Is the Future of Crypto Custody in the Cloud?
Cryptocurrencies are, by default, digitally native. All cryptocurrencies use a blockchain, a decentralized ledger technology distributed and available across thousands of different nodes around the world. The dynamic and highly distributed nature of cryptocurrencies networks requires highly dynamic and scalable services to evolve with the networks. Thus forcing a shift from on-prem to SaS-based managed services.
Custodians tasked with securing these assets generally do so by physically isolating the cryptographic keys used for managing and spending these assets — known as private keys. These keys represent ownership of the funds they control, hence the importance of keeping them secure.
But times are changing. As crypto custodians look to scale up their processes, diversify their product offerings, and reach more mainstream audiences, they are now looking to move away from the concept of ‘deep cold storage’ to a more nuanced approach that is supported by a cloud-based custody deployment.
Crypto & Security: The Quest For the Optimal Solution
From a birds-eye view, cryptocurrencies can be considered an extraordinarily secure asset class, thanks to the unparalleled security of private key cryptography and distributed ledger technology. Taken together, these ensure cryptocurrencies are resistant to a range of attacks, including 51% attacks, Sybil attacks, and brute-forcing.
But from a custody perspective, they can pose a challenge to securely manage, since the exposure of the private keys can result in complete and generally permanent loss of funds — due to the irreversibility of transactions. Moreover, the challenge of securing the private keys is compounded when you consider the need to access and manage these keys on a regular basis when processing transactions.
Though simply storing private keys in air-gapped cold storage can eliminate the vast majority of attack vectors, it is unsuitable for most custodians, exchanges, and institutional investors due to the bottleneck it poses on executing transactions — limiting business growth and scalability due to a reliance on manual processes and technology of the previous century.
Hardware security modules (HSMs) have emerged as an ideal alternative. Not only do they physically segregate private keys from internet-connected components, but they also allow for more flexible management workflows since they can be included in more complex governance arrangements.
Did you know: An HSM is a type of physical computing device used for the encrypted storage and management of digital keys.
Just like banks, which typically use a combination of offline and cloud-based technologies to secure the key assets and information of their clients, firms with exposure to digital assets are beginning to seek similar technologies to power their custody services.
However, with building a proprietary solution typically being a time-consuming and cost-prohibitive endeavor, firms like Ledger Enterprise Solutions have begun offering an attractive alternative: HSM as a managed service — which afford custodians the security and flexibility needed to offer cutting-edge custody services while benefiting the expertise of best of breed in hardware and software security.
The Scalability Paradox
Traditional financial players are increasingly looking to leverage the speed and agility of cloud technologies as part of their product offerings. With customer demands and expectations increasing each day, banks have begun turning to cloud-based solutions to stay on top of the latest trends and scale their operations as their user base expands.
With growing competition from so-called neo-banks (highly efficient and streamlined internet banks), traditional financial players have been forced to adopt cloud technologies to stay competitive, cut costs, and improve customer-side accessibility.
This has been a particular focus throughout the 2020-2021 period when more people than ever before sought to use remote accessible financial technologies as a result of the worldwide COVID-19 pandemic.
These challenges were also faced by some crypto custodians who, when faced with a rapid surge in customer demand and increased competition, found themselves struggling to keep up — often due to a simple lack of process scalability and flexibility. Many of these custodians are a simple victim of their caution and sacrificed accessibility for security by basing their custody solution on an inflexible HSM + on-premises datacenter setup.
Balancing security, accessibility, and scalability has been a long-standing issue in the crypto custody space, and until only recently, there was no one-size-fits-all solution. Custodians would use HSMs to maximize the security of their private keys or cloud technologies to boost scaling but had no option to combine the best of both.
This is the segment that leading crypto custody technology providers look to address by combining HSM-backed security with a flexible cloud-based governance layer to accommodate even the most demanding business flows.
As a fast-moving ecosystem, the most adaptable crypto custodians are the ones that are best poised to benefit from the staggering growth expected in the coming months and years — largely due to the explosion of interest in the decentralized finance (DeFi) landscape.
Did you know: The DeFi industry grew from a $700 million to a $13 billion industry between December 2019 and 2020.
In order to keep up, firms need to adopt technologies that not only facilitate their growth but are also supported by the experts that can help ensure this growth doesn’t compromise what matters most — security.
Is “on-premise” Dead?
Understandably, a large number of crypto custodians initially look to keep their entire technology stack on-premise — that is, deployed in-house and stored in the confines of their own datacenter, as opposed to “on the cloud”.
This often stems from the misconception that this setup minimizes attack surface area and gives custodians more control over their processes. However, it generally turns out to be less of a boon and more of a hindrance, due to a higher level of complexity to set up and maintain, a lack of redundancy, poor scalability, and poor cost-efficiency.
But from a performance point of view, cloud-based options are increasingly coming into focus as the most attractive arrangement for crypto custodians looking to avoid the limitations of on-premise solutions and give themselves the berth needed to keep up with rampant expected demand.
With 2021 shaping up to be potentially the most important year yet for mainstream adoption, now is the time to start thinking about whether it’s time to move your digital asset infrastructure to the cloud.