Why Institutional Investors are puzzled by custodianship on the blockchain and how is this holding them back.

Custodians are large firms ensuring the safety of securities or assets, for instance they are required by law to oversee the accounts of an investment fund. How is this working out with cryptographic assets? Institutional Investors need assurance of safety and proper procedures before investing and custodianship is in fact one of the reasons why they are still unsure about what to do with cryptos.

The theory wants that cryptographic assets, stored on immutable blockchains, should require less expensive custodianship, but in practice there is not a solid consenus on how to store keys, create wallets and move funds from and to exchanges or between wallets. In fact, even if your asset has the highest cryptographic standards, this is of very little relevance when you handle your keys in a corrupted place. From an institutional point of view it is not clear how someone will guarantee the safety of the procedures so that assets are purchased and stored in proper ways. In this article I’ll lay down some current facts and some ideas about how to address operations, please let me know your thoughts on the procedures. Having a peer-review approach is super interesting for the community since it is basically what’s done with the software counterpart.

“There is no need to steal private keys if you already know them.”

This looks like the main concern while creating a wallet which is going to receive assets. If an hardware wallet is present for the asset then it is a convenient way to deal with the problem, when it’s not, the investment team needs to look for the correct, official version of the software to download and setup in a safe environment. “Investment team” because it’s unlikely an Institutional Investor will accept a single person to be responsible for accessing the funds. “Multi-signature” wallets (two out of three in particular) because they eliminate single human point of failure and also require the approval of two entities to procede with an operation. When the wallet is used to store a long position then it can be hosted in a vault, for hardware wallets this is straightforward, for multi-sig this boils down in storing the public and private key pairs in vault which will grant restricted access, so that every single investment manager will have access to her/his own. In general sizing how much to store in a single wallet is also an interesting question but it doesn’t change the process to create a new wallet.

“Segregation of duties and resilient sensible-access-data allocation.”

Another key point of failure lays in executing buy/sell orders. First of all exchanges should be reviewed in terms of past security issues, engineering team, available SLA and internal practices (for instance, to the best of my knowledge, only Kraken publicly discloses the full reserves policy, other exchanges limit themselves to state they use different bank accounts for their operations and for collecting users’ funds, others state nothing). A simple way to guarantee the order execution flow is to exploit 2FA, so that one persone will hold the password, another person will hold the 2FA token generator. In this way it is mandatory that the two communicate together, the third person can overview and log the execution prices for accounting purposes. The withdrawal to a safe wallet is somehow very similar to the order execution and the final output should be a blockchain logged transaction to a safe wallet so that Investors can be sure the assets have arrived to the proper destination.

Bitcoin already has some firms offering custodian services. Xapo for instance has vaults in a dismissed Swiss military bunker inside a granite mountain. Busting there looks hard! Although my main concearn would be the cost of insurance, how is it computed. Vaulting services change in price depending on the value of the stored asset, so putting in vault 1 BTC has a way lower risk than 10.000 BTC and of course a way lower price for storage.

Ethereum: ..eh. Hardware wallets are available for ETH, which is good, but the multisig contracts have failed numerous time in 2017, even open source peer reviewed ones. In this scenario my approach would be to fraction the holding in smaller single signature wallets until a consenus emerges on the codebase for multisig and a “safety-streak” of a couple of years is reached after the final stage of Proof of Stake. Even in this situation it would be extremely risky to sell Ethereum custodianship because ETH has experienced a roll-back. From an investor point of view it is unacceptable that a third party can decide that a transaction doesn’t exist: imagine you purchase 10M USD equivalent of Ethereum in a dark pool or in a private deal, the day after, someone tells you: “sorry guys, that didn’t happen”. Now you have a big headache because the seller has both his/her ETH back and your 10M USD. I don’t believe this problem can be addressed easily.

Ripple, like Bitcoin, Ripple has companies selling custodianship services, first coming to mind is BitGo, used by Kraken and Bitstamp for instance. Rippled has multisig capabilities and hardware wallets have been developed for XRP. Another interesting thing about Ripple is that whatever happens you actually have a business entity to contact and eventually sue. This is one of the biggest advantages of Ripple in this crazy ride, say the decentralization paradigm fails, Ripple may resist, so in a way it’s an hedge (and yes, TOR is banned in many countries, it can happen to open-source P2P software). Finally they are building a solid credibility which is paramount for Institutional Money.

Litecoin, being extremely similar to Bitcoin it is easy for a custodian to offeri also Litecoin storage, in fact main players are providing storage for them both.

Monero, in December 2017 the multisig feature was merged into the main codebase allowing 2 out of 3 wallets also for XMR. Moreover hardware wallet integration with Ledger Nano has been already prototyped and should be released during Q2 2018. Before jumping on multisig I’d wait out some time to see robustness and adoption (never be the first:P), the hardware wallet though will be a very welcome and needed addition. Monero dev team is one of the most active and the code is regularly reviewed and discussed. Finally custodians in Monero can offer also an additional service which is.. knowing how many Monero they are holding!

ERC20 Tokens, see Ethereum.

While managing funds you should review and understand the third parties or at least have a clear answer on why you are choosing them. The need here is to collect the main features by which compare the providers.

— For hardware wallets the key is to have safe and reviewed code, which is both on the application layer (what the user sees) and in the firmware layer (how the instructions are executed inside the hardware).

  • Standard security certificates and production certificates are nice-to-have but I’d give solid peer-reviewed code a much higher priority because noone will certify under penalty that a software is bug free, but constant and public peer review can make it very solid.
  • Years in business and numbers of employees are just vague gauges of the business soundness, I believe crypto will be big, so in a way I believe the business case for hardware wallets is strong even if just born. The warning points I see in small teams are related to their ability to: effectively work with the community of peer reviewers, keep them engaged and rewarded; handle quickly and effectively critical scenarios (e.g. a bug is discovered). The smaller the team the harder such tasks are.
For hardware wallet the application and implementation aspects are very relevant, number of employees is a quick gauge of inertia (say it goes wrong, how quickly will it go wrong), although, also looking into revenue sheets would be advisable.

— For Exchanges my key areas of interest are related to the security layer and to the internal procedures.Once that 2FA support, general encryption architecture, withdrawl authenticaion and such are cleared out the other big indicators are based on reputation and procedures. For instance having different bank accounts for receiving users’ funds and for operational expenses is basically a must have. I couldn’t find any other exchange other than Kraken to explicitly declare they hold full reserves, which is always nice.

Exchanges should be weigheted more on the security features and on the internal procedures they offer. Looking into revenue sheets would be pointless, I mean, we all already know they are making tons of money.

Fun Facts

What’s the strange logo, sort of an exagonal Walrus, in the pictures? It’s a stealth project which wants to address the main concerns of large players interested in entering the cryptoassets space.

Founder, cryptography enthusiast and bitcoin-aficionado (not enough surfing)