Published Mar 18, 2021
By Anthony Foy, CEO Qredo
As fears of inflation take hold and negative rates loom on the horizon, even the most conservative of institutional investors—corporate treasurers—are looking to park surplus cash in digital assets.
According to Gartner, 5% of chief financial officers and senior finance leaders said they planned to hold bitcoin on their balance sheets in 2021. Yet digital asset infrastructure isn't fit for the purpose. Most custodial technology is still struggling to guarantee security and liquidity, never mind offering treasury tools for automating workflows, managing liquidity, and reporting.
As a result, corporate treasurers holding crypto often rely on a fragmented set of tools to manage digital asset exposure. A combination of hot and cold crypto wallets are typically used to manage capital, creating considerable operational security risks and making reporting cumbersome, with employees needing to spend hours poring over disparate data sources to understand the company’s position.
This custody infrastructure is often implemented in one of three ways — self-custody, collaborative custody, and third-party custody.
Take complete control of your digital assets
Unlike institutional investors that are bound by the Custody Rule to use a qualified custodian, corporate treasurers can follow Satoshi's vision of financial sovereignty and take custody of their own coins.
This is like holding your own gold in a personal vault. Yet with bitcoin, you can take full control by simply holding the private keys — the cryptographic code that confers ownership of the assets.
Single signature crypto wallet
Small enterprises might self-custody by holding digital assets in a single signature hardware crypto wallet. The private key is held in a secure hardware enclave on a USB stick, which can be plugged into desktops or cellphones to sign transactions.
Single signature crypto wallets confer complete control over the assets, allowing a chief executive or financial officer to quickly make transactions.
For all but the tiniest organizations, it's untenable for a single executive to be involved in every transaction. Sharing a crypto wallet with different members of staff is possible, but is cumbersome and removes accountability as it becomes difficult to know who has signed each transaction.
Single signature crypto wallets create a major single point of failure. Whoever holds the crypto wallet could potentially die and take the funds to the grave, run off with the dosh, or fall victim to a $5 wrench attack.
Multi-signature crypto wallet
Security concerns and lack of flexibility of single signature crypto wallets will lead most corporate treasurers to consider multisig solutions.
If single signature crypto wallets are the equivalent of a gold vault with a single key, multisig crypto wallets are like a safe deposit box with a set number of keys (M), of which a certain number (N) are needed to unlock the box.
This is typically referred to as “M-of-N", where M is the total number of keys and N is the number required to authorize transactions. Typically 2-of-3 or 4-of-5 signers need to agree before a transaction is approved.
Multi-signature crypto wallets can be configured with different permission levels, enabling keys to be distributed between core members of staff in multi-step approval schemes.
The more signatures needed to approve a transaction, the more cumbersome, time-consuming, and expensive the process becomes. On-chain transactions can take hours to clear on congested underlying blockchains, and incur double or triple digit fees for simple routine tasks.
Even with complex signing procedures in place, there is still the possibility of collusion — especially when employees holding keys leave the company.
Multisig solutions lack flexibility because they are tied to specific blockchain addresses. So if you want to change your custodial policies by adding or removing a party, you will need to move funds to a new signing arrangement on the underlying chain. Moreover, most multisig solutions max out at around 15 signers, making it difficult to create a solution that can scale to meet large company needs.
On-chain multisig transactions can be viewed on a public ledger. So if the address is shared, the chain of transactions is exposed. This could reveal sensitive signing schemes and workflows to potential attackers.
2) Collaborative Custody
Share control of digital assets with an external co-signer
Collaborative custody involves delegating permissions to a third party that acts as either a backup or an active co-signer. This can be implemented with multisig, or multi-party computation (MPC) based on a threshold signature scheme (TSS).
Common collaborative custody arrangements require the owner to keep two private keys in their possession, relinquishing the third to a semi-custodial service to reduce single point of failure risk.
On-chain collaborative custody with multisig
In a collaborative custody arrangement using a multisig crypto wallet, a corporate treasurer might hold two of three keys, and give one to a third party.
Improves operational security by sharing the burden of key management across multiple parties.
Shares the same downsides as ordinary multisig, and adds an additional security hole in the form of a trusted third party.
Off-chain collaborative custody with MPC TSS
"I believe TSS (threshold signatures scheme) will reshape the landscape for wallets and custodian services. It is far superior to multi-sig" — CZ, Binance
MPC TSS (multi-party computation with a threshold signature scheme) can also be used for collaborative custody arrangements.
The difference is in the implementation. While Multisig crypto wallets typically use on chain transactions, MPC TSS takes the signing process off chain, relying only on a single signature created with distributed nodes that contain secrets representing parts of the private key.
Transactions can be signed faster off chain because they don't rely on transacting on slow underlying chains.
Signatures computed off the chain do not incur network fees.
No need for multiple wallets for different blockchains, which is cumbersome to deal with and makes reporting difficult.
While multisig wallets are tied to a specific blockchain, MPC works on the standardized cryptographic signature algorithm (ECDSA) that can be implemented across 95% of blockchains.
MPC TSS offers enhanced privacy because transactions are not conducted on chain, preventing potential attackers from peering into your company signing arrangements.
MPC TSS solutions implemented in centralized databases are honeypots for hackers. For example, cryptographic keys have been repeatedly leaked from Intel's SGX cloud infrastructure.
If all the MPC nodes are controlled by a centralized organization, then assets could still potentially be vulnerable to employees gone rogue, cloud providers, or other colluding partners that might decide to empty the wallet. As the QuadrigaCX saga illustrated, bad internal actors can be the most likely cause of digital asset losses.
Organizational signing structures like approval thresholds are typically implemented in an opaque software layer that operates independently of the blockchain, undermining the security of the system.
Limited capacity to provide immutable audit logs for reporting.
3) Third-party custody
Deposit assets with a trusted third party
"Any crypto wallet that won’t give you your private keys should be avoided at all costs" - Elon Musk
Corporate treasurers might choose to delegate custody. This is the equivalent of depositing gold with a vaulting company, and is typically accomplished using multisig crypto wallets controlled by a third party.
Handing digital assets over to a custodian means no technical knowledge is needed.
Handing assets to a third party that can freeze them or restrict access reduces safe haven appeal of cryptocurrency. Assets can be seized or hacked, eroding their ability to offer company individual sovereignty and financial privacy.
Instead of storing assets in segregated accounts, crypto custodians often commingle assets in opaque omnibus accounts. This forces asset owners to rely on trust rather than being able to verify holdings on-chain.
The list of insolvent crypto custodians grows longer every year, mirroring the failures of traditional financial custodians like BNY Mellon’s custodian arm that failed to protect client assets in 2015.
Custodians charge fees, which can compound significantly over time.
Moving funds in and out of custody is slow and expensive. Withdrawal requests can often be made only during business hours and are subject to processing times of up to several days.
Decentralized custody for decentralized assets
Qredo introduces a new paradigm: decentralized custody for decentralized assets.
The private keys controlling digital assets are distributed across an independent blockchain network using a cryptographic technique called multi-party computation .
This lets corporate treasurers implement any combination of the three custody options — self, collaborative, or third party — without needing to make tradeoffs between security and accessibility.
Settle transactions instantly
Qredo enables companies to quickly maneuver around the volatile digital asset market by making instant transfers, allowing treasurers to reconcile assets in real-time between custodians, brokers and financial institutions on the Network.
Consolidate liquidity on a single dashboard
Qredo gives companies clear visibility of potential issues and opportunities by allowing them to manage digital asset holdings from one interface. Get real-time account balances and transaction info for all positions across banks, funds, customer and business wallets, group entities and regions.
Integrate digital assets with fiat treasury systems
Qredo can hook directly into your corporate treasury management system through Rest APIs.
Seamlessly delegate approval and signing authority
Qredo wallets can be customized to fit organizational needs. Multiple parties can be assigned the power to originate transactions, approve them, or run reports, and an unlimited number of signers can be appointed with any M of N threshold scheme.
Export immutable audit logs
Qredo records all transactions on layer 2 blockchain, providing an immutable record of inflows and outflows for reporting.
Easily meet compliance needs
Qredo has messaging capabilities that allows transactions to be accompanied with sender and recipient identities, allowing easy compliance with emerging regulations like the Travel Rule.
Safeguard assets with seven lines of defense
Qredo offers a unique security framework — seven lines of defense — that immunizes assets to the threat of loss from hacking or internal collusion. MPC is implemented over a decentralized network, which is protected by custom hardware and insured by Lloyds of London, underwritten by Sompo.
To find out more about Qredo wallets, contact the team.