listen to this article:
Those familiar with the cold storage/hot storage debate know that in the eyes of the public, cold storage wins. Google trends data from the past 5 years reveals that while multi-sig has the most buzz, cold storage is more talked about than hot wallets; and cryptocurrency hardware searches, specifically, spiked around the beginning of the 2018 string of exchange breaches.
Cold wallets face serious usability issues, however – especially on the institutional scale. Not just the choice of B2C token investors around the world, cold wallets are used in the “co-wallet” strategy commonly employed by exchanges. With “co-wallets,” a service keeps funds in an offline “cold wallet,” then transfers them to online “hot wallets” in order to complete client transactions.
For security reasons, most of these services use cold storage for the higher-level account, effectively keeping as much as 95% of assets offline.
The cost of such a strategy, where cold wallets are used, is twofold:
- Usability wise – it requires the authorized individuals to go physically several times a day to the room where the cold wallets are managed and authorize a cold-to-hot withdrawal transaction.
- Businesswise – the need to physically go to a cold wallet (usually a hardware security module, or HSM) prevents business institutions from responding fast enough to the volatile market changes.
In practice, this means exchanges waste a great deal of time for what is supposed to be the lightning-fast, ultra-mobile world of digital assets.
But there is a better way.
Integrating better security systems into the entire co-wallet strategy creates room for new systems of asset transfer.
Multiparty computation (MPC), a mathematically-based system of software-defined cryptography, breaks cryptocurrency keys into multiple key shares, then distributes them along multiple servers and endpoints (based on Shamir Secret Sharing) to create a decentralized authorization method.
Unbound Security’s Crypto Asset Security Platform (CASP) system goes a step further, however – introducing a series of multiple quorums into the mix which allows for unlimited m-of-n participants – and hence, risk-based policy support.
In practice, this means an organization can employ a greater level of security via Unbound Security Platform (CASP) which allows differing numbers of authorization to be set based on the asset amount, the time frame, or the account type. And it’s a strategy that not only employs “hot wallets” – safely, since MPC has a strong cryptographic secure foundation that rivals hardware – but also cuts down on transaction time and costs.
For example, Exchange A wants to complete a transaction with funds allotted to their client, Bob. To do so, the exchange can set a policy that cuts down their overhead while keeping security high as follows:
- If Bob exchanges tokens below $10,000 USD in value at trading time, the exchange conducts the transaction via a “hot wallet” secured with MPC; the transaction requires 2 out of 3 approvals to authorize.
- If Bob exchanges over $10,000 of crypto, 4 approvers out of 6 are required instead of 2 out of 3; the assets are still held in a “hot wallet.”
- If Bob wants to exchange $50,000 or more, 6 out of 10 approvers are needed, and assets are stored in a cold wallet.
The amount thresholds, of course, are arbitrary. What matters is the ability for custodial services and exchanges to be able to automate, or at least digitize, part of the approval process – and not only to upgrade their security capabilities but also to increase ROI.