On our mission to build the future of money, we want crypto users to be educated and make informed decisions. In this three-part series, we will cover the most important factors to consider when choosing how, why, and who to store your crypto with for optimal safety and security. Today we start with the basics, the three tiers of crypto custody.
Part One: The Basic Tiers of Crypto Custody
Crypto Custody is a broad term that can be applied to a number of different solutions for cryptocurrency storage. People have many choices when it comes to storing their crypto, and the connectivity of those solutions poses unique concerns for customers. Solutions range from self-custody options like a hardware or software wallet, to third-party, offline storage.
Custodying cryptocurrency (such as bitcoin, litecoin, ether, and many others), as opposed to other assets like cash, securities, or objects, requires a new kind of infrastructure — one that differs from the traditional paper-and-safe approach in banking.
Custody needs also vary. For instance, some investors might need to infrequently access or move their cryptocurrency compared to others who trade more frequently. Some investors might prefer to self-custody, while some institutions might require a third-party solution. There are three tiers of crypto custody available.
1. Self-custody: Build your own solution
There are many ways to self-secure cryptocurrencies. Approaches can range from using consumer hardware wallets, to creating complex setups for the duplication, storage, and backup of your printed-out private keys (private keys are akin to your “password” — they allow you to access your crypto funds).
Many people want complete control of their cryptocurrency, and self-custodying provides a good solution. However, consider the difficulty in managing passwords and the frequency with which you may have a password reset performed. When dealing with self-storage and private keys there are no resets, a lost key is gone forever. Self-custodying, like keeping cash in your physical wallet or locked in drawer, poses its own risks. There is no third-party involved to manage that risk (or your funds) if you were to lose access to your keys, experience a destructive event like a fire or power outage, or pass away unexpectedly.
Holders should consider their access to software updates, as well as their personal capacity to correctly backup, restore, and implement geographic redundancy. Individuals should also consider how family members or intended beneficiaries would recover funds in emergency situations.
2. Partial custody: “Wallet plus” solution
An emerging option in the cryptocurrency custody market is a self-managed wallet that offers some level of third-party assistance and related institutional controls or protections. Such an option may align to the needs of certain retail or high-net-worth investors who want to control their holdings, but also desire some level of assurance and institutional protections shy of full third-party management.
“Wallet plus” solutions scale up from basic hardware wallets by applying protocols such as two-factor authentication (or other identity verifications) and/or basic multisignature protections, where the third-party possess a key for co-signing the customer’s transactions.
This amounts to a form of split or partial custody, in which the customer and the third party are generally required to cooperate as part of the signing process. However, the exact amount of control either party has to sign the transaction without the other party — such as in the event of an emergency — depends both on the legal arrangement between customer and provider and the specific key management model of the custody solution.
Customers should consider (and ask about) the potential for third-party access and/or movement of their funds without their key. They should also be mindful of how a “wallet plus” provider handles software upgrades and practical concerns such as backup, recovery, and identity verification.
3. Third-party custody: Managed solution
Third-party custody solutions allow customer funds to be held and managed entirely by a solutions provider. The user entrusts their assets to the custody provider, who is then the only entity acting on the customer’s instructions (the customer is not involved as a direct signing authority). Service level agreements (SLAs) dictate the terms and timing conditions regarding the storage, access, and movement of customer funds by the third party.
Third-party solutions are best suited to investors and institutions, such as asset managers, hedge funds, and/or high-net-worth individuals. They are the only solutions capable of offering bank-level protection for crypto security and safety, as they provide the most robust level of third-party control. That said, third-party custody solutions in the market today vary drastically in terms of what they offer (as we’ll discuss in part two of this blog series).
Customers also have the option to use multiple third parties (full-custody or wallet-plus) if they want two or more providers involved to verify instructions and move funds.
We know that there are a lot of products out there that market security, or offer low fees. We believe a third-party custody solution provided by a Qualified Custodian is the best way for institutions to store cryptocurrency.
Keep a lookout for our next two posts in this series. In part two we will dive deeper into institutional-grade custody solutions. In part three we will focus on questions and considerations when choosing a crypto custodian.
Onward and Upward,
Brian KimJohnson, Software Engineer, Wallet Lead