Yala’s Move from Centralized Custodianship to Decentralized Storage

In a previous article, we discussed the importance of decentralized indexers in optimizing the functionality and integrity of blockchain systems. Building on that foundation, this blog post will delve into Yala’s journey from relying on centralized custodians to adopting decentralized storage solutions.

Join us as we explore how Yala is setting the stage for a more secure and resilient DeFi ecosystem through this transition.

Yala’s Initial Storage Approach

As Yala navigates the transition towards decentralized storage solutions like Spiderchain from Botanix Labs, it is essential to ensure reliable and secure initial storage options. While Spiderchain represents the ideal decentralized model Yala aspires to, its ongoing development means Yala must initially rely on centralized custodians for treasury management and security. We’ll evaluate three leading custodial services: Anchorage Digital, Fireblocks, and Copper, each offering unique benefits tailored to Yala’s requirements.

Anchorage Digital

Anchorage Digital is a platform in the cryptocurrency space, offering a comprehensive suite of services tailored for institutional clients. It stands out as the only federally chartered crypto bank in the United States, a distinction that underscores its commitment to regulatory compliance and security. We’ll delve into the features, security measures, and transaction processes that make Anchorage Digital a leader in the industry.

Features

Anchorage Digital provides a wide array of services that cater to the diverse needs of institutional investors.

• Secure Custody: Anchorage offers secure storage solutions for digital assets, utilizing a combination of hot wallets and cold storage to balance accessibility and security.
• Trading and Staking: The platform supports advanced trading capabilities, including API access and a self-service trading interface, along with staking services for earning rewards on held assets.
• Governance and Settlement: Unique offerings like the Atlas settlement network and Porto self-custody wallet provide institutions with tools for efficient asset management and governance.

Transaction Process

Anchorage Digital employs a three-step transaction process designed to ensure that every transaction reflects the true intent of the organization. The steps are as follows:

1. Multi-User Approval: Transactions require approval from at least two authorized members of the organization, leveraging secure devices for authentication.
2. Transaction Review: Approvals are authenticated through a combination of automated outlier detection and detailed behavioral analytics, supplemented by human oversight.
3. Hardware-Enforced Logic: Only after both the organization and Anchorage Digital have given their approvals will the Hardware Security Modules (HSMs) process the transaction, ensuring an additional layer of security.

Private Key Security

One of the standout features of Anchorage Digital is its approach to private key security. Traditional models often require a trade-off between accessibility and security, with hot wallets providing accessibility at the expense of security and cold storage offering security but limited accessibility. Anchorage Digital disrupts this model by ensuring that private keys are secure without compromising accessibility.

• Multi-Party Computation (MPC): This advanced cryptographic technique allows for the secure management of private keys. MPC enables the splitting of a private key into multiple parts, which are distributed across different locations. This ensures that no single point of failure can compromise the key.
• Hardware Security Modules (HSMs): HSMs are physical devices designed to securely generate, store, and manage cryptographic keys. Anchorage’s use of HSMs ensures that private keys are protected by hardware-enforced security protocols, further enhancing the platform’s security posture.

Anchorage secure and accessible wallet

Advanced Trading Capabilities

Anchorage Digital offers trading solutions for institutional clients. These capabilities are accessible via APIs and a user-friendly trading interface. The platform supports:

Market Participation: Institutions can engage in the crypto market, utilizing tools and expert traders available around the clock.

Complex Trade Requests: The platform is equipped to handle large-size trades, illiquid assets, and other complex trade requirements, ensuring flexibility and efficiency in trading operations.

Role-Based Access Control: To enhance operational efficiency and security, Anchorage Digital implements a role-based access control system. This system defines three primary user roles:

• Admin: Admins have full access and can create and modify policies, add and remove users, and manage vaults.
• Member: Members have limited permissions, primarily focused on vault operations such as deposits and withdrawals.
• View-Only: View-only users can access account balances and activity logs but cannot perform transactions or make changes to policies.

Anchorage Digital’s innovative solutions and commitment to security set it apart in the institutional crypto space. Its federally chartered status, advanced transaction process, robust private key security measures, and comprehensive service offerings make it a preferred choice for institutions looking to securely manage and trade digital assets. The platform’s blend of security, accessibility, and regulatory compliance ensures that it meets the demands of institutional clients, positioning it as a leader in the evolving digital asset landscape.

Fireblocks

Fireblocks is a secure digital asset platform designed for institutional clients, including banks, exchanges, and hedge funds. It offers comprehensive solutions for custody, transfer, and issuance of digital assets, leveraging advanced security technologies like Multi-Party Computation (MPC-CMP) and hardware security modules. This chapter explores Fireblocks’ key features, private key security measures, and overall architecture, highlighting why it is a preferred choice for institutions.

Features

Fireblocks provides a robust suite of services tailored to the needs of institutional clients:

• Digital Asset Wallets: Secure, scalable MPC-based wallets with advanced key management for diverse operations such as treasury, trading, cold storage, NFTs, smart contracts, and user wallets.
• Platform Governance: The Policy Engine automates governance policies for transaction rules and admin approvals, ensuring that transactions are handled according to predefined rules.
• Treasury Management: Centralized wallet and address management to simplify crypto and NFT treasury operations, supported by the Fireblocks Network for secure and automated transfers.

Private Key Security

Fireblocks employs a multi-layer security approach to safeguard private keys and digital assets. This includes:

• MPC-CMP (Multi-Party Computation): A cryptographic technique that splits private keys into multiple parts, stored across various locations, ensuring that a complete key is never assembled. This protocol enhances security and operational flexibility while reducing transaction time.
• Secure Enclaves: Utilizing Intel SGX, Fireblocks isolates and protects cryptographic materials and algorithms within a hardware-level enclave, preventing extraction even if the server’s OS is compromised.
• Policy Engine: Configurable rules for transaction handling and approval, protected by SGX and distributed across multiple MPC servers, ensuring integrity and security.

Use Cases and Business Applications

Fireblocks supports a wide range of applications, enabling businesses to leverage digital assets securely and efficiently:

• NFT Marketplaces and Platforms: Secure management and transfer of NFTs.
• Treasury Management: Centralized control of digital asset treasuries.
• Digital Asset Custody: Secure storage solutions for various digital assets.
• CeFi and DeFi Trading: Enhanced trading capabilities for centralized and decentralized finance.
• Cross Border Payments: Secure and efficient cross-border transaction solutions.
• Web3 Gaming: Support for gaming applications in the Web3 ecosystem.
• Tokenization and Staking: Secure platforms for token issuance and staking operations.
• Smart Contract Security and Management: Ensuring the security and integrity of smart contracts.
• Wallets for Retail Applications: Providing secure wallet solutions for retail businesses.

Fireblocks combines cutting-edge security technologies and comprehensive service offerings to meet the stringent demands of institutional clients in the digital asset space. Its multi-layered security architecture, robust governance framework, and versatile applications make it a preferred platform for institutions looking to securely manage, transfer, and utilize digital assets. By providing a secure and efficient environment for digital asset operations, Fireblocks continues to be a foundational element for thousands of digital asset businesses globally.

Copper

Copper is a comprehensive institutional digital asset platform that offers secure custody, prime brokerage, and collateral management services. The platform also provides DeFi connectivity, staking, wallets-as-a-service, and treasury management. This chapter explores Copper’s key features, private key security measures, and overall architecture, highlighting its role in facilitating secure and efficient digital asset management for institutions.

Features

Copper delivers a robust suite of solutions tailored for institutional clients:

• ClearLoop: This innovative solution enables off-exchange settlements, allowing institutions to trade on exchanges without moving assets out of Copper’s secure custody. This feature integrates with leading exchanges like ByBit, OKX, Bitfinex, and others.
• Copper Network: Facilitates institutional settlements across the blockchain ecosystem, enhancing connectivity and security for large transactions.
• DeFi Connectivity: Supports integration with over 10 blockchain networks, enabling seamless interaction with decentralized finance (DeFi) platforms.
• Treasury Management: Offers centralized wallet and address management, streamlining the administration of digital asset treasuries.

Private Key Security

Copper employs advanced security measures to ensure the integrity and safety of private keys and digital assets:

• Multi-Party Computation (MPC): Each vault is controlled by three individual entities using MPC technology. This ensures that a single entity does not have complete control over the private keys, significantly reducing the risk of key compromise.
• Secure Custody: Copper’s custody solutions leverage MPC to distribute control and enhance security, making it a trusted option for institutional clients.

Multi-Layer Security Architecture

Copper’s security framework includes several layers designed to protect against various attack vectors:

• Layer 1: MPC-Based Custody: Enhances private key security by decentralizing control and ensuring that keys are never fully assembled in one place.
• Layer 2: ClearLoop Integration: Provides off-exchange settlement capabilities, allowing secure trading without transferring assets from custody.
• Layer 3: Copper Network: Facilitates secure institutional settlements, reducing the risk of manual errors and enhancing overall security.
• Layer 4: DeFi Connectivity: Ensures secure interaction with decentralized finance platforms, supported by Copper’s robust infrastructure.

Use Cases and Business Applications

Copper supports a variety of applications, enabling institutions to leverage digital assets securely and efficiently:

• DeFi Connectivity: Secure integration with multiple blockchain networks for decentralized finance operations.
• Staking: Secure platforms for staking digital assets, allowing institutions to earn rewards.
• Treasury Management: Centralized control and management of digital asset treasuries.
• Custody Solutions: Secure storage of digital assets using advanced MPC technology.
• Wallet-as-a-Service: Provides customizable wallet solutions for various institutional needs.

Copper’s innovative solutions and advanced security measures make it a leading platform for institutional digital asset management. Its unique ClearLoop solution for off-exchange settlements, comprehensive custody services, and multi-layer security architecture ensure that institutions can manage and trade digital assets with confidence. By providing a secure and efficient environment for digital asset operations, Copper continues to support a wide range of institutional clients in the evolving digital asset landscape.

Side by Side Comparison

All three platforms offer the reliability and security necessary for Yala to establish itself and begin scaling in the DeFi marketplace. Let’s compare them side by side.

Side by Side Comparison

Road to Decentralized Storage With Botanix Labs and Polyhedra zkBridge

Yala’s journey toward decentralized storage is a step-by-step process. As part of this shift, we will use Spiderchain from Botanix Labs. Spiderchain introduces “Forward Security,” ensuring long-term protection of digital assets. Another solution we’ll use is Polyhedra’s zkBridge to seamlessly do cross-chain interactions.

One of the novel breakthroughs of the Spiderchain is its “Forward Security”. Traditionally used in cryptographic encryption protocols to ensure long-term security of private keys, these principles are now applied to blockchain security through the Spiderchain.

Forward Security in Cryptography

Forward security, also known as future security, is a cryptographic concept that ensures the resilience of systems against the compromise of long-term secret keys. The primary goal is to prevent attackers from decrypting past communications or transactions, even if they manage to acquire a cryptographic key in the future.

Achieving forward security involves techniques such as:

1. Key Rotation: Periodically changing cryptographic keys to limit the impact of key compromise.
2. Ephemeral Keys: Using short-lived keys for individual sessions or transactions, which are discarded after use.

The Spiderchain’s Forward Security

Similar to encryption protocols’ vulnerability to long-term key exposure, the Spiderchain’s Layer 2 Proof-of-Stake protocol must defend against attackers gaining majority control of the stake. In the Spiderchain EVM, which stakes Bitcoin on Bitcoin, forward security is crucial.

1. Multisig Rotation: New Bitcoin entering the Spiderchain is stored in new multisigs controlled by random Orchestrators. This ensures that future malicious actors cannot control older multisigs.
2. Liveness Epochs: Every epoch, a new set of keys is generated among Orchestrators, verifying the liveness and ensuring continuous security.
3. LIFO Management: Last In First Out (LIFO) inventory management is chosen to protect older bitcoins, ensuring they are secured by the oldest orchestrators.

These techniques ensure that even if a malicious actor gains a 2/3rds majority, they cannot compromise stored Bitcoin, maintaining the security and integrity of the Spiderchain.

Inventory Management

When performing a bridge-out, Spiderchain uses LIFO inventory management. This ensures that the oldest coins, secured by the oldest orchestrators, remain protected, preventing malicious adversaries from gaining control over these assets.

Botanix Labs’ choice of LIFO management provides higher security guarantees, making it difficult for adversaries to compromise older coins, thereby maintaining the forward security of the Spiderchain.

By utilizing Spiderchain, Yala aims to safeguard all actual Bitcoin transactions through a system that evolves continually to adapt to new security challenges and technological advancements.

Polyhedra zkBridge

Polyhedra Network introduces a Bitcoin messaging protocol with zkBridge, significantly enhancing Bitcoin’s interoperability with other layer-1 and layer-2 networks and applications. It is compatible with Bitcoin innovations like Ordinals, BRC-20, and Atomicals. This ensures security through zero-knowledge proofs, facilitating trustless cross-chain Bitcoin token swaps and enhancing liquidity and integration across the blockchain ecosystem.

Bitcoin as a Sender Chain

Bitcoin as a sender chain, is fully compatible with the current zkBridge framework. zkBridge enables the updater contract (i.e., the light client contract) on the receiver chain to directly verify the consensus of Bitcoin, as well as each transaction on Bitcoin through verifying the Merkle proof. This compatibility ensures that both the consensus proof and the transaction Merkle proof on Bitcoin can be secured comprehensively by zkBridge.

Bitcoin as a Receiver Chain

Though Bitcoin lacks native smart contract functionality, zkBridge overcomes this with a Proof of Stake (PoS) mechanism. Validators stake native tokens (e.g., ETH for Ethereum) and are authorized to write data to the Bitcoin network. Validators reach consensus on the correct message using a Multi-Party Computation protocol.

Bitcoin as a Receiver chain. ZkBridge Ethereum -> Bitcoin architecture.

Trustless Cross-chain Bitcoin Token Swap Protocol

The protocol involves two counterparties — a maker and a user — and enables direct token swaps between Bitcoin and other networks. Here’s a step-by-step overview:

1. Maker Deposits: The maker deposits BTC to a Bitcoin liquidity pool and collateral to an Ethereum collateral pool, specifying a receiving address for WBTC.
2. User Deposits: The user sends WBTC to an Ethereum liquidity pool, held until the maker submits proof of BTC transfer on Bitcoin.
3. BTC Transfer: The maker transfers BTC to the user’s receiving address on Bitcoin from the liquidity pool.
4. Proof Submission: The maker submits proof of the BTC transaction to an Ethereum smart contract using zkBridge.
5. Verification and Release: The smart contract verifies the proof and releases tokens to the maker. If the proof is not submitted on time, the collateral is slashed and compensated to the user.

Cross-chain token swap Polyhedra zkBridgeCross-chain token swap Polyhedra zkBridge

Conclusion

Selecting the right custodian will ensure Yala maintains high standards of security and efficiency as it prepares for a future with decentralized storage solutions like Spiderchain. Combining Botanix Labs’ Spiderchain and Polyhedra Network’s zkBridge is a key step in our commitment to enhancing security and embracing blockchain’s core principles of decentralization and transparency.

To stay updated on the progress, feel free to follow our developments on GitHub.

Keep an eye on Yala as we keep pushing the boundaries of innovation and shaping the DeFi space’s future.

About Yala

Yala connects Bitcoin liquidity with a meta yield stablecoin. Designed as both a potent asset and a liquidity enhancer, the stablecoin, YU, operates across various ecosystems, increasing efficiency without the need for bridges or relocating the underlying Bitcoin. Yala empowers Bitcoin holders and ecosystem participants with expanded utility, all while maintaining the security of Bitcoin’s infrastructure.

Website | Twitter | Telegram | Discord | Medium | Docs