As digital assets like cryptocurrencies become mainstream, users and service providers both need to get a handle on digital asset custody, while understanding the basics of distributed ledger technology (DLT). New regulations and the tokenisation of traditional assets put digital asset custody solutions in a more important position by the day. This blog post will give you a basic understanding of what digital asset custody is, how it differs from traditional custody, the various approaches to it, and the benefits and risks associated with each approach.
What is Digital Asset Custody?
Digital asset custody involves safeguarding digital assets on blockchains, with a primary focus on the secure storage and management of cryptographic keys needed to access and transfer these assets. Unlike traditional custody, which deals with physical or dematerialized assets like securities and cash, digital asset custody is naturally all about digital assets.
One key addition in the case of digital asset custody is private key management. In traditional settings, assets are held and managed through accounts by custodians. Digital asset custody, however, emphasizes the management of private keys, which are crucial for accessing digital assets, acting in a similar vein to passwords in an online setting. Advanced cryptographic techniques, such as Multi-Party Computation (MPC), Multisignature (multisig), and tiered wallet structures (cold, warm, and hot wallets), are employed to enhance security in digital asset custody.
MPC wallets distribute cryptographic key shares across multiple parties, ensuring no single party controls the entire private key. On the other hand, Multisignature wallets require multiple private keys to authorize transactions, reducing the risk of a single point of failure. This means, when one key is cracked, the attacker still can’t access the assets related to the wallet. Of course, it is crucial to secure these keys in different places either physically or digitally. Additionally, digital assets under custody solutions are often divided into cold, warm, and hot wallets to balance security and liquidity.
Cold wallets are designed to be offline and offer the highest level of security. By keeping private keys entirely offline, they are protected from hacking and online threats. While this makes them less convenient for frequent transactions, it significantly reduces the risk of unauthorized access.
Warm wallets strike a balance between security and accessibility. They are typically online but may not be connected directly to the web at all times. This setup allows for quicker access compared to cold wallets while still providing a layer of security by limiting exposure to online threats.
Hot wallets are online and provide the most convenient access for frequent transactions. However, their accessibility comes at the cost of reduced security compared to cold and warm wallets. Hot wallets are vulnerable to hacking attempts and other online risks due to their constant connection to the web.
Approaches to Digital Asset Custody
The foundational approaches to digital asset custody introduced in the following — self-custody, direct custody, and sub-custody—serve as the basics of this complex topic. In practice, solutions in the market often blend these elements, varying in their components and integration with operational processes.
Self-Custody
Self-custody involves businesses providing wallets for users to store their digital assets independently. This means they are the only ones in possession of the private key. This approach is particularly suitable for tech-savvy asset managers, decentralized finance (DeFi) platforms, and blockchain startups. Self-custody offers clients total control over their digital assets, utilising the decentralized nature of blockchain technology. When it comes to tokenised securities, there are protocols in place to restore assets to comply with traditional asset regulations. However, in the case of crypto assets, once private keys are lost, there is no way to recover or restore access to them.
Direct Custody
In direct custody, businesses store private keys on behalf of clients. This approach fits well with investment banks, cryptocurrency exchanges, and asset management firms. Direct custody allows for 24/7 access to assets for trading without relying on third-party providers and gives businesses control over security measures, ensuring asset safety. Nonetheless, the business bears the risk of losing private keys, requiring high-level expertise and infrastructure. Additionally, implementing and maintaining a secure wallet infrastructure can be complex and resource intensive. For this reason, it is essential to partner with a competent technology provider that offers the necessary infrastructure and support for the secure custody of assets.
Sub-Custody
Sub-custody involves outsourcing digital asset custody to a trusted third-party provider. This is ideal for traditional financial institutions lacking blockchain expertise, large organizations looking to integrate digital assets without managing the infrastructure, and insurance companies. This approach offers convenience, as partners manage the technical aspects, and leverages the expertise of specialized partners to enhance security and support. However, it can be potentially more expensive in the long term, it creates a dependency on the provider’s availability, and smaller sub-custodians may not serve large clientele effectively.
Additional Considerations
When evaluating digital asset custody solutions, institutions should consider regulatory compliance to ensure the custody provider complies with relevant regulations in all operating jurisdictions. It is also essential to check if the provider offers insurance coverage for assets in storage and transit, assess whether the custody solution can scale with the institution’s growth, and evaluate the provider’s reputation and track record in the industry.
As the digital asset market evolves, the demand for secure and compliant custody solutions is growing. Understanding the various approaches to digital asset custody—self-custody, direct custody, and sub-custody—enables institutions to make informed decisions that align with their operational needs, risk tolerance and strategies. Each approach offers unique benefits and risks, and the choice will depend on the specific requirements and capabilities of the institution. By implementing advanced security measures and engaging reputable providers, financial players can confidently manage the custody of digital assets and capitalise on market opportunities.
At Dorsum, we provide both the technology and counsel needed to implement secure digital asset custody. If you’re interested, do not hesitate to contact us!
Authors: Barnabás Horváth, Péter Kanti