Smart Storage: How Anchorage Provides Crypto Investors Greater Security and Usability

Anchorage
Anchorage
Apr 9 · 6 min read
  • how much risk your assets are exposed to when used
  • how quickly you can use your assets, and
  • whether you can safely participate in on-chain activities like staking and voting.
The conventional trade-off between “hot” and “cold” storage
Accessibility and security are independent variables

The origins of “hot” and “cold”

Hot and cold didn’t always refer to security — they used to refer only to degrees of online availability. In traditional web architecture, “hot” and “cold” describe the speed at which an online request can be fulfilled. Some web content is cached on a front line server to be available on demand, and is therefore “hot.” If a user requests something that’s not in the cache, the request will take longer to fulfill, and the requested content is therefore “colder.” Outside of crypto, “cold storage” refers to storing content offline. In digital asset custody, cold storage can take several forms, such as printing out private keys (or seed phrases, or QR codes) on paper, or holding private keys offline on specialized hardware devices.

Most major crypto breaches are hot wallet breaches

Digital asset exchanges commonly allocate a portion of their holdings to liquid hot wallets in order to meet daily trading demand. Time and again, these exchange hot wallets have proven vulnerable. For example: in January 2018, the Japanese exchange Coincheck suffered a hot wallet breach that resulted in the loss of over $500M USD. Hot wallet server compromise was also behind the breaches of Zaif ($59M), Tether ($31M), Bitcoinica (18,547 BTC, or $96M as of this writing), and others. Hot wallets, even when engineered by experts, may expose private keys online and therefore are simply not safe for holding crypto assets.

Cold does not mean secure

Most crypto custodians attempt to safeguard clients’ assets using some form cold storage, in order to protect against online attacks. Holding assets offline does greatly reduce certain kinds of risk, such as the risk of a remote hacker compromising the assets, or the risk of private keys being accidentally exposed to the public internet.

There are secure and insecure ways to use HSMs

If cold storage has operational vulnerabilities, then what should custodians do to modernize their approach to custody? In order to keep private keys safe while also making them usable, many financial services providers, and a growing number of crypto custodians, use hardware security modules (HSMs) as part of their security architecture. An HSM is a specialized device that can generate and hold private keys securely, and can use those keys to sign and approve transactions. Used properly, HSMs can be the safest place in the world for investors’ private keys, but most custodians don’t use HSMs to their full potential and leave them vulnerable to compromise.

Figure A: HSM that signs on command

How Anchorage enables secure usability

The Anchorage approach to digital asset custody architecture is unique, because we’ve strengthened our HSMs with custom business logic that runs inside the hardware (see Figure B). This ensures the HSM will process a given transaction only when certain criteria are met.

Figure B: HSM with custom business logic

Anchorage

Advancing institutional participation in the digital asset class. http://anchorage.com

Anchorage

Written by

Anchorage

Advancing institutional participation in the digital asset class. www.anchorage.com

Anchorage

Anchorage

Advancing institutional participation in the digital asset class. http://anchorage.com