Ensuring the safekeeping of private keys and crypto-addresses is essential to institutional investors, though uncertainty surrounding the regulatory framework and the lack of safe, qualified custody are significant barriers preventing them from joining the crypto market in greater numbers.
The lack of certainty regarding national regulators’ treatment of digital assets is often cited as the main reason for the cautious approach of asset managers towards digital assets. However, the reality is that, apart from the uncertainty surrounding the regulatory framework, it seems that the lack of safe, qualified custody is also a significant barrier preventing institutional investors from joining the crypto market in greater numbers. This seems poised to change as their interest is growing and solutions are being developed by major, trustworthy players.
Safekeeping of digital assets
What’s really at stake is ensuring the safekeeping of private keys and crypto-addresses while allowing third-party access to pertinent information stored on the wallet to provide relevant services, such as, asset servicing, delivery versus payment, audit, fund administration, etc.
Securing digital assets on the Internet is a much more far-reaching issue than just capital markets operation. The skyrocketing growth of cybercrimes in recent years is pushing this matter to the forefront of concerns among executives and citizens. In 2017 in the US alone, 1,579 data breaches were recorded—a 50% growth compared to the previous year. Given this, a major strategic challenge for every firm across the world is ensuring the security of their data, which has become one of their key assets.
In the digital asset world, custody is often used in the sense of safekeeping, without including the additional services that traditional bank custodians provide to clients. Given the sensitivity and importance of the crypto wallet private key and the numerous reported hacks and thefts of coins, this aspect of the value chain is of great strategic importance to the development of the industry. There are two main methods of safekeeping:
- Online storage, often dubbed as “Hot Storage”, offered by the main exchange platforms, is considered very convenient for daily use, but vulnerable to theft and hacks as the private key and wallet are connected to the network.
- Offline storage, referred to as “Cold Storage” is an approach where the master key and wallet are kept offline (e.g. on a dedicated computer that is not connected to the network) avoiding the risk of someone hacking your assets.It is a safer and more secure way to hold assets, but it is costly. It is also less convenient to use as it takes more time to access funds.
The majority of crypto funds have turned to cold storage as it is the only fully secure solution for safekeeping assets. There are currently three main types of cold storage safekeeping solution providers:
- Crypto exchange safekeeping: Exchanges understood that it was essential to beef up their safekeeping offering to attract potential institutional asset flows. To do so, some of them developed cold storage solutions (like BitGo and Gemini), and Coinbase has decided to create a subsidiary dedicated to digital asset custody, Coinbase Custody, in partnership with Electronic Transaction Clearing (ETC).
- Dedicated safekeeping solution: a number of providers have emerged to build dedicated solutions often relying on a mix of technology and physical security to ensure the safekeeping of private keys and assets. Xapo and Swiss Crypto Vault are examples of such an approach. With these solutions, the master key and asset are literally secured in an offline environment, in a physical vault protected by private police. However, it can create other issues, such as access to and transferral of digital assets in a timely manner.
- Specialist technology providers: Ledger and Trezor are the two representatives in this category. These solutions combine software and hardware to ensure the safekeeping of the master key and crypto-addresses.
Not surprisingly the market has been dominated by crypto-asset specialists and Fintechs, that obviously had a first mover advantage. However, the situation is likely to change, and traditional players, such as Fidelity which has announced the launch of a crypto-custody service for March 2019, are likely to enter the space sooner than later.
Digital assets = assets on the public internet
The challenges in the custody of digital assets are not only the concerns around the security of the private key and transaction addresses, but also how to allow third parties, such as regulators and fund administrators, to receive the pertinent information without compromising the safety of assets.
In the traditional capital markets infrastructure, transactions are conducted through an exchange of messages that updates relevant ledgers at banks, CSDs, and so on. In the digital world, it’s either the asset itself or the contract right to demand delivery of an off-blockchain asset represented by the token that is transferred over the network. But it’s important to acknowledge that the token itself is nothing more than just a data storage space and a line of code. Hence, if compact enough to be included within the token storage capability, any data could be represented. The digital asset infrastructure is, in fact, a network to exchange sensitive and valuable data through a secure and immutable decentralized and distributed network of ledgers. As such, the digital assets infrastructure allows the transfer of any type of asset over Internet Protocol. In our hyper-connected society, in which future business models of firms are reliant on their ability to collect, manipulate, analyze and enrich data, digital assets could be the instruments that are most suited to respond to future market needs.
This article is part of a three-part series, authored by Tom Casteleyn, Global Head of Custody Product Management, BNY Mellon Asset Servicing, and Lucien Foster, Head of Digital Partnerships, BNY Mellon, that explores the technological play in the cryptocurrencies market.