – The majority of assets should be stored offline in multi-signature cold storage wallets to mitigate the risks of online attacks.
Risk assessment and management – Firms should continuously carry out security assessments and critical scenario analyses.
Segregation of assets – Customers’ funds must be segregated from company assets, ensuring that no co-mingling on any account or blockchain address ever occurs.
Monitoring – Real-time monitoring of wallets/transactions and reconciliation of all wallets and accounts should be enacted. In a best-case scenario, a dedicated cybersecurity team would take the lead in this control.
Access controls – Over 80% of security breaches are password-related, so in an industry plagued by cyberattacks and scams, passwords are no longer sufficient protection. Strict access controls and multi-factor authentication should be in place for access to all privileged systems.
Employees – Intensive security training programs should be implemented by a cybersecurity team to ensure each level of the firm is protected by contributors.
All internal controls and security policies should be regularly reviewed and audited by external auditors—this is the foundation of external controls.
External Controls
To complement internal controls and better appease institutions, third-party crypto custodians need to elevate auditing to, at the very least, the standards of traditional finance (TradFi). To do so, each custodian will need to implement regular, independent audits that are conducted by qualified auditors, such as the Big Four accounting firms.
These audits should assess the custodian’s internal controls and overall security, ensure that customer assets are segregated from custodian assets, and analyze the custodian’s solvency by completing a proof-of-reserves audit.
Charting a secure future in crypto
For the crypto industry to continue its ascent to worldwide adoption, shortcomings of the past must remain exactly that, especially when it comes to crypto custody. If there’s one thing to take away from FTX, it’s this: crypto can not fully rely on governments, auditors, and regulators to protect its participants. Ultimately, it is up to each participating institution and individual to do their part in holding asset custodians accountable. If everyone plays their role, the industry will elevate to a new standard and become a global financial leader in transparency, risk management, and security.
For a preview of what’s coming next for the industry, look no further than Bullish. At the forefront of this movement, the firm is a reputable institutional exchange with leading industry security and velocity. It is a full reserve exchange audited by a Big 4 accounting firm, with a 1:1 reserve ratio firmly in place.
To learn how Bullish can provide peace of mind while maintaining custody of your institution’s assets, visit their website and follow them on X or LinkedIn.
This content is sponsored by Bullish
Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.
Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.
Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.
The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.