10 TIPS TO BETTER SECURE BLOCKCHAIN ASSETS - PT 2
Last week, in part 1, we looked at how people & processes can be instrumental in reducing single points of failure and building resilience in your business. This first decade has taught our nascent ecosystem many important lessons and the first two are essential:
- As soon as possible, identify at least two or three key management individuals who will share the responsibility of co-managing blockchain assets. Never rely on a single individual.
- As soon as possible, divide assets into several wallets and decide who amongst your key personnel will co-manage each wallet. Never rely on a single wallet.
This week, we will explore how technology can complement people & processes as part of multifaceted strategy to efficiently secure your blockchain assets.
TECHNOLOGY
Over this last decade, many tools have emerged enhancing the safety of blockchain assets. Using the right combination of software and hardware can yield dramatic improvements in your company’s ability to efficiently secure its assets.
Once you have identified which key individuals should co-manage your assets, you should provide them with the right tools to enable them to do their job with confidence and peace of mind.
MITIGATE RISKS OF DIGITAL THEFT - PT I
Even the smartest hackers can only get their hands on private keys stored on computers connected to the internet. For this reason, hot wallets should be used with extreme caution and only when absolutely necessary.
In February 2014, Mt. Gox revealed it had lost 850,000 BTC to hackers. Shortly after, in April 2014, the world’s largest bitcoin exchange (at the time) officially filed for liquidation.
In January 2018, Japanese exchange Coincheck lost $500 million worth of NEM to hackers. Four years later, yet their mistake was the same as Mt Gox: they had stored too much value in hot wallets.
More recently, in May 2019, Binance became yet another victim of a digital heist costing the company 7,000 BTC. Once more, hackers demonstrated how even large companies with sophisticated security can find it challenging to secure hot wallets at all times.
If your company only makes occasional transactions, chances are hot wallets are not needed at all. If your company makes multiple daily transactions and absolutely needs to use hot wallets, make sure they only hold a small amount of funds for brief moments.
TIP 3
AS MUCH AS POSSIBLE, AVOID USING HOT WALLETS. IF YOU MUST USE THEM, AVOID HOLDING LARGE AMOUNTS FOR EXTENDED PERIODS OF TIME.
MITIGATE RISKS OF DIGITAL THEFT - PT II
As early as possible, your company’s assets should be controlled by more than a single private key. Otherwise should that single key ever become compromised, one way or another, catastrophic consequences may ensue as painfully illustrated in the cases of Mt Gox, QuadrigaCX, and Coincheck. All of them could have avoided painful losses had they used multisig wallets.
Multi-signature technology (a.k.a. multisig) has been around for years and blockchains such as Bitcoin and its numerous clones can all be protected by multisig at the protocol layer. Other blockchains, such as Ethereum, make use of multisig smart-contracts to protect their digital assets.
As the name indicates, multisig technology relies on multiple private keys cosigning in order to validate outgoing transactions.
Often known as M-of-N wallets, multisig wallets are constructed with 3 important parameters:
- how many and which keys may cosign transactions. This parameter is referred as N.
- how many keys must cosign to validate transactions. This parameter is referred as M.
For example, a company with 4 key individuals could create a 2-of-4 wallet where 4 keys may cosign transactions but only 2 are necessary to validate transactions. The same company may also wish to create a 4-of-4 wallet where all 4 keys must validate every outgoing transaction.
The best multi-signature schemes should not be set in stone and should evolve with time as your business grows and circumstances evolve.
TIP 4
AS EARLY AS POSSIBLE, FOR EACH OF YOUR WALLETS, DEFINE A MULTI-SIGNATURE SCHEME INVOLVING YOUR SELECTED KEY PERSONNEL.
To be continued...
Next week, we will be introducing an additional strategy to mitigate risks of digital theft as well as one to mitigate risks of accidental damages.
__________________________________________________________________________
Can't wait for next week? Subscribe to Knabu's newsletter and we'll send you our free guide: 10 TIPS TO BETTER SECURE BLOCKCHAIN ASSETS
In this guide, you will discover HOW TO BEST MITIGATE RISKS OF:
- SINGLE POINTS OF FAILURE
- DIGITAL THEFT
- ACCIDENTAL DAMAGE
- BURGLARY
- DEADLOCKS
- INSIDER FRAUD
- COERCION
__________________________________________________________________________
This post was originally posted on Knabu's Blog.