Ensuring Secure Cryptocurrency Custody: Integrating Proof of Reserves with Zero Knowledge Proof and Multi-Party Computation

This article is my own personal narrative series on the subject of Zero-Knowledge Proof application in finance based on cited sources provided and is not endorsed by any organization or to be perceived as a representation of any organization.

Introduction

A recent conversation on cryptocurrency custody brought back a long-brewing discussion on security. This discussion intersected with my current involvement with zero-knowledge proof, which made me review my thoughts, which resulted in this write-up.

Security is paramount in cryptocurrency custody, where human involvement often introduces significant risks. As a founding member of a stablecoin initiative in 2018, I’ve firsthand experience navigating these challenges. Known incidents of fraud and theft due to human errors or malicious actions underscore these risks. For instance, the 2014 Mt. Gox hack resulted in the loss of 850,000 Bitcoins, and the 2020 KuCoin hack saw $281 million worth of cryptocurrency stolen. More recently, JPEX, a crypto exchange that has lied about its domicile, was the subject of over 2,000 complaints to Hong Kong police and is accused of losing $183 million of client assets. And a DeFi operator that claims to be based in Japan, Mixin, was hacked for $200 million.

Various strategies have been implemented to mitigate these risks, such as multi-signature wallets, hardware security modules (HSMs), cold storage, Shamir’s Secret Sharing, and more. However, with the advent of zero-knowledge proofs (ZKPs) for ascertaining Proof of Reserves (PoR) and the emerging concept of Multi-Party Computation (MPC), there is potential to further enhance these solutions by providing transparency while maintaining privacy and improving security.

10 Best Practice Strategies

This best practices list is an updated version of the plan I created to address cryptocurrency-specific custody issues when I served as the CFO at JAXO LLC, a stablecoin startup back in 2018.

1. Multi-Signature Wallets

• Description: Require multiple private keys for transaction authorization, ensuring no single individual has complete control over the funds.
• Pros: Increases security by requiring multiple approvals; reduces single points of failure.
• Cons: It can complicate transaction processes and cause potential delays in transaction approval.
• Self-Custody: Users can set up multi-signature wallets requiring multiple transaction approvals, increasing security by distributing control.
• Exchanges: Exchanges can implement multi-sig wallets for their hot wallets to ensure no single employee can access funds.

2. Hardware Security Modules (HSMs)

• Description: Use HSMs for secure generation, storage, and management of cryptographic keys to prevent unauthorized access.
• Pros: Provides secure key storage and management; protects against unauthorized access.
• Cons: Expensive to implement and maintain; requires specialized knowledge to manage.
• Self-Custody: Individuals can use HSMs to generate, store, and manage their private keys securely.
• Exchanges: Exchanges can deploy HSMs to protect critical management systems, ensuring secure transactions and key storage.

3. Cold Storage

• Description: Store most assets offline, reducing the risk of hacking.?
• Pros: Keeps assets offline, reducing hacking risk; highly secure against online threats.
• Cons: Requires physical security measures to prevent unauthorized access; less convenient for frequent transactions.
• Self-Custody: Users can store their cryptocurrencies in cold storage, keeping assets offline to reduce hacking risks.
• Exchanges: Exchanges can hold most customer assets in cold storage, minimizing exposure to online threats.

4. Shamir’s Secret Sharing (SSS)

• Description: Split private keys into multiple parts distributed to trusted entities, requiring a subset to reconstruct the key.
• Pros: Distributes essential control, reducing the risk of a single point of failure; enhances security.
• Cons: Complex implementation and management; recovery process can be slow and cumbersome.
• Self-Custody: Users can split their private keys into multiple parts and distribute them among trusted entities to enhance security.
• Exchanges: Exchanges can use this method to distribute essential control among multiple executives, reducing the risk of a single point of failure.

5. Automated Processes

• Description: Automate transaction approvals and key generation processes using secure, audited smart contracts or software to minimize human intervention.
• Pros: Reduces human error and intervention; increases efficiency and consistency.
• Cons: Potential vulnerability to software bugs and exploits; requires thorough auditing and monitoring.
• Self-Custody: Users can automate processes such as transaction approvals using secure software to reduce human error.
• Exchanges: Exchanges can implement automated systems for transaction approvals and compliance checks to enhance efficiency and security.

6. Regular Audits and Penetration Testing

• Description: Conduct regular security audits and penetration tests to identify and address vulnerabilities, ensuring objectivity through third-party auditors.
• Pros: Identifies and addresses vulnerabilities; enhances overall security posture.
• Cons: It can be costly and time-consuming; it requires expertise to conduct effectively.
• Self-Custody: Individuals should periodically audit their security practices and test for vulnerabilities.
• Exchanges: Exchanges must conduct regular third-party security audits and penetration tests to identify and address vulnerabilities.

7. Access Controls and Segregation of Duties

• Description: Implement strict access controls and role-based access control (RBAC) to limit permissions and segregate duties, ensuring no single individual has complete control.
• Pros: Limits risk of internal fraud and errors; ensures no single individual has too much control.
• Cons: It can create administrative overhead and requires careful management and enforcement.
• Self-Custody: Users can set up strict access controls for their wallets and accounts.
• Exchanges: Exchanges should enforce role-based access control and segregate duties among employees to prevent fraud and errors.

8. Biometric and Multi-Factor Authentication (MFA)

• Description: Use biometric authentication and MFA for necessary human interactions to add an extra layer of security beyond passwords.
• Pros: Adds an extra layer of security beyond passwords; challenging to bypass.
• Cons: It can be seen as invasive and may require additional hardware and infrastructure.
• Self-Custody: Users should enable biometric authentication and MFA to access their wallets and accounts.
• Exchanges: Exchanges should implement MFA and biometric authentication for customer access and internal systems.

9. Continuous Monitoring

• Description: Set up continuous monitoring to detect unusual activity in real-time, with automated alerts for quick incident response.
• Pros: Detects unusual activity in real-time; allows for quick response to incidents.
• Cons: Requires constant oversight and resources; potential for false positives.
• Self-Custody: Users can set up alerts and monitoring tools to detect unusual activity in their accounts.
• Exchanges: Exchanges should employ continuous monitoring systems to detect and respond to real-time security incidents.

10. Incident Response Plan

• Description: Develop a comprehensive plan for potential security breaches, ensuring employees are trained and conduct regular drills.
• Pros: Provides clear procedures for addressing breaches; ensures preparedness.
• Cons: Requires regular updates and training; can be complex to implement effectively.
• Self-Custody: Individuals should develop a response plan for potential security breaches.
• Exchanges: Exchanges need comprehensive incident response plans and regular training for employees to handle security breaches effectively.

The Role of Zero-Knowledge Proofs in Proof of Reserves

Current Exchange Practices and Risks

Many cryptocurrency exchanges employ centralized custody services where client and exchange assets are co-mingled. This practice poses significant risks, such as potential misuse of client funds, lack of transparency, and increased vulnerability to fraud and theft. In traditional financial systems, asset segregation is a standard practice to protect client funds, ensuring client assets are held separately from the institution’s assets. The failure to implement similar practices in cryptocurrency exchanges exposes client assets to higher risks, undermining trust and security.

Introduction to Zero-Knowledge Proofs

Zero-knowledge proofs (ZKPs) are cryptographic methods that allow one party to prove to another that a statement is true without revealing any additional information. This ensures privacy and security, as the verifier learns nothing other than the fact that the statement is indeed true. ZKPs can enhance transparency in cryptocurrency exchanges by providing Proof of Reserves (PoR).

Understanding Proof of Reserves

Proof of Reserves (PoR) is a verification method cryptocurrency exchanges use to demonstrate that they hold enough assets to cover their customers’ balances. Traditionally, PoR involves auditors reviewing the exchange’s holdings and liabilities. However, this approach can be flawed due to potential biases, limited transparency, and security risks.

Benefits of Using ZKPs for Proof of Reserves

• Privacy-Preserving Verification: ZKPs allow exchanges to prove they hold enough reserves without disclosing the asset holders' exact amounts or identities.
• Reducing Risk of Fraud: By providing verifiable proof without exposing sensitive data, ZKPs can prevent exchanges from misrepresenting their reserve status.
• Enhancing Trust: Users can trust that the exchange is solvent without needing to trust the exchange itself, aligning with the decentralized ethos of cryptocurrency.
• Compliance and Transparency: ZKPs ensure that exchanges comply with regulations and are transparent in their operations without compromising their users' privacy.

Multi-Party Computation (MPC)

Introduction to MPC

Multi-party computation (MPC) is a cryptographic protocol that divides a private key into multiple parts held by different parties. This ensures that no single party can access or use the key without the cooperation of the other parties, significantly enhancing security.

How MPC Enhances Security in Digital Custody

MPC enhances security by distributing essential control among multiple parties, including the investor, custodian, exchange, and a specific device (e.g., someone's mobile phone or hardware wallet). This multi-layered approach mitigates the risk of a single point of failure, ensuring that the private key is never fully exposed to any one party.

Distinguishing between MPC, SSS, and ZKP

At first glance, MPC may seem similar to Shamir’s Secret Sharing (SSS) and Zero-Knowledge Proofs (ZKP), but this is not the case.

Shamir’s Secret Sharing (SSS): SSS is a storage solution that divides a secret, such as a private key, into multiple shares distributed to different parties. The secret can be reconstructed only when a sufficient number of shares are combined. While SSS ensures that the secret is safe from exposure unless a threshold is met, it primarily focuses on the safe storage and reconstruction of secrets, not on the computation aspect.

Zero-Knowledge Proofs (ZKP): ZKP is a cryptographic method that allows one party to prove to another that a statement is true without revealing any additional information. This ensures privacy and security during the verification process, making it useful for privacy-preserving verification, such as Proof of Reserves (PoR). ZKP is used to prove knowledge of a secret (or the correctness of a computation) without revealing the secret itself.

Multi-Party Computation (MPC): MPC is computational and is a subfield of cryptography, focusing on distributed computation where parties jointly compute a function over their inputs while keeping those inputs private. In MPC, parties perform computations collaboratively without revealing their private inputs, thus offering a higher level of security for ongoing operations and transactions. Unlike SSS, which is about dividing and reconstructing a secret, MPC involves real-time collaborative computation. Unlike ZKP, which is about proving knowledge without disclosure, MPC is about securely computing a function over inputs provided by multiple parties without revealing those inputs.

Benefits of MPC for Both Self-Custody and Exchanges

Self-Custody:?

• Enhanced Security: Users can ensure that their private keys are never fully exposed, reducing the theft risk.
• ?Collaboration: MPC allows for collaborative security measures, where multiple trusted parties share responsibility for key management.

Exchanges:?

• Improved Trust: By using MPC, exchanges can demonstrate a higher level of security to their users and maintain a case for using exchange custody.
• Reduced Risk: Distributing essential control among multiple parties (with the option of self-participation) in exchange-based custody minimizes the risk of insider threats and single points of failure.

?Advocating for Decentralized Custody

Despite these advancements, the ultimate security in cryptocurrency lies in self-custody. Centralized exchanges have shown significant vulnerabilities, including co-mingling client and exchange assets, leading to major fraud and theft incidents. The advocacy for decentralized custody is rooted in the fundamental ethos of the decentralized financial system proposed by Satoshi Nakamoto, which emphasizes user control and security. Therefore, while advocating for exchanges to implement PoR using ZKPs and MPC, promoting self-custody solutions as the best practice is crucial.

Conclusion

In light of the vulnerabilities highlighted by various incidents, using zero-knowledge proofs for Proof of Reserves and Multi-Party Computation can enhance the security and transparency of cryptocurrency exchanges. However, the ultimate security measure remains self-custody, where investors control their assets, aligning with the original vision of a decentralized financial system.

Call to Action

Share your thoughts and experiences with zero-knowledge proofs, Multi-Party Computation, and self-custody in the comments below.

For further reading and research, explore the following resources:

1. Zero-knowledge rollups on Ethereum - This resource from ethereum.org provides an overview of zero-knowledge rollups (ZK-rollups), their advantages, and how they enhance Ethereum's scalability. [Learn more on ethereum.org]

2. Zero-Knowledge Proofs in WebZero-Knowledge Proofs in Web3 – How, What, and Why – This article from Holland FinTech delves into the role and significance of zero-knowledge proofs in Web3, their application, and their impact on blockchain scalability and security. [Read more on Holland FinTech]

3. Take Custody Away From Crypto Exchanges – Regulators should require centralized crypto exchanges to get out of the businesses of custody and trading [Read more on Digfin Group]

4. Self-Custody Best Practices - Kraken’s blog provides an in-depth look at various self-custody options and best practices, including hardware and paper wallets. [Read more on Kraken Blog]

5. Self-Custody: Where and How to Store Your Crypto Safely - CoinMarketCap outlines different types of self-custody wallets, their security features, and the importance of maintaining control over your private keys. [Read more on CoinMarketCap]

6. Non-Interactive MPC with Trusted Hardware Secure Against Residual Function Attacks - published in the International Conference on the Theory and Application of Cryptology and Information Security, December 2019 by Ryan Karl, Timothy Burchfield, Jonathan Takeshita, and Taeho Jung, University of Notre Dame,[Read more on iacr.org]

?????? ?????????????? ???? ???????? ?????????????? ?????? ?????????????? ?????????? ????????-????-?????????? ???????????????????? ???? (????????????????????). ???????? ????????'?? ???????????????? ?????????????? ?????????????? ?????? ?????? ?????????????????? ?????????? ????????????'?? ??????????????, ?????? ?????????????? ???????????? ???????? ?????????????????? ?????????? ?????????????????? ????.