Crypto Security and Zerocap’s Institutional Frameworks

Since Bitcoin’s last halving in 2020, the adoption of digital assets has grown significantly, with total transaction volumes increasing by more than 567%. Coinciding with this rise was the emergence of Decentralised Finance (DeFi), Non-Fungible Tokens (NFTs), and other Web3 projects. These Web3 facets fuel a virtual and expansive ecosystem of decentralised protocols and projects. Often these projects are built upon an underlying digital asset or token that is recorded on the blockchain and secured by a crypto wallet. 

Crypto wallets are responsible for holding the private keys proving ownership over the assets stored on the blockchain. In 2022 so far, over $1.7 billion in funds have been stolen directly from crypto wallets, the majority of which (97%) stolen from DeFi protocols. Wallets and the private keys contained within are constantly under attack by a new generation of cyber criminals pioneering smart contracts, on-chain, oracle exploits, web-wallet hacks and governance or phishing attacks. 

Moreover, Terra’s recent capitulation and resulting fallout highlighted a new issue facing large institutional and retail investors –  the counterparty risk associated with the rehypothecation of their funds by centralised exchanges and lending platforms. These platforms often pool together the assets clients deposit onto them. In turn, users unknowingly forgo direct ownership of these assets, not having control over their wallet private keys & in turn leaving them vulnerable to counterparty risks. The dynamic, evolving nature of these threats begs the question:

How can investors securely store cryptocurrencies? 

To answer this, we must first consider the foundation of asset storage:  the crypto wallet. As previously mentioned, the crypto wallet is responsible for holding the user’s private keys, providing proof of asset ownership on the blockchain. These wallets are segregated by two major classifications: hot and cold, each of which offers its own respective benefits and drawbacks. Hot wallets are designed for usability and convenience, hosted through desktop clients, mobile apps and web browsers. 

Hot wallets

Hot/Warm wallets offer users a seamless experience when transitioning to and from DeFi & Web3 protocols, this convenience coming at the price of asset security. Backup phrases and security keys associated with hot wallets can be stolen by savvy hackers. Hackers are able to exploit clipboard hacks (when copying passwords from a password keeper), cloud storage breaches, password duplication, and screen-capturing software to uncover private keys. This exposure has led to many browser wallets such as Metamask and Avalanche launching various patches and upgrades in an attempt to keep up with ongoing hacking innovations. 

Hot wallets in centralised exchanges

Centralised exchanges are well known for their extensive service offering, one of which is the storage of users’ assets. Although the storage of user assets may seem straightforward at first, users may unknowingly relinquish control over their assets. Centralised exchanges (CEX) and lending platforms often maintain control over customers’ private keys, meaning the ‘on-chain’ ownership of funds lies with the exchange. The inherent murkiness of asset ownership has been highlighted as of late, with troubled lender Celsius pausing withdrawals from their platform, and later filing for chapter 11 bankruptcy. Celsius, with total control over pooled user funds, engaging in the rehypothecation of investor assets en-masse, was unable to fund user wallets with the funds owed – it left users with little to no agency over their frozen funds. 

Cold wallets

Cold wallets present an alternative asset storage solution, storing private keys in an offline medium. These wallets include; paper wallets and hardware wallets such as a Ledger or Trezor. Cold wallets are impervious to the vast majority of technical exploits that affect the integrity of hot wallets. Moreover, current cold-wallet vulnerabilities require the hacker to have physical access to the hardware device, in order to engage in power glitching or side-channel attacks. Whilst cold wallets provide greater security than their warm counterparts, they are limited in functionality & compatibility. 

There are numerous barriers and loopholes cold wallets have to cater to in order to engage in online interactions via Web3, the many metaverses and Defi. These limitations & associated quick fixes encourage less-secure behaviour in order to achieve a degree of simplicity for the user. An example of this is the blind signing of transactions. Blind signing occurs when the full details of a smart contract aren’t displayed on a hardware wallet or computer screen, and users ‘blindly’ sign the contracts without knowing their full repercussions. Additionally, the physical security of hardware wallets is entirely user-dependent, with the potential for wallet and secret phrase misplacement.

How can investors safeguard stored cryptocurrencies? 

After evaluating the two types of wallets presented above, it becomes clear that neither provides a complete solution to secure digital asset storage. Thus, a more nuanced and investor-friendly methodology should be adopted when investing in and storing large quantities of cryptocurrencies. It is this gap in traditional storage solutions, where the value of digital asset custodians (DAC) truly shines. DACs provide investors with an established framework for asset security & transparency utilising: cyber & cloud security/encryption, know your customer (KYC) / anti-money laundering (AML) processes, and provision of 24/7 client services i.e. dedicated customer support and/or trading desk. Many DACs also make use of delegated private keys to safeguard assets, whilst also maintaining investor agency. 

Zerocap’s Institutional Frameworks

In addition to the services offered by already sophisticated DACs, leading Digital Asset management firms such as Zerocap take things a step further – offering ‘white glove’ storage solutions, sophisticated financial and digital products, and tailored security protocols to suit the client’s needs. This has been accomplished through Zerocap’s distinct security and compliance procedures, and advanced digital asset custodial crypto wallets.

Zerocap, having recently received its SOC2 type 1 accreditation, leverages its industry-leading tech stack and cloud security protocols to proactively deliver the security, availability, integrity, and privacy of client information. Zerocap incorporates its compliance framework down to the transactional level, conducting on and off-chain transactional due diligence (DD). The DD includes a mandatory KYC/AML screening, flagging potentially high-risk transactions and wallets before they are actioned, 

In order to help safeguard against black swan cyberattacks, bad actors and ongoing hacking developments, Zerocap’s digital asset custodial services make use of Multi-Party Computational Signing (MPC-CMP), two-factor authentication (2FA), next-generation hardware isolation via Intel SGX, and backed by multilayered insurance – fine-tuned to suit unique client requirements, for example: delegating a quorum of directors to approve transactions. The need for MPC and 2FA has become increasingly important as of late, with the prevalence of bad actors seeping into crypto markets.

Perhaps Zerocaps’ most important differentiator resides in its clientele’s ongoing autonomy on custodied digital assets. Clients maintain ownership of their digital assets in every layer and process employed within Zerocap’s sphere of influence. Digital assets are held in custody, backed by both storage provider insurance, and Lloyds of London Insurance. The value of this offering is evident in the wave of crypto exchanges freezing customer funds and having cash flow issues. In the extremely unlikely event of default, Zerocap users’ funds will remain open for withdrawal, regardless of internal circumstances. 

These enriching processes & features encapsulate the holistic approach necessary for asset preservation, to assist in preventing existing vulnerabilities present within the realm of digital asset security and ultimately allowing for investors’ peace of mind when looking to establish and/or grow their portfolio of digital assets.

About Zerocap

Zerocap provides digital asset investment and custodial services to forward-thinking investors and institutions globally. For frictionless access to digital assets with industry-leading security, contact our team at [email protected] or visit our website www.zerocap.com

This material is intended for illustrative purposes and general information only. It does not constitute financial advice nor does it take into account your investment objectives, financial situation or particular needs. You should consider the information in light of your objectives, financial situation and needs before making any decision about whether to acquire or dispose of any digital asset. Investments in digital assets can be risky and you may lose your investment. Past performance is no indication of future performance.

FAQs

What are the main security concerns in the crypto market?

The crypto market faces several security concerns, including the theft of funds from crypto wallets, the majority of which are stolen from DeFi protocols. Wallets and the private keys contained within them are constantly under attack by cyber criminals who exploit smart contracts, on-chain, oracle exploits, web-wallet hacks, and governance or phishing attacks. Additionally, there is the counterparty risk associated with the rehypothecation of funds by centralized exchanges and lending platforms. These platforms often pool together the assets clients deposit onto them, leading users to unknowingly forgo direct ownership of these assets, leaving them vulnerable to counterparty risks.

What are the differences between hot and cold crypto wallets?

Hot wallets are designed for usability and convenience, hosted through desktop clients, mobile apps, and web browsers. They offer users a seamless experience when transitioning to and from DeFi & Web3 protocols. However, this convenience comes at the price of asset security. On the other hand, cold wallets present an alternative asset storage solution, storing private keys in an offline medium. These wallets include paper wallets and hardware wallets such as a Ledger or Trezor. Cold wallets are impervious to the vast majority of technical exploits that affect the integrity of hot wallets. However, they are limited in functionality & compatibility.

What is the role of Digital Asset Custodians (DACs) in crypto security?

Digital Asset Custodians (DACs) provide investors with an established framework for asset security & transparency utilizing cyber & cloud security/encryption, know your customer (KYC) / anti-money laundering (AML) processes, and provision of 24/7 client services. Many DACs also make use of delegated private keys to safeguard assets, whilst also maintaining investor agency.

How does Zerocap ensure the security of its clients’ digital assets?

Zerocap leverages its industry-leading tech stack and cloud security protocols to proactively deliver the security, availability, integrity, and privacy of client information. It incorporates its compliance framework down to the transactional level, conducting on and off-chain transactional due diligence. Zerocap’s digital asset custodial services make use of Multi-Party Computational Signing (MPC-CMP), two-factor authentication (2FA), next-generation hardware isolation via Intel SGX, and backed by multilayered insurance – fine-tuned to suit unique client requirements.

What differentiates Zerocap’s approach to digital asset custody?

Zerocap differentiates itself by offering ‘white glove’ storage solutions, sophisticated financial and digital products, and tailored security protocols to suit the client’s needs. Clients maintain ownership of their digital assets in every layer and process employed within Zerocap’s sphere of influence. Digital assets are held in custody, backed by both storage provider insurance, and Lloyds of London Insurance. In the extremely unlikely event of default, Zerocap users’ funds will remain open for withdrawal, regardless of internal circumstances. This holistic approach is necessary for asset preservation, preventing existing vulnerabilities present within the realm of digital asset security and ultimately allowing for investors’ peace of mind when looking to establish and/or grow their portfolio of digital assets.