04APR
Soulbound NFTs
While the crypto world continues to expand and spread around the world day by day, banks can no longer remain indifferent to this situation. Although the regulations are uncertain at many points, the concern of entering the market late and falling behind has started to become more evident.What is crypto custody?
Crypto custody is a secure storage solution for cryptocurrencies. Custody refers to who controls the access to the digital asset or cryptocurrency. As it is cumbersome for many to control their wallet through self-custody, there are crypto custodians who secure customers’ crypto assets in a custodial wallet.
From the point of view of banks, they must allow customer funds to be held and managed entirely by themselves. The customer entrusts their assets to the bank, who is then the only entity acting on the customer’s instructions The customer is not involved as a direct signing authority in this situation. Service level agreements (SLAs) dictate the terms and timing conditions regarding the storage, access, and movement of customer funds by the bank.
Where to store?
There seems to be two solutions to manage and store customers’ assets securely for institutional use; HSMs and MPC.
A MPC (multiparty computation) crypto wallet enables the private keys to split into multiple parts, known as “shares,” which are distributed among the parties involved in the MPC protocol. This allows the users to securely manage their cryptocurrency without any single party having access to the entire private key. This can help protect against various attacks, such as hackers attempting to steal customers’ cryptocurrency by compromising a single party’s private key share.
HSM on the other hand, is a hardware security module in the form of a network appliance. This box generates safe and sound public/private key pairs, holds them in a tamper-controlled enclosure, and controls access to them. They are physical computing devices that protect and store cryptographic secrets, including the private keys required for signing a transaction.
For the banks, we can assume that the customers will trust their banks fully and will not be insistent to hold any part of their private key. So it does not make sense for their custodian to use MPC. In addition, most banks already use HSMs for purposes other than crypto key storage which means that they have enough internal capabilities to operate them.
How about regulations?
The first question is whether to give “custody only” services or also to allow the customer to send or receive any digital asset without banks’ approval. If the first choice is selected, the customer does not need to have access to the private keys associated with the wallet in which the asset is stored. This is the least risky approach that a bank can take.
Banks must decide how much direct control they will allow their customers to exercise over the virtual assets held in their name. The banks risk appetite for the crypto world will help give the answer to these questions but banks should consider the intensity of the product usage, and the risk levels of customers who would have access to the crypto asset.
The second question is about which digital assets will the bank want to hold and how to choose them. For the regulatory perspective, the asset must be transparent so that it can be analyzed by blockchain analytics providers to determine whether it has a link to a high risk address. Teams with track records of success and regulatory compliance present would be a risk mitigating factor also.
Besides, in some countries, some crypto assests are considered to be a security. If that is the case for the specific asset that the bank want to give custody services, the bank should check the regulations accordingly as securities have extra obligations.
The banks must also decide to give the custody services by themselves or to find a sub-contractor to give the related services. If the bank chooses to build its own custody infrastructure it would be technically challenging and expensive but will give the bank flexibility, self-management and customization. On the other hand third-party solutions are best suited to banks which don’t want to deal with the technical complexities by themselves or want to access the market faster. There are lots of solutions capable of offering bank-level protection for crypto security and safety.
Conclusion Crypto assets are no longer exotic instruments in the financial ecosystem. The rise of cryptocurrency as an asset class is bringing increased attention to the importance of security and trust — as well as the growing need for regulations and standards of operation — in the space.
As legal and regulatory requirements for custody providers take shape, it may become even more important for custody providers to have a strong commitment to compliance and security so that they can be best positioned to serve their customers today and in the future. Custody, the manner in which digital assets are stored and managed, has been a missing piece of the cryptocurrency market infrastructure and to fill this gap, banks are the most reliable candidate.