Custody is a longstanding part of capital markets and a critical function for any asset manager and trading platform. In legacy finance, custody entails authorizing a third party like a broker to manage assets on behalf of a client. Practically speaking, custody is often an afterthought, as trading occurs via a limited number of highly regulated venues with well-defined rules and patterns around custody, including the ability to roll back mistakes.
Digital assets are still emerging as a class, meaning that digital asset custody also remains in its infancy, relatively speaking. Hivemind takes the need for institutional-grade custody seriously, and the goal is the same: securely store all assets. However, due to the peer-to-peer, permanent nature of crypto transactions and newness of the industry, digital asset custody can take several forms and requires a diverse set of approaches.
In this post, we’ll provide an overview of the institutional custody landscape and offer several best practices to keep in mind when protecting assets. While this post is targeted at other institutions managing digital assets, a lot of these themes can be applied to individual retail users, too.
The Institutional Custody Landscape
“Not your keys, not your coins” is a common phrase we associate with crypto asset management. Simply put, it means there’s an inherent level of asset ownership and control with crypto, technologically, that doesn’t truly have an analogue in the tradfi space. In effect, it’s as if investors could easily request old-fashioned stock certificates - bearer instruments - from any exchange, directly trade that certificate to a friend across the globe, or even deposit it at a different stock exchange listing the same company.
This ownership sounds great in theory, but it presents significant complexity. Handing off full access to an intermediary remains inconsistently regulated. The reality is sending your assets to the wrong place or person can have bad consequences, especially without the kind of safety net equivalent to FDIC insurance for bank deposits. Yet, the alternative of self-custody requires technical and operational skills and firms often would benefit from employing a trusted partner or technology to help secure assets.
A “one-size fits all” solution doesn’t exist. Instead, companies should define their objectives for custodying a particular asset and understand the landscape of available options. Every fund or firm has different goals for its crypto. Some funds want to hold one asset for an extended period of time, while others may want to move in and out of markets every day. Likewise, each provider/technology in the ecosystem has strengths and weaknesses. Identifying the intersection of both is critical.
Once a company has agreed upon objectives for its crypto asset, it can explore different tools to help them achieve its goal. Generally speaking, there are four categories for crypto custody, each with unique pros and cons:
- Exchanges: In crypto, centralized exchanges act as both an exchange and a custodian of sorts. While leaving assets on exchanges provides the most trading flexibility, this approach gives users the least amount of control due to the venue's terms of service and legal ramifications. The FTX situation demonstrated the risks of this approach and need for more visibility into back-end processes at these venues. Exchanges have their place in the ecosystem due to their other functionalities but aren’t necessarily the best custodian of assets. A common approach is leaving a designated percentage of assets on exchange for immediate trading while storing the bulk of funds in a more dedicated custody environment.Examples: Coinbase, FTX
- Institutional Third-Party Custodians: Institutional third-party custodians are more regulated custodians who hold on to crypto on behalf of a user and are generally liable for what happens to it. This category represents a good mechanism for holding onto assets longer term or for storing assets between use on exchange. A user's assets are held in segregated wallets, and operations occur with high degrees of transparency. This solution relieves crypto-native institutions from the burden of dealing with the operational headaches and risks of self-custody while providing more transparency than holding assets on an exchange. However, custody platform interfaces and policies can be cumbersome and operationally limit a company's flexibility with its assets. As an example, some platforms only have a few dedicated transaction windows each day, while others aren’t integrated into various DeFi applications. These platforms are also fairly costly in an absolute sense.Examples: Coinbase Custody, BitGo, and Fidelity.
- Technology Providers: Technology provider platforms seek to secure funds while allowing users more flexibility than institutional third-party custodians & exchanges by placing users in more direct control of their digital assets. Common approaches involve Multiparty Computation (MPC), where underlying key shards are distributed across parties and require N-of-M shards to sign transactions. These platforms are designed for improved user experience while still allowing customers to enforce transaction policies and distribute control. For more crypto-native or technologically-oriented institutions with active crypto deployments, technology providers are typically the favored custody method. However, institutions should make sure that they back up key shards, practice disaster recovery, and set-up their environments with rule sets that prevent malicious behavior.Example: Copper, Fireblocks.
- “Basic” Self-Custody: Self-custody involves individually storing crypto assets in a hardware or software wallet (either general purpose or network-specific). These solutions can be the quickest to spin up and have the most flexibility. However, it’s important to proceed with caution. Self-custody is the highest-risk custody approach with the fewest controls. Unlike other platforms, a user cannot set up a transaction approvals process and are responsible for backing up and storing keys themselves. For companies that choose to go the self-custody route, we recommend:
- Make sure the key is securely backed up. Both physical backups and encrypted digital backups can be used.
- Always use a hardware wallet if possible.
- When using a software wallet, operate on a segregated device to eliminate the risk of phishing and malware.
- Regardless of what platform is used, be hyper-vigilant about what you sign and what contracts you interact with. More on this below.
Examples: Hardware ledgers such as Ledger, software wallets such as Coinbase Wallet and MetaMask.
Best Practices in Institutional Custody
Employing a curated combination of these tools often is the best approach for any given company. For example, if a company has an asset they are holding long term, they could manage it via a third-party custodian, and if they have another asset with which they’d like to be traded actively, they can employ a technology provider. Additionally, every platform doesn’t support every network, so institutions might need to use several tools to manage the long tail of assets.
Whether using one tool or many, we recommend employing the same best practices among the entire suite of utilizable platforms. Some of these practices include:
- Setting up standard processes around approvals, risk limits, etc. Enforce these through platforms as you can; if not, manually enforce this via internal company policies.
- When sending funds to new addresses or interacting with new contracts, always execute a test transaction first. When working with new contracts, inspect these yourself, and verify them via application developer pages or other trusted third parties.
- Use an address book to maintain a list of verified addresses safe for future interaction.
- Be thorough: after both test and full transactions, verify receipt or that the intended action occurred.
- Record activity using excel or other methods for future reference.
- Regularly review technologies, partners, and policies to make sure your setup is fine tuned for your needs and the overall environment.
- Setup appropriate monitoring of wallet addresses and associated activity.
The Future of Digital Asset Custody
The institutional custody landscape is constantly advancing as crypto becomes a more broadly-adopted asset class, whether it be new potential regulation or new tools. Recent events have placed a renewed focus on who holds a user's assets, yielding further development of solutions such as Copper’s ClearLoop, Fireblocks’ off-exchange product, Jump’s Silo project, or Coinbase’s recent announcement of their Wallet as a Service product. I expect the custody landscape to look significantly different in the future (stay tuned for another post!) as companies continue to develop tools and products, pushing users further and further away from writing down 24-word mnemonics to secure assets.
We at Hivemind are constantly learning and adding new measures to our own approach. As we navigate this quickly changing environment, we hope this high-level breakdown of existing custody solutions helps you understand our thinking and make educated decisions about your assets.