visit
Keep your key storage in house. There are very few reasons to outsource the security risks associated with storing and managing your encryption keys. However, this what often happens at companies dealing with digital asset custody. These companies overgrow with analytics, support, marketing, and administrative personnel, but end up relying on BitGo and others to sign their transactions.
Crypto custody is hard. BitGo as much as you do. Snowden taught us the importance of end-to-end encryption, but we still failed to understand the fundamental problem with outsourcing encryption. We've put too much trust in Google employees who did not care about their client’s privacy enough to .
Encryption was being worked on prior to Snowden but it didn't seem like a high priority because there was no evidence it would achieve anything useful, and it rquires a lot of resources.
CS degrees are no guarantee of expertise. Cryptographers are as good at implementing protocols as interior designers are at laying brick. You also can't hire astrophysics PhDs hoping that they'll figure it out on the job. They will sit there for a year reading articles and dreaming up . Neat idea, until or Vitalik decides to fork Ethereum on Friday evening.
Amateur key management setups have plagued existing crypto custody providers and stopped others from joining the market. Some are straight from spy novels and TV shows. Others will likely make their way to DEFCON slides in the coming years.
A few basic things to remember. Swiss mountains don't add an extra security layer. Airgapping cold wallets without proper access and emergency procedures is useless. IP address attribution and SMS as a second factor authentication are fundamentally broken. Hardware wallets aren't any more secure than a regular smartphone, but attract way more attention to their users. exists. So does .
Talk to your local key management professional. What you really need is a team of highly experienced software and infrastructure engineers led by security professionals, preferably the ones that haven't . Getting them won't be easy. The post-Snowden IT security job market has been vacuumed by armies of corporate and government recruiters. Big IT companies and three-letter agencies catch talented kids well before they graduate college. Anyone who doesn't have the time or expertise to grow talent internally is mostly out of luck.
Think outside the box. There are still plenty of people who are unable or unwilling to pass security clearances or pee in the cup. You can also pick up whole teams by looking outside the crypto space. Unlike what you've been told, blockchain is not magic. It's a decentralized system like many others, and we have plenty of hustling security-oriented startups staffed with talented network, database, and systems engineers.
Open up and focus on fundamentals. Anything and anyone who doesn't need to have access to your keys can and should be outsourced. Establish relationships and offload your headaches to professionals in their respective areas. Unless you plan to , you will need to put KYC and AML programs in place. Regulators will ask you to watch hundreds of metrics and produce dozens of reports every day, but they will not say which ones upfront. You are better off letting someone else argue with them about the methodology of . Your IT department will thank you for it.
Separate auditing and compliance. While the goal of a compliance team is to produce good-looking reports for the regulators, an auditor is there to show you weak spots in your setup. Hire an outside Red Team and give them sizeable bonuses for discovering vulnerabilities. Security by obscurity only works to a certain point - publish your security designs and . Create an and let people gradually poke holes in your systems. and the ability to laugh at yourself go a long way in saving you public humiliation.
Remember, it's a marathon. Any asset custody is about reputation and companies that shift their security risks to others will not last long. When their assets under management reach critical mass, many of their security mechanisms will fail at once. When someone robs a bank, getting to the vault is only the beginning. Getting away with the loot and spending it is an equal problem. There's always a chance of catching the thief and getting the money back. Not so much in crypto. Bitcoin money laundering services cost 1-4% of the total sum. Hackers will start looking into yachts the second they get to your private keys.
Digital currency money laundering services offered at a Russian darknet marketplace.
Illustration by