Min Read

Digital Asset Custody: A Guide to Keeping Assets Safe

Marc Lewis
Managing Editor
January 13, 2023
Digital Asset Custody: A Guide to Keeping Assets Safe
Since this post was written, Hyperledger FireFly has reached 1.0. Learn more here!

A digital asset is anything stored virtually that holds value to a business. Traditional digital assets included photos, videos, and documents. But like most things in our evolving economy, digital assets have gotten smarter. Blockchain brought us cryptocurrency and NFTs, which evolved into complex financial instruments, technologies rooted in decentralization that are becoming enterprise tools. This makes digital asset platforms important to the future of business.

So how do we protect, measure, and trade these digital assets safely and simply?  

In this article we’re going to talk about secure self-custody. We’ll cover different ways to manage, organize, and protect digital things then talk about types of wallets we offer and how best to maintain control over your assets.

What is digital asset custody?

Deloitte estimates the value of the digital asset market at $239B, and that’s based on the market cap of cryptocurrency. Add to this an increasing number of digitally-native securities, NFTs, and central bank digital currencies and the digital asset market looks like an attractive target for bad actors.

Beyond the market value, the uniqueness of digital assets increases risk. By design, digital assets are unique and irreplaceable, which makes recovery after a hack nearly impossible. Tools like our NFT platform are making it simple for anyone to tokenize assets—which will only increase the need for security.

Digital asset custody is the ability to keep these assets secure and organized. Different custody architectures allow varying levels of access and visibility.

When we start to build a digital asset platform, we discuss custody as it relates to three main considerations:

  • Managing cryptographic keys
  • Digital asset custody solutions
  • Operational options and trade-offs

When we talk about operational trade-offs, we’re talking about the ability to access and trade funds. We know fund managers want to be able to deploy capital across multiple chains or exchanges while maintaining custody. Our approach allows us to build these secure environments that deliver flexibility with a custom mix of hot and cold storage.

These concepts are familiar to most blockchain developers. Let’s talk more about how they apply specifically to digital assets.

How does key management work?

Digital assets transactions use the distributed ledger to create a shared record of their existence, ownership, and transactions. This adds one layer of security. We strengthen this system with the use of public and private keys. These keys allow us to access the digital assets.

There are two types of keys that work together to unlock our digital asset vault, if you will.

  • Private keys: This number is randomly generated and only known to the digital asset owner. It’s used to encrypt and decrypt information. You can think of the private key as a password.
  • Public keys: Public keys work like an address. This is a cryptographically derived number that is tied to a private key to point a transaction to the right place. When a public key and private key are paired, a transaction can be executed.

This flow graphic, courtesy of Deloitte, shows us how public and private keys work together to facilitate a transaction.

This is a diagram from Deloitte showing how key cryptography works.
This is a diagram from Deloitte showing how key cryptography works.

Once we understand this password-address function of public and private keys, we can architect applications to hold, manage, and trade digital assets.

What digital asset custody providers are available?

Digital asset custody services are evolving alongside the digital asset space. As more institutional investors begin trading in crypto assets, we see the market demand for flexible, efficient ways to manage and transfer assets increase.

Companies want to be able to interact with assets and also assess their value in real time, like stocks or bonds. Enterprises also want to be able to silo access, as permissions differ throughout an organization.  

Right now, asset managers and enterprise have four main options for digital asset custody providers:

  • Self-custody
  • Exchanges
  • Financial institutions
  • Custodians

How do wallets factor into custody?

As with anything in the blockchain space, there is a dilemma when we talk about speed and security, in that one often takes precedence over the other. Wallets are no different. To store private keys there are three options to choose from.

  • Hot wallets: Hot wallets are connected to the internet. These wallets prize speed over security, as they allow for more agile trading and transactions.
  • Cold wallets: Cold storage implies no internet connection, ever. Cold wallets sacrifice agility for security, as completing transactions with a cold wallet may take 24-48 hours to process, as assets need to be moved to a hot wallet.
  • Warm wallets: Warm storage is a hybrid of hot and cold, wherein some assets are kept closer to the web and others in a cold hardware device. An example might be that a custody provider keeps crypto in a hot wallet, readily accessible, and NFT holdings cold, as they’re less frequently accessed.

On top of our wallet we can add security with multi-signature processing, or the requirement for multiple parties to sign off. We can balance security and speed with multi-party computing or the ability to use multiple machines to sign off on a transaction, distributed and safe but closer to instantaneous.  

A screenshot of all the wallet options available on Kaleido for digital asset custody
The Kaleido Asset Platform has a wide selection of wallet options—all pluggable and simple to use on our platform.

Wallets Kaleido Offers

Our platform enables institutional projects to seamlessly integrate their preferred custody solution, ensuring the secure storage and management of assets and keys, scalability for users, and adherence to regulatory standards.

Kaleido HD Wallets

Our proprietary hierarchical deterministic (HD) wallet enhances security by generating up to 2 billion unique addresses, each with its distinct private key. This feature simplifies user growth and automatically assigns wallets to individuals.

3rd Party Wallets

With Kaleido, you retain control over custody arrangements, with plug-and-play support for a wide range of wallet configurations, including:

  • Fireblocks: Offering an MPC wallet for digital asset custody, transfers, and settlements.
  • HashiCorp Vault: Providing a secure method for storing and managing sensitive data such as private keys.
  • AWS CloudHSM: Empowering users to generate and utilize their encryption keys securely.
  • AWS KMS: A managed service facilitating the creation and control of encryption keys effortlessly.
  • Azure Key Vault: A Microsoft service designed for storing secrets, keys, and certificates securely.
  • Custom PKCS-11 Keystores: We accommodate any vendor or custom key management implementation seamlessly.

Final Thoughts

With digital custody providers and platform architectures we have to make choices about speed, security, and levels of access. Add to this regulatory frameworks as they evolve in the digital asset space, and custody of digital assets from some perspectives feels like a moving target.

Enterprises need to ensure the secure storage and management of valuable digital assets, such as cryptocurrencies, tokenized assets, and sensitive data, in a highly regulated and compliant manner. We help by offering robust custody solutions that leverage advanced encryption techniques and secure wallet options, safeguarding assets against theft, unauthorized access, and cyberattacks.

Kaleido's custody services provide enterprises with peace of mind, enabling them to confidently navigate the complexities of digital asset management without compromising on security or regulatory compliance.

If you want help choosing the right custody solutions for your digital asset strategy, speak to one of our solution architects today.

Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account
Don't forget to share this article!
Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account

The Ultimate Enterprise Blockchain Glossary

Your guide to everything from asset tokenization to zero knowledge proofs

Download Now

Swift Utilizes Kaleido in New CBDC Sandbox

Learn how Swift, the world’s leading provider of secure financial messaging services, utilizes Kaleido in its CBDC Sandbox project.

Download Now

Related Posts

DvP Demystified: The Key to Seamless Asset Exchange in the Digital Economy

Understanding a Delivery vs Payment (DvP) Application on Blockchain

Tokenized Funds: Bridging Traditional Finance and Blockchain

The Rise of Tokenized Funds: Bridging Traditional Finance and Blockchain Technology

Marc Lewis
Managing Editor
Revolutionizing Traditional Repo Transactions: How Tokenization is Changing the Game

The Future of Repo Transactions: How Tokenization is Reshaping the Industry

Marc Lewis
Managing Editor

Blockchain made radically simple for the enterprise

No Credit Card Required
ISO27K & SOC2 Type 2 Compliant
Free Training & Support