What is secure custody?

Our CISO Jake Rodgers recently spoke to Blockchain Industry Review magazine about MPC tech and why it matters

Copper

This article was originally published in Blockchain Industry Review magazine

It is bizarre to think that only a couple of years back, digital assets such as Bitcoin were primarily operating from the fringes of finance. Fast forward to today, crypto is a legitimate institutional-grade asset class embraced by respected financial institutions, publicly traded companies and even a handful of governments.  

However, as the size and global reach of crypto markets continues to grow, so do the opportunities for exploits.  

Recent high-profile hacks and news reports about would-be Bitcoin millionaires struggling to access their wallets have elevated an important conversation among retail crypto holders, institutional investors and other market participants about digital asset custody and private key management.  

Not the sexiest topic, but an extremely important one.  

Though this conversation is still ongoing and hotly debated, a new cryptographic key management technology called multi-party computation, or MPC technology, is widely deemed as the best available security solution.   

What is MPC? 

MPC is a highly powerful cryptographic tool that makes it possible for multiple parties to collectively solve signature equations without ever creating a key to begin with, nor ever leaking any critical information to one another.  

The cryptographic protocol is the brainchild of Professor Andrew Chi-Chih Yao, who introduced the idea in the early 1980s. Since then, MPC has evolved into becoming one of the most actively researched areas in theoretical cryptography. However, its transition from an object of theoretical study to an applicable technology only came about recently. 

The first known practical use of MPC is actually rather underwhelming, during a Danish sugar beet auction in 08 where the winning bids were matched up with sellers without disclosing the prices or identities of any other bidders. 

Though MPC can be applied to virtually any problem involving confidential data from multiple parties, demand for the cryptographic tool is huge in the digital assets space. 

 This is because crypto custodians such as Copper, which manage billions in digital assets, recognise that when it comes to safeguarding the private keys that control crypto assets, MPC technology can afford wallet holders robust protection from potential security breaches. 

How does MPC work? 

Rather than creating a master private key and storing it on a device that risks being compromised, MPC distributes shards of a key among devices of participating parties.  

MPC key shards then draw on another protocol which is conceptually similar, called zero-knowledge proofs (ZKPs), which works by verifying information between parties without revealing the information itself. 

The crucial difference between the two protocols is this: MPC allows the computation upon private data, ZKPs allows that data to be verified without relinquishing any data. So in this instance, ZKPs enable key shards to prove that they have the right to co-sign transactions.  

The key that executes the transaction is a collectively generated value, meaning that a single key never exists in whole, or lives on any device.  

This renders an attack in key theft effectively impossible while also sheltering from internal fraud and collusion – preventing any employee, or group of employees, from misusing the key. 

MPC-based systems are inherently more secure given that transactions can be signed without centrally creating or re-assembling a master private key. 

In the case of a disaster where one signing key is lost or unavailable, backup keys can be stored offline in a physically secure location and the validity of the backup is verifiable by ZKPs. 

MPC: Sometimes a ‘bed of thorns’ rather than a ‘bed of roses 

But beware. 

It’s important to note that just because a custodian claims to have implemented and integrated MPC technology into its cyber protection solutions, this doesn’t necessarily mean that an organisation’s security is one big bed of roses.  

There are a handful of custodians out there that boast of using MPC technology, but when a shard is generated by one of their clients, this will actually be transmitted back to the custodian for ‘safekeeping’.  

This then means that if the custodian is ever breached, all three shard pieces are at risk. 

Even if the custodian attempts to mitigate risk by using separate environments, the fact is that they will have the same admins and developers working across these environments, so there are already multiple single points of failure compromising in that chain. 

Copper’s offering differs from our competitors who also use MPC but warehouse all three shard pieces on their own servers. We ensure to use sharding in such a way as to never keep a record of the shards belonging to the client and the trusted third party. 

Its important to recognise the key distinctions between Coppers offering and what is generally available.  

 When selecting a custodian, arm yourself with these essential questions to ask (and understand): 

  1. Past the point of shard generation, where will our shards be stored?
  2. Are shards ever transmitted back to the custodian?
  3. If either of the above is true, what measures are in place to ensure there are no teams or individuals with access to more than 1 shard piece? How does this work with development and operations?
  4. If SGX is being used in the architecture anywhere, how has the provider mitigated the existing, un-patchable vulnerabilities present in the SGX implementation? 

Also make sure to zoom out and look at the organisation as a whole too.  

Does the firm use intelligence in their offering? Are employees thoroughly background screened and receiving adequate security training? Can the custodian verify that they have indeed integrated the best security solutions into every layer of its platform? 

There is no denying that the crypto world is one that is constantly under attack, and increased institutional entry will only accelerate attack attempts.  

As hackers become more sophisticated, partnering with the most specialised service providers in this space is the only way for traditional institutions to enter the crypto arena with confidence, and for the digital asset sector to remain sustainable in the long run. 

alt

Independent custody
connected to multiple exchanges
Our settlements and clearing service is backed by our award winning custody technology