The Art of Safekeeping: Your Guide to Keeping Digital Assets Secure

A digital asset is anything stored virtually that holds value to a business. Traditional digital assets included photos, videos, and documents. But like most things in our evolving economy, digital assets have gotten smarter. Blockchain brought us cryptocurrency and NFTs, which evolved into complex financial instruments, technologies rooted in decentralization that are becoming enterprise tools.

This makes?asset platforms ?important to the future of business. So, how do we protect, measure, and trade these digital assets safely and simply— especially as new ways to?tokenize real-world assets ?come online??

In this article we’re going to talk about secure self-custody. We’ll cover different ways to manage, organize, and protect digital things. We’ll then discuss wallets, and how best to maintain control over your assets.

What is digital asset custody?

The exponentially growing market value of digital assets coupled with the virtual nature of these assets creates risk. By design, digital assets are unique and irreplaceable, which makes recovery after a hack nearly impossible. This is why digital asset custody is such a hot topic.

Alongside the need to keep digital assets secure, companies need to maintain enough flexibility to allow varying levels of access and visibility. How do different roles inside an institution access assets? Who has visibility and the power to buy, sell, or trade? As we talk about digital asset custody, we’re talking about security and usability when we design a platform.

To put some shape to all these concerns, we’ll talk about custody in a few contexts.

1. Managing cryptographic keys: How can you keep your keys secure and manage access across your organization
2. Digital asset custody solutions: How can we design platforms to fit your business needs and prepare for scale
3. Operational options and trade-offs: How can we balance security, flexibility, throughput, and connectivity to bring the value of web3 to your business

Some of these concepts may be familiar to blockchain developers but new to a business person starting to think about how web3 will impact their work, so we’ll step through each in detail below.

How does key management work?

Digital asset transactions use the distributed ledger to create a shared record of their existence, ownership, and transactions. This adds one layer of security. This system is backed by the use of public and private keys. These keys allow certain people to access the digital assets.

There are two types of keys that work together to manage digital assets:?

• Private keys: This number is randomly generated and only known to the digital asset owner. It’s used to encrypt and decrypt information. You can think of the private key as a password.
• Public keys: Public keys work like an address. This is a cryptographically derived number that is tied to a private key to point a transaction to the right place. When a public key and private key are paired, a transaction can be executed.

This flow graphic, courtesy of Deloitte, shows how public and private keys work together to facilitate a transaction.

Once you understand this password-address function of public and private keys, you can?build platforms ?to hold, manage, and trade digital assets.

How do wallets factor into custody?

As with anything in the blockchain space, there is a dilemma when we talk about speed and security, in that one often takes precedence over the other.?Wallets are no different .

To store private keys there are three options to choose from:

• Hot wallets: Hot wallets are connected to the internet. These wallets prize speed over security, as they allow for more agile trading and transactions.
• Cold wallets: Cold storage implies no internet connection, ever. Cold wallets sacrifice agility for security, as completing transactions with a cold wallet may take 24-48 hours to process, as assets need to be moved to a hot wallet.
• Warm wallets: Warm storage is a hybrid of hot and cold, wherein some assets are kept closer to the web and others in a cold hardware device. An example might be that a custody provider keeps crypto in a hot wallet, readily accessible, and NFT holdings cold, as they’re less frequently accessed.

On top of our wallet we can add security with multi-signature processing, or the requirement for multiple parties to sign off. We can balance security and speed with multi-party computing or the ability to use multiple machines to sign off on a transaction, distributed and safe but closer to instantaneous.??

What digital asset custody providers are available?

Digital asset custody services are evolving alongside the digital asset space. As more institutions tokenize real world assets and tap into native digital assets, the market demand for flexible, efficient ways to manage and transfer these assets is increasing.

Companies want to be able to interact with assets and also assess their value in real time, like stocks or bonds. Enterprises also want to be able to silo access, as permissions differ throughout an organization.?

Right now, asset managers and enterprises have four main options for digital asset custody providers:

Self-custody

Self-custody is the practice of organizations storing and managing their own digital assets, without relying on a third-party service such as an exchange or a custodian. In self-custody, the company is responsible for generating and securely storing the private keys associated with their digital assets. Self-custody offers a number of advantages, such as greater control over assets, increased privacy, and potentially lower fees.

However, it also comes with significant risks, as the company is solely responsible for the security of their assets. This means that they must be familiar with best practices for securely storing their private keys, such as using hardware wallets, and implementing strong passwords and multi-factor authentication.

Exchanges

Exchanges manage digital asset custody by securely storing the private keys that are associated with the digital assets held in their users' accounts. This is typically done through a combination of offline storage (known as "cold storage") and online storage (known as "hot storage").

Cold storage involves physically storing the private keys on offline devices, such as encrypted USB drives, in order to minimize the risk of cyber attacks. Hot storage is used to manage day-to-day transactions, and is kept in a secure, encrypted online environment.

Exchanges also implement various security measures such as two-factor authentication, multi-signature technology, and regular security audits in order to protect against hacking and theft.

Financial Institutions

Financial institutions manage digital asset custody by providing secure storage solutions for their clients' digital assets. This involves implementing strict security measures to protect the private keys associated with the assets, such as using offline storage, multi-sig technology, and secure access controls. They also conduct regular security audits and risk assessments to ensure the safety and security of their clients' assets.

Financial institutions may also offer additional services such as insurance coverage, reporting and accounting, and 24/7 customer support. These services are designed to give clients peace of mind and to provide a comprehensive solution for managing their digital assets.

Banks can provide clients with access to their assets through dedicated custody wallets, which are designed to be user-friendly and easy to use. One of the key differentiators of Kaleido's Asset Platform and why banks choose us is that we make it easy to map wallets to users and permission platform access.

Custodians

Custodians are similar to financial institutions in how they help clients, but are generally companies more focused on custody versus custody as a piece of asset management. Custodians provide clients with access to their assets through dedicated custody wallets, which are designed to be user-friendly and easy to use.

Custodians are typically regulated entities and may be subject to strict regulations and oversight in order to ensure that they meet the high standards required for managing clients' assets. This includes regular audits and reporting requirements, as well as detailed documentation of their security procedures and policies.

Custody of Native On-chain Assets vs. Tokenized Assets

When it comes to custody solutions for blockchain assets, there's no one-size-fits-all approach. Depending on the type of asset and the level of security required, different custody solutions may be necessary. For example, do tokenized assets require different custody solutions than native on-chain assets?

Custody for on-chain assets and tokenized real-world assets differ in some aspects, as tokenized assets bridge the gap between the digital and physical worlds. While they share similarities, there are notable distinctions in terms of the nature of the assets, the underlying rights and ownership, and the regulatory landscape:

• Nature of assets
• Underlying rights and ownership
• Storage and security
• Transfer and settlement
• Regulation and compliance

By considering the unique features of tokenized assets, such as their underlying physical assets and regulatory requirements, we can develop custody solutions that provide the necessary level of security and compliance. We're committed to supporting leading custody providers, so if you have one in mind be sure to bring it up with one of our solution architects.

Custody Is Easier with?Kaleido

With digital custody providers and platform architectures we have to make choices about speed, security, and levels of access. Add to this regulatory frameworks as they evolve in the digital asset space, and custody of digital assets from some perspectives feels like a moving target.

Kaleido makes all this much, much simpler.

With native wallet integrations, click-button connections to third-party custody providers, and the ability to map wallets to users at scale, we’re the partner to help you solve your digital asset custody challenges. Let's talk about digital asset custody today.

Pluggable Custody Solutions

Kaleido makes it click-button simple to build a blockchain, launch a token, and choose your custody solution. Put our platform to work for you.

Request a Demo