Definition of self-custody and third-party custody
Self-custody refers to the practice where individuals or organisations hold and manage their own keys, which are used to access and control their digital assets. This means that the asset holder has full control over their funds without relying on any third party. There are mainly two ways to achieve self-custody: using a hot wallet or a cold wallet.
Third-party custody solutions, on the other hand, involve entrusting the security of one's digital assets to an external service provider. These providers are responsible for safeguarding the keys on behalf of the asset holder. As we will see later, there are also multiple different ways to achieve this.
Hot Wallet
A hot wallet is akin to your physical wallet but in the digital realm. It remains connected to the internet, facilitating quick and easy transactions. A popular example is MetaMask, a browser extension and mobile app that acts not only as a wallet for Ethereum and other ERC-20 tokensbut also as a gateway to decentralized applications (dApps).
However, this constant internet connectivity also makes hot wallets more susceptible to online attacks and thefts. For example, phishing attacks are susceptible to happen with a Metamask wallet. Other common attacks might be linked to browser extensions or malware on your computer, as your private key, that is used to sign and authenticate your transactions, is stored on your computer.
Cold Wallets
In contrast, a cold wallet is an offline storage method for cryptocurrencies, similar to a safe in the physical world. Companies such as Ledger and Trezor represent this category, offering hardware solutions that store users' private keys offline, on the hardware.
These wallets are considered significantly more secure against online attacks, as they require physical access to the device for transactions. However, the trade-off comes in the form of convenience, as accessing funds is less straightforward than with hot wallets.
Third-Party Custody Solutions
For institutions that deal with large volumes of cryptocurrencies, third-party custody solutions have emerged as a secure and compliant way to manage digital assets. These solutions often combine the security benefits of cold storage with the operational efficiency necessary for institutional needs.
These companies provide a complete infrastructure to manage the lifecycle of all types of digital assets issued on the blockchain. There are actually three different ways for these companies to offer their custody solution: on-premises solutions (where the infrastructure is hosted by the client), cloud solutions (leveraging the security and scalability of cloud services), and hybrid models that combine both.
Storing on-premises vs. the cloud vs. hybrid solutions
The decision between storing assets on-premises, in the cloud, or opting for a hybrid solution depends on a myriad of factors including security concerns, the need for accessibility, and regulatory compliance. On-premises storage, while offering maximum control, requires in-depth knowledge of security practices. Cloud solutions offer scalability and ease of access but might raise concerns about data sovereignty and reliance on third-party providers. Hybrid solutions attempt to offer the best of both worlds, balancing control with scalability.
The on-premises approach is often fortified by employing Hardware Security Modules (HSMs), specialised physical devices designed to securely manage, process, and store keys and digital certificates
HSMs provide a robust layer of security by performing cryptographic operations within a tamper-resistant hardware environment, thereby significantly reducing the risk of key compromise. HSMs might work automatically, but in the highly secure world of banking, physical persons are needed to sign HSM transactions.
Cloud storage, conversely, relies on the infrastructure of providers like AWS or Azure, emphasising scalability and easy access. These platforms often employ Multi-Party Computation (MPC) to secure cryptographic keys by distributing operations across multiple parties, ensuring no single point of failure.
Leaders in third-party custody solutions
Two companies stand out when it comes to custody of digital assets.
Taurus, a leader in digital asset infrastructure in Europe for institutional customers and banks, offers a glimpse into how sophisticated custody solutions work. They are known for offering the three third-party custody solutions that have been talked about above, tailoring the needs of their customers. Taurus is the partner selected by Bank Szy for its digital assets custody solution.
Coinbase, a household name in the cryptocurrency world, has extended its expertise to institutional clients, becoming the crypto custodian for a significant number of spot bitcoin ETF mandates. With its Coinbase Prime offering, Coinbase successfully attracted 8 out of the 11 bitcoin ETFs approved in January.
This move underscores the trust and reliability that Coinbase has built in the digital asset custody space, combining their security practices with regulatory compliance to serve institutional needs. Notably, the leader boasts two significant achievements: its 12-year track record without a security breach and being among the first cryptocurrency firms to receive a license from the NY Department of Financial Services (NYDFS). Currently, it oversees the protection of $193 billion in digital assets, which includes $101 billion belonging to institutional clients, as reported in the fourth quarter of 2023.
Conclusion: a diverse custody ecosystem
As the digital asset space continues to mature, the evolution of these custody solutions will play a pivotal role in the broader acceptance and integration of cryptocurrencies into the global financial system. Indeed, trust is one of the main limitations to the broader acceptance of digital assets.
Disclaimer
This marketing document has been issued by Bank Syz Ltd. It is not intended for distribution to, publication, provision or use by individuals or legal entities that are citizens of or reside in a state, country or jurisdiction in which applicable laws and regulations prohibit its distribution, publication, provision or use. It is not directed to any person or entity to whom it would be illegal to send such marketing material. This document is intended for informational purposes only and should not be construed as an offer, solicitation or recommendation for the subscription, purchase, sale or safekeeping of any security or financial instrument or for the engagement in any other transaction, as the provision of any investment advice or service, or as a contractual document. Nothing in this document constitutes an investment, legal, tax or accounting advice or a representation that any investment or strategy is suitable or appropriate for an investor's particular and individual circumstances, nor does it constitute a personalized investment advice for any investor. This document reflects the information, opinions and comments of Bank Syz Ltd. as of the date of its publication, which are subject to change without notice. The opinions and comments of the authors in this document reflect their current views and may not coincide with those of other Syz Group entities or third parties, which may have reached different conclusions. The market valuations, terms and calculations contained herein are estimates only. The information provided comes from sources deemed reliable, but Bank Syz Ltd. does not guarantee its completeness, accuracy, reliability and actuality. Past performance gives no indication of nor guarantees current or future results. Bank Syz Ltd. accepts no liability for any loss arising from the use of this document.
Related Articles
In a world where change is a constant, it’s important for businesses to embrace innovation, challenge the status quo and try out new ideas. This is something for which we’ve always stood by at Syz Group. And so, when a group of colleagues suggested tokenising a real asset – in this case a piece of art – it felt like a natural next step to our digital asset journey. In a pioneering move, we have successfully tokenised a piece of art and distributed these unique tokens amongst our employees. This bold initiative is not only a testament to our commitment to innovation but also a development that marks a significant stride in the evolution of wealth management, for the long-term benefits of our clients and the Syz Group.
Binance takes a large punch from the SEC, leaving them bruised, but alive Binance’s labyrinthine operational shady dealings have long been crypto’s ‘known unknown’. For that reason, news that the company has been landed with one of the largest corporate penalties in US history came as no surprise. The crypto industry has been aware its largest exchange has been operating illicitly for years. Binance turned a blind eye to its legal obligations for KYC / AML, enabling the potential for funds to flow to terrorists and other criminals through its platform. This Tuesday, the industry breathed a sigh of relief as Binance took their hit: $4.3bln fine, CZ the CEO stepping down, with an expectation of sentencing later. We are pleased action has finally been taken and believe Binance’s settlement with US regulators is a long-term positive development for a number of reasons.
FTX marked the end of the beginning. In the wake of its dramatic collapse, the cryptocurrency industry awoke to harsh realities. The fevered speculation of skyrocketing NFT prices has been replaced by sober debate around regulation, scrutiny over use cases, value, and environmental impact. While some purists may still harbour hopes that crypto will return to its fully decentralised roots, the truth is that the FTX saga was a seismic moment for digital assets. It has compelled the crypto world to mature and incorporate elements of the traditional financial sector to protect investors.