Crypto custody: Lesson learned? Ensuring full control and transparency following the FTX fallout
In the last few days, the FTX bankruptcy, and subsequent fallout, has shocked the crypto and non-crypto worlds alike. Our sympathy and thoughts go to everyone affected, especially retail investors, who trusted an apparently reliable counterparty with their funds.
This dramatic and financially costly event must serve as a warning and an opportunity to re-establish the core crypto values as a foundation upon which we, as an industry, build applications and technological infrastructure with a real-world impact.
For this reason, we believe it is important to talk and reflect once again about custody and how institutions and retail investors can safely and securely regain full control over their assets.
Third-party custody means giving away ownership of your private keys and to rely on an external counterparty to keep your assets secure. Third-party custody is mostly based on trust. The problem with trust is that it does not rely on maths and, especially in a relatively unregulated environment like crypto, it is hard to assess your counterparty risk given the difficulties trying to maintain full transparency of investment processes.
FTX was considered one of the most trustworthy names in the industry by the media and the general public. However, when depositors placed their withdrawal orders last week, they found that those withdrawals could not be honoured.
This happened because customers did not have actual ownership over their private keys, but they had to submit their withdrawal requests through FTX, which had paused withdrawals in the meantime. The same happened with other third-partner custodians or centralised financial entities over the past year - Celsius, Voyager, 3AC, to name a few.
So why would retail investors or institutions choose third-party custody? The advantage of using a third-party custodian for retail is that it is easier to use. It is easier to create an account (you can simply use your email address), there are no complicated seed recovery phrases involved, you don’t have to handle your private key, and if you forget your password you can get your account back (just like in Web2).
For institutions, other than the advantages listed above, third-party custody can make it easier to access liquidity or financial products to generate yield on their crypto assets.
Self-custody means retaining the private keys of your wallet, and following the crypto mantra ‘Not your keys, not your coins’. There are different ways of doing self-custody.
You can use a cold storage hardware device, where your keys are stored offline. In this case, in order to make a transaction, you will need your physical device with you. Although this solution is considered quite safe for retail, it still poses the risk of internal theft or collusion when it comes to financial institutions.
Also, operations can be slow considering the hardware device has to be physically present to be able to authorise transactions (which could be quite inconvenient). This is why cold storage solutions are generally considered unsuitable for trading or for any high-frequency transactions type of investors.
Self-custody for institutions can be done using multi-signature hot wallets. Multi-sig wallets are wallets that require a certain number of private keys in order to authorise a transaction. They generally rely on a smart contract (or, in the case of Bitcoin, on Bitcoin script - the language of the Bitcoin protocol).
Through that, a certain threshold of keys is set-up, which represents a minimum number of private keys needed to effectively interact with the blockchain (i.e. m of n threshold). Multi-sig wallets have been around for quite a long time and they are generally considered secure.
One of the downsides of multi-sig wallets is that they leave a footprint of the key structure on the blockchain. From the smart contract, it is possible to infer how many keys are needed to authorise a transaction. This can expose the company’s organisation structure and decision making process, making it a possible target of phishing attacks.
Furthermore, each private key involved in the authorisation process will generate a signature on the blockchain, incurring transaction fees. For example, if there are three authorisers, the transaction fees will be threefold higher. Finally, multi-sig wallets rely on a certain protocol (e.g. ETH, or BTC) and for this reason they do not have multi-protocol support.
The third solution for self-custody is MPC (multi-party computation). At Custonomy, we are huge advocates of MPC technology as a gold standard for institutional custody of digital assets.
MPC is asset-agnostic (it does not rely on any particular protocol and has multi-chain support); does not leave any footprint of the key shares structure on the blockchain (MPC wallets look like regular retail wallets); it allows cost-efficiencies on transaction fees (regardless of the number of authorisers, the signature generated on the blockchain is only one).
In addition to that, with Custonomy’s patent-pending multi-tier MPC protocol, it is possible to differentiate multiple tiers of authorisers with different thresholds to take part in the decision making process. This allows the most sophisticated processes to be mathematically embedded in the organisation’s wallet.
The challenges of self-custody for institutions are usually the technical hurdle that some of these solutions require to be implemented. It is also harder to access liquidity and financial products, although it is possible to do so through the growing DeFi ecosystem.
In general, the risk to retail investors and institutions can be mostly attributed to the handling of the private keys. If the private key is lost, the assets are lost forever. This is still very hard to understand especially for non-crypto native users, who often find themselves in the situation of not being able to recover their assets.
With this challenge in mind, Custonomy has created a trustless way to handle digital assets, one that gives full ownership and transparency of the assets directly to the user without giving up the ease of use and possibility of fund recovery.
Leveraging our MPC technology, we created our Web3asy wallet solution, which allows users to generate a wallet address using an email address and a password. The users won’t have to deal with seed recovery phrases or any mnemonics. However, they will be able to make transactions and engage with Web3 in a Web2 fashion, while retaining ownership of their own assets.
Through our MPC governance, when a user creates a wallet address, some back-up key shards are generated and assigned to the project owner (e.g. crypto exchange or NFT project). These key shards are used only if the user loses access to their wallet. In this case, owing to the benefits of the underlying cryptography supporting Web3asy, it is possible to recover the funds on behalf of the users.
This solution represents a revolutionary approach, combining the best features from the self-custody model (ownership of the assets) and the third-party model (ease of use and assets recovery).
We believe this new perspective will positively change the industry for the better, giving investors full control and security over their assets. We also hope it will encourage investors to rethink how they manage custody of their digital assets so that hopefully the industry will be able to avoid other FTX-like disasters in the future.