Setting the standard for digital asset security

Digital assets are in a new phase of engagement. President Biden’s executive order on cryptocurrency has ushered in a new era for the technology, with a clear signal that digital assets are here to stay and will play a key role in the development of a new financial infrastructure. 

Nor is the U.S. alone in this approach. Other leading financial and economic hubs are accelerating their own regulatory frameworks on this issue. In Europe, EU lawmakers have shed a cumbersome amendment on proof-of-work–based assets from the Markets in Crypto Assets (MiCA) bill, indicating a desire to create a fair system that balances genuine financial innovation alongside the management of risk. 

The significance of such forward-looking regulation cannot be understated. Many of the world’s largest financial institutions are at advanced stages of developing their digital asset use cases. This regulation provides a clear path for them to launch regulated products and services in key global markets.

Much of the discussion to date on engagement with digital assets has hinged on a core dichotomy: Should firms adopt digital asset infrastructure? Is there a business case for us in digital assets? As we enter this new phase, these questions have been answered emphatically in the affirmative. Firms are now asking: How should we build our digital asset use case? What are the key considerations we need to address?

The case for digital asset security

Security should be at the top of the list for every firm, no matter their use case. Crypto theft reached an all-time high in 2021, with $14 billion in cryptocurrency stolen – a 79% increase on the year previous. That figure is expected to rise significantly as adoption accelerates. Despite such risks, many firms do not have clear security standards in place for use cases, with a proliferation of products and services across the industry claiming to offer the “gold standard.” 

While the fast-paced nature of innovation in the digital asset sector can make it challenging to keep up with the latest developments in digital asset security, now is the right time for the industry to come together and set the taxonomy for common security standards. 

Setting the standards

Security is fundamental to every digital asset use case. At its core, this revolves around securing the private keys required to access and manage the assets in digital wallets. For institutions, wallet security is made up of two main solutions: hardware security module (HSM) and multiparty computation (MPC). 

An HSM is a purpose-built, tamper-resistant physical computing device for securing keys and processing crypto transactions. HSMs are certified to international standards, with the Federal Information Processing Standards (FIPS) 140, the most commonly recognized certification. The highest level of FIPS 140 security certification attainable is Security Level 4, offering the most stringent physical security and robustness against environmental attacks.  

In contrast, MPC works on the basis of a distributed model of trust, splitting keys across multiple entities and using zero-knowledge computing to allow the entities to share their data without being required to reveal it. Both MPC and HSM can be connected to a network (hot storage) or used in an offline setup (cold storage), which is more secure but less flexible. 

While there has been considerable debate about the best security solution for institutions, the reality is that the best choice often depends on specific institutional needs. The answer is there is no “one size fits all” solution–as traction grows and use cases expand there are clear arguments to use both MPC and HSMs. Indeed, the objective of a custodian involves combining aspects of HSM and MPC to effectively strike a balance between agility and security. In addition, combining elements of both solutions (hot MPC, cold HSM, etc.) can enable the switching of signing mechanisms according to the necessary requirements and use cases, so firms can ensure they maximize both security and agility. 

Eliminating single points of compromise

Despite the well-understood criticality of managing private keys, too often we see single points of compromise in so-called “secure solutions.” Although every solution has a policy engine that enforces distributed approvals for transactions, this ability to distribute trust stops at the transaction level. There is usually a role with administrative rights that delivers “god-like powers” over all aspects of the solution, which enables an administrator to override all policies in the platform. Evaluating a solution with “does it have a policy engine?” is not a box-ticking exercise. It is critical that all processes — from transaction approvals to setting up users, permissions and whitelists, and even changing policies themselves — be subject to an enforced distributed approval process to ensure there is no single point of compromise. 

In order to secure highly confidential keys, the appropriate security controls need to be in place to protect from both internal and external threats. Keep your own key (KYOK) technology should be embraced as an industry standard that allows client firms to ensure that they retain sole access to their crypto keys. Using trustless computing technology means only authorized users from client firms have access to encryption keys, ensuring no special-access privileges are provided to third-party technology providers.

This technology ensures that clients alone have access to keys. Combined with a hardened end-to-end authorization policy framework that requires signature sign-offs from multiple internal users for any use case ensures that no data is ever revealed to any computer or individual in the network and guarantees there is no single point of compromise.

Stringent risk management 

No one likes to think of the worst case but, while rare, disasters happen and need to be included in risk management procedures. An estimated $3.9 billion of Bitcoin alone has been lost by investors due to mismanaged keys. Firms should have comprehensive recovery solutions for critical private key recovery backups in case of accident or disaster.

Generating multiple FIPS 140.2 Level 3 smart cards containing encrypted key shards of recovery seeds should be considered foundational to this approach. The physical storage of these smart cards in secure and distributed environments can ensure that there is no single point of failure in the recovery storage process. 

Insurance also plays an important role. Having the gold-standard security protocols in place ensures that assets are easily insurable – taking the weight off your mind when it comes to protection. 

Moving forward with confidence

The digital asset sector is a tremendously fast innovating and iterating industry. For firms engaging with digital assets, there have been challenges in future-proofing use cases for the years to come. The choices available have been security and agility as a binary tradeoff due to the lack of any alternative. With the advent of mature infrastructure, there is a clear taxonomy of security infrastructure that firms should put in place no matter their use case. But more importantly, they can now be assured that they can look beyond today’s MVP use cases and look forward in confidence that they will be able to scale and respond to their business and client needs with agility and flexibility, whatever the future holds. The source of future competitive advantage, as all assets eventually move on-chain, will be no tradeoffs — maximum security and maximum agility. 

Moving the industry toward a common no-compromise security standard underlined by flexible and agile infrastructure should be held paramount by providers. By doing so, we can ensure that as engagement with digital assets accelerates, firms have the right infrastructure in place to operate with speed, clarity and confidence in the space. 

Seamus Donoghue is VP of Strategic Alliances at METACO.