“The next level for the crypto community is for additional institutions to enter the space. They will only do so if there is a super secure way of storing the assets or the private key.”
CEO of Swiss Crypto Vault AG
- At no point should a crypto custody solution provider have access to a client’s unencrypted private key. The industry standard may very well become Hardware Security Modules (HSMs) for the creation of private keys.
- Reputation and experience should be considered when evaluating a crypto custody solution for your organization.
- Consider that outsourcing your private key storage is similar to outsourcing your gold storage. In case of an emergency, will you be able to access your cryptocurrency if someone else is the gatekeeper?
In this article, we explore solutions for institutional cryptocurrency custody. Cryptocurrency custody solutions are needed because improper handling and storage of cryptocurrencies can result in loss or even theft. Self-managed cryptocurrency accounts are not insured against loss or theft, and law enforcement may have difficulty in recovering stolen cryptocurrency such as Bitcoin depending on the different ways thieves attempt to mask their efforts. From a regulatory point of view, professional custody solutions can also be compulsory. As is the case with investment funds. Thus, there is an increased demand for professional solutions.
Not All Institutional Storage Solutions Are Made Equal
Let’s begin with a brief overview of some of the components required to use cryptocurrency. One such component is a cryptographic key pair in the form of a public key and private key. The public key is used to derive a public cryptocurrency address that may be made available to the public. A cryptocurrency address is very similar to an email address, meaning, anyone with knowledge of the address can send information to that address, in the form of a balance of coins or tokens. A cryptocurrency address has a record of its balance and is able to receive and send an amount of cryptocurrency, provided the owner of the cryptocurrency address has access to its associated private key. The private key must always remain private and is much like a password for a particular cryptocurrency address. Only the owner of a cryptocurrency address should have access to the private key. Revealing the private key to an unauthorized party puts a cryptocurrency address at risk for theft of its balance. Further, to spend any balance associated with a particular cryptocurrency address, access to the private key of that address is required to authorize the transaction. One wouldn’t want to give an unauthorized party access to their email password, so in the same respect, one would not want to give an unauthorized party access to their cryptocurrency private key. The cryptocurrency address or the balance associated with a cryptocurrency address is not the asset that needs protection. A user’s private key associated with a cryptocurrency address is the asset that needs protection.
In the last issue of the Crypto Research Report, we explored this topic and titled the entire issue (“Handy Theft Edition”). The private key requires extreme care and consideration with its storage and security and failure to maintain the utmost of care may result in loss or theft of cryptocurrency. Anyone who has been around the cryptocurrency space for some time has probably seen news related to theft of cryptocurrency. Theft of cryptocurrency has been a focus of cyber criminals because once stolen, it is impossible to reverse a transaction. The only way to recover any funds would be to gain access to any private key associated with any cryptocurrency address that has taken custody of the stolen funds. Good luck locating extremely sophisticated cyber criminals in this day and age.
Theft is not limited to criminals hacking into computer systems of an organization. Theft could also originate from within the organization if one or more of the wrong personnel are put in charge of the safekeeping of the private keys associated with any cryptocurrency address holdings. Let’s consider how institutions are organized, for example, a corporation or other similarly organized entity. Being that an institution may be made up of more than one individual, comprising personnel that makes up a board of directors, executive management, and other such employees, how should a company decide who should have the rights to access and secure the private key associated with a cryptocurrency address? Should it be the chairman? The board? An executive, such as the CEO or the CFO? A particular employee such as a software developer? What about a combination of one or more of the preceding options? An organization might ultimately decide that a combination of personnel comprised of a board member, an executive, and a software developer is required to transact with any cryptocurrency holdings. With the complexities associated with storing and securing cryptocurrency, we should be able to see that there is an opportunity for businesses to provide cryptocurrency custody solutions for those lacking the sophistication or resources required for securing private keys for cryptocurrency addresses that are associated with large holdings.
Via our Twitter Channel @cryptomanagers, we invited institutional custody solutions to provide us with some information about their products. The following five companies which offer custodian services of cryptocurrencies reached out to us. In exclusive interviews with the security officers, we gained knowledge of how these different firms attempt to solve the custody problem for investors. Our research results lead us to the conclusion that not all storage solutions are made equal. Many thanks to all contributing companies for their helpful cooperation. The results presented here are based on the information provided by the providers and are not guaranteed.
Crypto Storage AG
The first crypto custody solution that we investigated was Crypto Storage AG. Crypto Storage AG is a subsidiary company of Crypto Finance AG which was founded in 2017 and is based in Zug, Switzerland. Crypto Storage AG offers services for storing blockchain based assets securely through a compelling infrastructure solution. We had the pleasure of speaking with the CEO, Stijn Vander Straeten, and the Technical Sales Engineer and Implementation Project Manager, Maria Sommerhalder. According to the company’s material, they have over 40 internal and 13 external professionals involved with creation and implementation of the solution.
The infrastructure of Crypto Storage AG is made up of a transaction user interface that communicates with a backend server infrastructure that specializes in bookkeeping and relaying of messages between the Hardware Security Modules (HSMs) and the Hardware Approval Terminals (ATs). An HSM is a computer with cryptographic processing capabilities that operates within a tamper-resistant hardware device that is capable of performing encryption and decryption, key generation, and digital signature creation and verification. Some HSM manufacturers allow for customizing the processing capabilities through programmable extensions made possible with software development kits or by special request.
The backend server infrastructure and the HSMs are distributed across Switzerland in a georedundant fashion, and one of the locations used to be a military bunker located in the Swiss Alps. Georedundancy provides strong assurances that if one location goes offline there is another location available as a backup. The ATs are installed at the client’s facility and are linked cryptographically with the backend servers and HSMs through encrypted communication. The company behind the HSMs and the ATs is called Securosys, which is based in Zürich, Switzerland. The company involved with the operational security aspects and backend software development is AdNovum, which is also based in Zürich, Switzerland. These companies assisted in the development and implementation of Crypto Storage AG’s solution.
What is unique about the Crypto Storage AG solution is the combination of HSMs and ATs that are cryptographically paired. This allows for both hot and cold storage capabilities for the client where the private keys are generated on the HSM and never leave the device, thus, being the cold storage aspect. Crypto Storage AG is unable to access the client’s private keys stored on the HSM due to its secure tamper-proof construction. In addition, the cryptographically paired ATs provide hot-wallet-like capabilities where the client may initiate withdrawal transactions out of cold storage while being able to rely on a secure device. Crypto Storage AG refers to this as “deep cold storage allowing for the flexibility and speed of a hot wallet.”
Further, the client is able to design a custom approval framework where the client can mirror their own operational processes for approving crypto transactions. The approval framework allows for the design of rules which are then stored with the private key inside the HSM. For example, an m-of-n approver scheme might be configured for initiating any transaction, where one or more groups of approvers are required. Time delays may also be configured to ensure that any withdrawal transaction follows the appropriate governance procedure suitable for the client. The ATs have the same security standards as the HSMs and the ATs require a personalized smart card and pin code per approver to initiate any withdrawal transaction. This solution is an extremely powerful yet highly secure means of storing and transacting with crypto.
Crypto Storage AG supports 59 out of the top 100 cryptocurrencies by market capitalization and new cryptocurrencies are added regularly. Target clients are banks, asset custodians, family offices, brokers, insurance companies, pension funds, exchanges, and foundations. As for insurance, the technical infrastructure is covered which may include some client assets but not all. How much of one’s assets may be insurable is definitely worth investigating when exploring Crypto Storage AG as a potential custody infrastructure provider.
Overall, Crypto Storage AG has a very compelling solution worth exploring for any institution or private individual that desires extremely secure storage with near immediate withdrawal capabilities and a highly configurable governance process if desired.
Card Wallet is another company that we reviewed, which is a co-production between Coinfinity and the Austrian State Printing House. Coinfinity is a Bitcoin broker based in Austria that offers services to both businesses and consumers. Coinfinity also offers consumers the ability to purchase Bitcoin at retail outlets throughout Austria at nearly more than 4,000 locations and is also known for installing the first Bitcoin ATM in Austria. In addition to retail locations, Coinfinity also provides services that allow merchants to get paid in Bitcoin. The Austrian State Printing House is known for their services in printing identity documents in a highly secure facility and controlled fashion. Together, their services are used for operating Card Wallet.
Managing Director of Coinfinity, Max Tertinegg explained in an exclusive interview that Card Wallet is a credit-card-sized tamper-proof card that allows customers to store Bitcoin in an offline manner, similar to how one would store Bitcoin using a paper wallet, that is, writing down the private key on a piece of paper. The difference is that Card Wallet is a polycarbonate plastic card and a Bitcoin private key is laser-etched directly onto the card and then covered and sealed with a tamper-proof sticker. The private key is generated with what Card Wallet defines as Secure Entropy Technology (SET).
According to Max, SET leverages three random number generators for generating the entropy for deriving a Bitcoin private key printed on the card. Entropy is a way to generate an unpredictable output of information that is nearly impossible to reproduce. The random number generators are made up of a hardware device provided by the Austrian State Printing House, a software solution provided by the
Austrian State Printing House, and a human-derived random number generator performed by the personnel of Card Wallet by rolling dice and then documenting the results to produce the random number. When these three generated random numbers are combined, they are used as inputs for generating a Bitcoin private key that is then laser-etched onto a physical card.
The printing of cards is performed in a secure room of the Austrian State Printing House and, according to Max, is protected by approximately seven or eight different physical firewalls, so one could imagine how secure the facility may be. No copy of any private key is stored on any permanent storage means, and, assuming the facility maintains its security guarantees, in theory, the personnel at the facility will never gain access to the private keys.
The card is reasonably priced at €59 and currently supports Bitcoin. In the future, Ether along with other cryptocurrencies will be supported. Card Wallet is very similar to a pre-paid gift card and seems most appropriate for insignificant amounts of cryptocurrency, maybe for gifting a family member or friend. Given the counterfeiting possibility of card storage solutions, the party who receives this as a gift should be told to only purchase new Card Wallets directly from the manufacturer.
For the institutional or wealthy investor looking to securely store hundreds of thousands, or millions, a different custody option may be more appropriate. In view of the possibility of forgery, Card Wallets should only be purchased directly from the manufacturer.
Daenerys & Co.
Daenerys & Co. is another crypto custody solution that comes from the Silver Bullion Group. Silver Bullion Group was founded in 2009 by Gregor Gregersen and is based in Singapore. Silver Bullion Group offers secure storage facilities for precious metals, provides insurance, as well as liquidity services. Since 2009, Silver Bullion Group has done over $400 million in sales. As Silver Bullion Group has done with safeguarding precious metals, Daenerys came from a need to solve custodial and compliance issues as they pertain to digital assets. Gregor Gregersen and Clint Mark Gono are positioning Daenerys to be a leader in the space with a one-of-a-kind business and security protocol called the Gregersen-Gono Physical Crypto Storage (GGPCS) standard. GGPCS is currently being used at Silver Bullion Group’s vaulting company called The Safe House.
The process begins in a secure vault on computers that have no Internet connection. These computers generate a Bitcoin private key within the temporary memory of the computer, then encrypt this private key with a first encryption key, and then encrypt it once again with a second encryption key.
Each of these encrypted private keys is then laser-etched, in the form of a QR code, onto its own polycarbonate plastic card, a primary card, and a recovery card. Once the encryption process is finished, the private key is then wiped from the computers’ temporary memory and is not stored anywhere in the permanent storage of the device. The cards are then analyzed to ensure the etching process performed as expected and that the QR code is readable. The polycarbonate plastic is a material that is capable of surviving long periods of time, although the material is not fireproof but supposedly readable even if up to 30 % of the card become damaged. This is why it is useful to have a primary card and a recovery card. If the primary card suffers any sort of damage, the recovery card stored at a different physical location could be used to recover any assets associated with that Bitcoin private key. Once the etching process is complete, the card is then placed in a lockbox that resembles a gold bar, and that lockbox is then stored in the facility in a manner similar to how gold bars are secured.
Once the client has access to the deposit address associated with a particular
private key, the client is then able to initiate a deposit to that address. On the other
hand, withdrawals from this address require a multistep process to ensure the
withdrawal request is coming from the actual client initiating such a withdrawal.
Prior to a withdrawal, the client is required to configure Authorization Mandate
These rules might reflect the client’s governance structure within their own organization, where one or more authorized representatives, such as the CEO, the CFO, and/or the compliance officer, are all required to approve such a withdrawal, or possibly two of those three. Daenerys uses a live video conference to authenticate the representative initiating the withdrawal, and any withdrawal may only be made to a preapproved address.
Insuring one’s cryptocurrency assets is probably a great idea when someone else maintains custody. Daenerys also offers an optional insurance policy where an individual card is insurable up to $5 million. The insurance provider has a Standard & Poor’s A+ rating, is based in London, and is something worth looking into.
Another crypto custody solution investigated was Blockvault, which is powered by Goldmoney Inc. We had the pleasure of speaking with Josh Crumb, co-founder and director of Goldmoney, and Will Felsky, director of operations of Blockvault. Goldmoney is a company that provides a way for institutions to invest in precious metals. The company was also founded in 1999 and is a public company listed on the Toronto Stock Exchange (XAUMF). Their current customers rely on Goldmoney to secure $2 billion worth of assets. Goldmoney is also a debt-free company with more than $100 million at its disposal.
Being that Goldmoney is in the precious metal’s storage business, they have access to precious metal storage facilities around the world. Goldmoney saw an opportunity to provide similar custody solutions for institutional clients in the crypto space. They are leveraging their network of vault providers around the world for Blockvault.
Blockvault offers its clients an offline private key storage of crypto. The private keys are created by Blockvault, although the method of private key generation was not disclosed during the interview. Regardless, client’s cryptoassets may be covered under an insurance policy.
The company’s auditor is KPMG, and they are used to confirm and verify that the assets under its management are in fact in its respective vault. KPMG is also the auditor for Goldmoney where they perform IASC audits for gold bar custody confirmation. The Blockvault insurance they are offering is made up of a collection of many of the major insurance companies. Blockvault also mentioned that their vault providers, auditors, and insurance partners are all publicly traded businesses. They are currently working with vault providers in Canada, United States, United Kingdom, Switzerland, Dubai, Singapore, and Hong Kong.
Blockvault described the high-level process of how their offering works. It begins with know-your-customer (KYC) and anti-money-laundering (AML) checks during the client onboarding process. Once through the onboarding process, the client is provided with a trade receipt of a list of addresses that they are able to deposit their crypto funds to. Blockvault’s target clients are regulated or registered financial institutions, banks, broker-dealers, registered funds, cryptocurrency miners, and other similar businesses that can pass bank level KYC/AML tests. The target customer is more than likely the institution looking to safeguard $50 million or more in crypto, although they would be willing to accept clients starting with $1 million. They recommend that each address store approximately $50,000 worth of crypto, so if depositing $1 million of crypto, those assets would be safeguarded across 20 different crypto addresses that have a corresponding key pair. Every deposit is issued a trade receipt, and the governance model for how to deposit and withdraw is customizable by the client, and that is something that is usually agreed-upon through the contractual relationship with Blockvault. As for the maximum amount of cryptocurrency insurable, they prefer to have those conversations directly with the client. Further, withdrawals and trading of cryptocurrency assets are able to be performed within one business day to an address of the clients choosing.
Assets that Blockvault supports safeguarding in their vaults include Bitcoin, Bitcoin Cash, Ether, XRP, Litecoin, as well as all ERC20 tokens. Coming soon, they will be supporting XLM. Blockvault also mentioned the potential for financial institutions to white label the Blockvault service and offer it to their own clients.
Overall Blockvault seems to be in a great position and has a long history and track record of safeguarding precious metals for its clients. Any company looking into their solution should inquire about the private key generation and storage methods employed and should also ask about their insurance policy.
Swiss Crypto Vault AG
Swiss Crypto Vault AG (SCV) is branded as a hyper-secure crypto storage solution for institutional investors and high-net-worth individuals (HNWI) and is a joint venture between Bitcoin Suisse AG and Swiss Gold Safe AG. For this interview, we had the pleasure of speaking with Philipp Vonmoos, CEO of SCV.
If you are from the cryptocurrency space, you may have heard of Bitcoin Suisse, who is known for its cryptocurrency-related financial services and storage solutions for institutional and private clients. Established in 2013, Bitcoin Suisse has helped facilitate and raise nearly ₣1 billion for initial coin offerings (ICOs) or token generation events (TGEs) for some of the most well-known cryptocurrency projects. If you are from the precious metals space, you may have heard of Swiss Gold Safe AG, which is known for its precious metals and valuables storage services. Established in 2006, Swiss Gold Safe has helped secure precious metals and valuables for institutions and HNWI. SCV was formed under the laws of Switzerland in 2017 and is based in Zug. The partnership between the two organizations to form SCV was to combine their knowledge of cryptocurrency handling and physical security and storage.
SCV’s solution provides clients with a deposit address that is associated with a private key that was generated on an HSM so the private key never leaves the device. The client is able to deposit their cryptocurrency assets as needed into the deposit address. The private keys are redundantly distributed, after being encrypted, ensuring that if one facility were to suffer a catastrophic event there is a backup to your private keys. The governance model is highly customizable by the client, allowing for multi-signature transactions and role designations of requester, controller, and approver.
The requester, using the web portal, is able to initiate withdrawals. One or more controllers are able to cancel a withdrawal request and two or more approvers are able to approve a withdrawal request. An optional time delay may also be defined, and withdrawals are only allowed to be delivered to preapproved addresses. Another configuration the client is able to make is the selection of a handling partner.
To prevent Swiss Crypto Vault from having complete authority over the withdrawal process in case their personnel or computer systems were to ever become compromised, a handling partner is a company different from Swiss Crypto Vault, that provides the client with the additional benefit that the authorization of 2 separate organizations with different business operations, personnel, and computer infrastructure are required to authorize the client’s withdrawal request. Requiring 2 organizations to authorize a withdrawal request is in addition to the clients own configurable withdrawal approval process. Currently, the only handling partner is Bitcoin Suisse, with the promise that other handling partners will be available for clients to utilize in the future. This architecture is similar to a multi-signature transaction, in that more than one party is required to authorize a withdrawal. In other words, both Swiss Crypto Vault and the chosen handling partner (currently only Bitcoin Suisse) must both agree to authorize a withdrawal request otherwise a withdrawal request will be denied. This is a worthwhile safety feature which reduces the odds of both organizations being compromised when a client makes a withdrawal request.
PriceWaterhouseCoopers reviewed the storage solution, oversaw the private key generation, and will also compare the amount of stored crypto assets to the balances registered on the associated blockchain. Zuhlke Engineering reviewed the private key generation code. They don’t yet offer insurance, but this is something that they said they are looking into. As for their clients, they are currently serving those from Europe, USA, Asia, and the Middle East. As for the typical client deposit amount, SCV makes sense for those starting around ₣500,000, up to triple digit millions. A SCV client does not require any physical hardware installed on their end, although they may co-sign a transaction with the private key of their own Trezor or Ledger hardware wallet under their control. They may also leverage multi-factor authentication for accessing the web portal. Many types of cryptocurrencies are supported as of today, such as Bitcoin, Bitcoin Cash, Bitcoin Gold, Ether, Litecoin, and all ERC20 and ERC223 tokens. Others will be added on an ongoing basis.
Swiss Crypto Vault appears to be a highly redundant, highly secure, well thought-out implementation and process that is also easy to use and configure by the client. SCV is backed by a track record of experience and expertise in both cryptocurrency and precious metals. The solution is suitable for both institutions and HNWIs, and definitely a crypto custody solution worth investigating.
HSMs Matter and Outlook
In this article, we covered a few options for crypto custody solutions. Two solutions ensure that a private key never leaves an HSM, two others generate the private key in temporary storage where it remains for a brief moment.
The final solution desired to maintain confidentiality and secrecy of their private key generation process.
For those where the private key is not generated on a HSM, an insurance policy could make up for any potential vulnerabilities assuming the policy covers theft and is bullet-proof. As for technological innovation, speed, ease of use, customization of governance, physical security, and digital security, the most well-rounded solutions appear to be Swiss Crypto Vault AG and Crypto Storage AG. Of those two, Swiss Crypto Vault AG has the longest track record and most experience. Crypto Storage AG appears to be the most innovative solution. If your organization requires insured options, Daenerys & Co. and Blockvault may be right for your organization. Both are capable and in positions for the physical storage of large sums of cryptocurrency. These evaluations are not meant to be recommendations of one company over the other, as they each have their own use case. We should stress the importance of doing your own due diligence when investigating the solution that is right for your organization.
If you have any questions or comments, are looking for a solution for your organization, or if you have your own solution that you are interested in sharing, please head over to this website for participating in a brief survey and be entered for a chance to win a Ledger Nano S sent directly from the manufacturer. Joseph can also be reached at joseph (at) cryptocustodysolutions.io.
 See “Storage,” Crypto Finance, 2018.
 See “Crypto Currency Physical Storage,” Gregor Gregersen and Clint Mark Gono, Little Bit, September 21, 2018.
Disclaimer: Coinfinity and Silver Bullion are associated with In Gold We Trust and the Crypto Research Report. None of the information you read in this article should be taken as investment advice, nor do the writers of the Crypto Research Report endorse any project that may be mentioned or linked to in this article. Please do your own due diligence before taking any action related to content within this article.