The “cold storage” of digital assets is a hot mess. It’s clunky, inefficient and there’s the irony of using an analogue solution (storing things offline) for a digital problem.
So what percentage of your funds should be stored in great vaults in the ground? What are the digital alternatives to cold storage? And how safe are they?
Cold storage of digital assets, such as such as security tokens, cryptocurrencies, non-fungible tokens, is often marketed as more secure than “hot storage” because the assets are kept offline, in a hard drive or other device.
However, the practicalities of cold storage have been called into question by recent cases including when the founder of a case of a cryptocurrency company, Quadriga, died, without appearing to leave the encrypted access keys account holders need to recover about C$190 million ($143 million) of cryptocurrencies held by the exchange in offline storage.
Sometimes the private cryptographic keys that are needed to buy, sell and access cryptocurrency and other digital assets are kept in vaults.
Yet these cumbersome arrangements are more than a little bizarre. For example, cryptocurrency exchanges will create a pop-up tent with its own shielded power supply and do a mass print out of thousands of private cryptographic keys.
Proponents of cold storage say that it’s just a modification of the bank vault, which is secure and can be accessed at any time of the day or night.
But what happens if the vault is destroyed by a fire, earthquake, terrorist attack, or other catastrophic event? As the International Securities Services Association, said in a report, custody services using cold storage exemplify the risk of catastrophic loss. “Just as the destruction of a physical bearer certificate used to erase all knowledge of ownership, so does the loss of private keys today. The loss becomes irreversible. In reality, the loss of the private keys is equivalent to the loss of the crypto-assets."
Also, accessing your digital assets can still be a pain. Clients of one of the main cryptocurrency exchanges must log in to the website with a USB security key to request a transfer. The details are reviewed by a team who then must make video calls with the “approvers” listed on an account, to counter the risk of humans or software mimicking its customers’ voices.
Hot wallets give instant access to digital assets but have some major disadvantages – most notably, their vulnerability to hacking.
$1.1 billion worth of cryptocurrency was stolen in the first half of 2018, according to cybersecurity company Carbon Black. Stealing cryptocurrency is easy, the company says. All that’s needed is malware, which even occasionally comes with customer service, and costs an average of $224 – or as little as about $1 on the dark web.
What percentage of funds should be stored in cold storage?
Zero. And the question we should be asking is why isn’t there a better solution for the custody of digital assets? With technology as sophisticated as the blockchain itself - post-quantum cryptography, distributed file systems, threshold ring signatures and isogeny-based key encapsulation - guaranteeing the security, account segregation and proof of reserves of digital assets should not be limited to a hole in the ground or a signal-proof tent.
There is another way to eliminate the risk of digital asset theft, and the answer is in the decentralized network itself. To find out more, download a copy of our white paper today.