One of the promises of Bitcoin and other digital assets was to allow users to be their own banks. With cryptocurrency, digital assets on a decentralized network can be secured cryptographically with a private key. But being one’s own bank comes with responsibilities and risks that many people are discovering for the first time.
Users who keep a large amount of bitcoin directly on a centralized exchange don’t actually control their private keys, and their funds are at risk if the exchange is hacked. Even users who control their keys on a hardware wallet still aren’t safe from someone forcibly extracting their funds under the threat of violence.
Digital assets don’t need to be stolen to go missing: they’re relatively easy to lose as well. It’s estimated that 30% of all coins mined — or roughly five million BTC — have fallen out of the circulating supply and could be lost forever.
This problem isn’t limited to cryptocurrency. Traditional investors in stocks, commodities, and other assets rely on custody services to safeguard assets. These custody services often hold assets from large institutions, such as banks or funds.
Investors entering Bitcoin have the same need for custody — which, put simply, is the need to keep their funds secure and safe from theft. In this article, we’ll explain what custody is and how it works and then dive into the three main options investors have for safeguarding their bitcoin.
Why is custody important?
Cryptocurrency custody solutions help investors to protect their assets and manage their digital keys.
Custody is important because it helps secure investors’ assets. In traditional markets, custodian banks also provide a range of services beyond safeguarding funds, such as settling the sale or purchase of assets, performing withdrawals and deposits, and performing accounting and legal work.
For big institutions, custody can also be a matter of complying with the law. In the United States, for example, the Dodd-Frank Act requires banks and funds with $150,000,000 or more of customer assets to store these assets with a regulated custodian, which is typical of most developed markets.
Digital assets introduce a number of new issues relating to custody because securing bitcoins isn’t the same as keeping track of stock certificates or storing gold in a vault. Despite this, the basic principle of custody remains the same: protecting investors’ assets.
Three categories of bitcoin custody
There are a number of different ways that digital assets can be custodied:
- Hardware wallets: Hardware wallets allow investors to perform their own custody with a third-party device that manages their private keys.
- Multisignature wallets: Multisignature wallets require the use of multiple private keys to authorize transactions. This helps to distribute risk and eliminate single points of failure for investors.
- Third-party custodial services: Custodial services for Bitcoin allow investors to outsource the risk of safeguarding their funds to a third party. These often use a combination of hot wallets, cold wallets, and multisignature wallets.
We’ll explore each in greater detail below.
Self-Custody: Hardware Wallets
The problem with using a software — or “hot” — wallet is that it connects one’s private keys to the internet, making them vulnerable to attack. An attacker might install malware on the wallet to gain access to its keys, or bugs in the code of the software could provide backdoors for hackers to siphon off funds.
Hardware — or “cold” — wallets are designed to provide investors with a level of defense against these vectors of attack.
Hardware wallets include:
- Coldcard: This fully-offline bitcoin wallet features a “duress” mode that allows users to call up a secret, secondary wallet containing a small amount of BTC in the event that someone forces them to unlock their wallet.
- Ledger: Ledger is a manufacturer of hardware wallets. Their flagship product, the Ledger Nano S, supports over 1000 different cryptocurrencies and tokens.
- Trezor: Trezor, another manufacturer of hardware wallets, also supports over 1000 different cryptocurrencies and tokens.
While hardware wallets are much more secure than software wallets, investors should understand that they’re not perfect. Hardware wallets can be compromised by bugs in the software. It’s also possible for an attacker to force someone to input their device password under the threat of force.
For firms and businesses, it’s not just the security of the wallet that matters. The more people there are with access to a wallet’s private keys, the more points of failure are introduced, because anyone with the private key can authorize transactions.
This is where multi-signature wallets come in.
A multi-signature wallet is exactly what it sounds like: rather than giving control of the funds in an address to a single private key, a multi-signature wallet requires multiple signatures from multiple keys to unlock funds. This can be useful, for example, when running an exchange or investment firm, where one wants to eliminate the risk of a single person misappropriating the funds in a wallet.
Beyond multisignature functionality, new software is always being developed to customize key and signature management for unique organizational needs. For instance, some wallets may split a single key between multiple users — a setup that is technically distinct from multisignature, but which also helps to mitigate the risk of fund loss and misappropriation. As Bitcoin and other cryptocurrencies continue to become more institution-friendly, we’ll likely see many similar innovations in custody on the level of software.
Third-party custodial services
Third-party custodial services are primarily aimed at institutional investors. Custodian services may include hot and cold wallets, as well as multi-signature wallets — depending on the service.
Cryptocurrency custodial services are just developing, and companies like SFOX are at the vanguard of bringing financial custody standards such as insurance to the crypto sector. In May of 2019, for instance, SFOX announced a relationship with M.Y. Safra Bank to provide their traders with FDIC insurance for their USD funds — a first for the industry. FDIC insurance applies only to traders’ USD funds, not their crypto holdings — but more custody solutions are on the way.
Beyond the digital asset space, a number of traditional financial services are building custody services for digital assets. The asset manager Fidelity launched its custody service for institutions and family offices this past March. Meanwhile, a number of traditional custodian banks, including State Street, are reportedly exploring entering the digital asset space.
The Maturing Market for Custody
In the early days of Bitcoin, the digital currency simply wasn’t worth very much, which meant that most users relied on simple software wallets and their computers to store their funds. As the market has matured and the value of BTC has skyrocketed, developing secure custody solutions has grown proportionately in importance. Custody matters so much that SEC Chairman Jay Clayton mentioned better custody solutions as one of the key developments in the market the SEC wants to see before approving a Bitcoin ETF.
While the new challenges of storing and safeguarding cryptocurrencies like bitcoin may seem daunting, the silver lining is that traders and users of all profiles — whether a crypto novice or a veteran day trader — have the opportunity to educate themselves and learn about the nuances of asset custody for the first time. From best-in-class asset protection on our trading platform to industry-leading research on our blog, SFOX has you covered every step of the way.
Got another minute? Check out:
How to Secure Yourself Against Bitcoin Theft in 10 Minutes
Have you taken these 7 steps to secure your bitcoin holdings?
The above references an opinion and is for informational purposes only. It is not intended as and does not constitute investment advice, and is not an offer to buy or sell or a solicitation of an offer to buy or sell any cryptocurrency, security, product, service or investment. Seek a duly licensed professional for investment advice. The information provided here or in any communication containing a link to this site is not intended for distribution to, or use by, any person or entity in any jurisdiction or country where such distribution or use would be contrary to law or regulation or which would subject SFOX, Inc. or its affiliates to any registration requirement within such jurisdiction or country. Neither the information, nor any opinion contained in this site constitutes a solicitation or offer by SFOX, Inc. or its affiliates to buy or sell any cryptocurrencies, securities, futures, options or other financial instruments or provide any investment advice or service.