Crypto Custody Demystified
Introduction
Crypto Custody is a solution where cryptos are stored securely, and users are able to access the cryptos as and when is needed. In technical terms, storing cryptos securely means protecting the private keys. There are direct custody and third party custody solutions. Before we delve into crypto custody, let us look at the related technical terminology.
Terminology
Vault is a storage space for long term, secure storage of private keys with recovery mechanism built-in. There are hardware vault or software vault (Hashicorp Vault) or cloud vault (Azure Key Vault or AWS Secrets Manager).
HSM (Hardware Security Module) is a hardware device for storing private keys. It can be a USB, PCI-E hardware, or network hardware device. It can also be a cloud HSM, offered by AWS Cloud HSM or Azure Managed HSM. HSM should be FIPS 140–2 compliant.
MPC (Multi Party Compute) is an algorithm for splitting keys into multiple parts. Each part of the keys is stored separately, called key shards. When there is transaction to be signed, the transaction is sent to each key shard in turns for signing. A threshold of key shards collectively sign the transaction (m-of-n schemes). There is no single point of failure.
Architecture
Crypto Custody Solutions can exist in various forms. There can be a sole cold storage wallet built on HSM. But it can be inconvenient for accessing the funds. For the convenience of usage, it is recommended to use a 3-tier architecture. In the architecture, 90% of the funds are stored in cold wallet, 10% of the funds in warm and hot wallet. Hot wallet can be operated by software code. Warm wallet can be operated by software code with one additional manual override. Cold wallet can be stored in HSM, and enhanced with MPC to prevent single point of failure. Cold wallet signing of transaction requires manual intervention.
The above diagram shows a 4 step process to sign transaction in a cold wallet. The first 3 steps can be pre-loaded on the device. Furthermore, only the last steps are with payload.
In the 90% cold wallet, 10% warm/hot wallet use case, it requires re-balancing. Re-balancing to warm/hot wallet is done via secure network connection. In addition, the deposit address is rotated for added security.
Custody Options
There are direct custody and third party custody (sub custody) options to be chosen from.
Sub custody is where financial institutions depend on custody providers to manage digital assets or cryptos.
Direct custody is financial institutions manage the customers digital assets or cryptos themselves.
Direct custody offers more flexibility to financial institutions, at the expense of shouldering the technical complexities. Flexibility comes in terms of wallet choices, risk assessment, trading options.
Some Comparison
MPC and HSM come with their own pros and cons. Here is the MPC and HSM pros and cons comparison.
For HSM:
+ — — — — — -+ — — — — — — — — — — + — — — — — — — -+
| HSM | pros |
+ — — — — — -+ — — — — — — — — — — + — — — — — — — -+
| provide airgapped physical security
| long recognised security solution in banks
+ — — — — — -+ — — — — — — — — — — + — — — — — — — -+
| HSM | cons |
+ - - - - - -+ - - - - - - - - - - + - - - - - - - -+
| complex to setup
| hard to scale
| costly
| limited capacity
+ - - - - - -+ - - - - - - - - - - + - - - - - - - -+For MPC:
+ — — — — — -+ — — — — — — — — — — + — — — — — — — -+
| MPC | pros |
+ — — — — — -+ — — — — — — — — — — + — — — — — — — -+
| isolation of key shards
| eliminate single point of failure
+ — — — — — -+ — — — — — — — — — — + — — — — — — — -+
| MPC | cons |
+ - - - - - -+ - - - - - - - - - - + - - - - - - - -+
| complex to setup
| hard to scale
| transaction speed
+ - - - - - -+ - - - - - - - - - - + - - - - - - - -+MPC and HSM are not mutually exclusive. They can be used in complementary manner.
Summary
Crypto Custody is essential for any institutional grade solutions involving cryptos.