5
Min Read

The Art of Safekeeping: Your Guide to Digital Asset Custody

Marc Lewis
Managing Editor
April 18, 2023
The Art of Safekeeping: Your Guide to Digital Asset Custody
Update
Since this post was written, Hyperledger FireFly has reached 1.0. Learn more here!

A digital asset is anything stored virtually that holds value to a business. Traditional digital assets included photos, videos, and documents. But like most things in our evolving economy, digital assets have gotten smarter. Blockchain brought us cryptocurrency and NFTs, which evolved into complex financial instruments, technologies rooted in decentralization that are becoming enterprise tools.

This makes digital asset platforms important to the future of business. So, how do we protect, measure, and trade these digital assets safely and simply— especially as new ways to tokenize real-world assets come online?  

In this article we’re going to talk about secure self-custody. We’ll cover different ways to manage, organize, and protect digital things. We’ll then discuss wallets, and how best to maintain control over your assets.

What is digital asset custody?

The exponentially growing market value of digital assets coupled with the virtual nature of these assets creates risk. By design, digital assets are unique and irreplaceable, which makes recovery after a hack nearly impossible. This is why digital asset custody is such a hot topic.

Alongside the need to keep digital assets secure, companies need to maintain enough flexibility to allow varying levels of access and visibility. How do different roles inside an institution access assets? Who has visibility and the power to buy, sell, or trade? As we talk about digital asset custody, we’re talking about security and usability when we design a platform.

To put some shape to all these concerns, we’ll talk about custody in a few contexts.

  1. Managing cryptographic keys: How can you keep your keys secure and manage access across your organization
  2. Digital asset custody solutions: How can we design platforms to fit your business needs and prepare for scale
  3. Operational options and trade-offs: How can we balance security, flexibility, throughput, and connectivity to bring the value of web3 to your business

Some of these concepts may be familiar to blockchain developers but new to a business person starting to think about how web3 will impact their work, so we’ll step through each in detail below.

How does key management work?

Digital asset transactions use the distributed ledger to create a shared record of their existence, ownership, and transactions. This adds one layer of security. This system is backed by the use of public and private keys. These keys allow certain people to access the digital assets.

There are two types of keys that work together to manage digital assets:  

  • Private keys: This number is randomly generated and only known to the digital asset owner. It’s used to encrypt and decrypt information. You can think of the private key as a password.
  • Public keys: Public keys work like an address. This is a cryptographically derived number that is tied to a private key to point a transaction to the right place. When a public key and private key are paired, a transaction can be executed.

This flow graphic, courtesy of Deloitte, shows how public and private keys work together to facilitate a transaction.

Infographic showing how public key cryptography works
This image shows how public key cryptography works.

Once you understand this password-address function of public and private keys, you can build platforms to hold, manage, and trade digital assets.

How do wallets factor into custody?

As with anything in the blockchain space, there is a dilemma when we talk about speed and security, in that one often takes precedence over the other. Wallets are no different.

To store private keys there are three options to choose from:

  • Hot wallets: Hot wallets are connected to the internet. These wallets prize speed over security, as they allow for more agile trading and transactions.
  • Cold wallets: Cold storage implies no internet connection, ever. Cold wallets sacrifice agility for security, as completing transactions with a cold wallet may take 24-48 hours to process, as assets need to be moved to a hot wallet.
  • Warm wallets: Warm storage is a hybrid of hot and cold, wherein some assets are kept closer to the web and others in a cold hardware device. An example might be that a custody provider keeps crypto in a hot wallet, readily accessible, and NFT holdings cold, as they’re less frequently accessed.

On top of our wallet we can add security with multi-signature processing, or the requirement for multiple parties to sign off. We can balance security and speed with multi-party computing or the ability to use multiple machines to sign off on a transaction, distributed and safe but closer to instantaneous.  

What digital asset custody providers are available?

Digital asset custody services are evolving alongside the digital asset space. As more institutions tokenize real world assets and tap into native digital assets, the market demand for flexible, efficient ways to manage and transfer these assets is increasing.

Companies want to be able to interact with assets and also assess their value in real time, like stocks or bonds. Enterprises also want to be able to silo access, as permissions differ throughout an organization.  

Right now, asset managers and enterprises have four main options for digital asset custody providers:

Self-custody

Self-custody is the practice of organizations storing and managing their own digital assets, without relying on a third-party service such as an exchange or a custodian. In self-custody, the company is responsible for generating and securely storing the private keys associated with their digital assets. Self-custody offers a number of advantages, such as greater control over assets, increased privacy, and potentially lower fees.

However, it also comes with significant risks, as the company is solely responsible for the security of their assets. This means that they must be familiar with best practices for securely storing their private keys, such as using hardware wallets, and implementing strong passwords and multi-factor authentication.

Exchanges

Exchanges manage digital asset custody by securely storing the private keys that are associated with the digital assets held in their users' accounts. This is typically done through a combination of offline storage (known as "cold storage") and online storage (known as "hot storage").

Cold storage involves physically storing the private keys on offline devices, such as encrypted USB drives, in order to minimize the risk of cyber attacks. Hot storage is used to manage day-to-day transactions, and is kept in a secure, encrypted online environment.

Exchanges also implement various security measures such as two-factor authentication, multi-signature technology, and regular security audits in order to protect against hacking and theft.

Financial Institutions

Financial institutions manage digital asset custody by providing secure storage solutions for their clients' digital assets. This involves implementing strict security measures to protect the private keys associated with the assets, such as using offline storage, multi-sig technology, and secure access controls. They also conduct regular security audits and risk assessments to ensure the safety and security of their clients' assets.

Financial institutions may also offer additional services such as insurance coverage, reporting and accounting, and 24/7 customer support. These services are designed to give clients peace of mind and to provide a comprehensive solution for managing their digital assets.

Banks can provide clients with access to their assets through dedicated custody wallets, which are designed to be user-friendly and easy to use. One of the key differentiators of Kaleido's Asset Platform and why banks choose us is that we make it easy to map wallets to users and permission platform access.

Custodians

Custodians are similar to financial institutions in how they help clients, but are generally companies more focused on custody versus custody as a piece of asset management. Custodians provide clients with access to their assets through dedicated custody wallets, which are designed to be user-friendly and easy to use.

Custodians are typically regulated entities and may be subject to strict regulations and oversight in order to ensure that they meet the high standards required for managing clients' assets. This includes regular audits and reporting requirements, as well as detailed documentation of their security procedures and policies.

Custody of native on-chain assets vs. tokenized assets

When it comes to custody solutions for blockchain assets, there's no one-size-fits-all approach. Depending on the type of asset and the level of security required, different custody solutions may be necessary. For example, do tokenized assets require different custody solutions than native on-chain assets?

Custody for on-chain assets and tokenized real-world assets differ in some aspects, as tokenized assets bridge the gap between the digital and physical worlds. While they share similarities, there are notable distinctions in terms of the nature of the assets, the underlying rights and ownership, and the regulatory landscape.

By considering the unique features of tokenized assets, such as their underlying physical assets and regulatory requirements, we can develop custody solutions that provide the necessary level of security and compliance. We're committed to supporting leading custody providers, so if you have one in mind be sure to bring it up with one of our solution architects.

Why is digital asset custody important?

Digital asset custody is crucial in the blockchain world for security, regulatory compliance, and facilitating complex financial transactions. It can be the difference between safeguarding your portfolio and falling victim to hacks or scams.

  1. Security: The most obvious reason. Digital assets are prone to hacks, fraud, and human error. A robust custody solution reduces the risk of losing assets through encryption, multi-signature requirements, and other security layers.
  2. Regulatory Compliance: Regulatory bodies like the SEC in the United States demand secure custody solutions for institutional investors. This is to protect investors from fraud and ensure market integrity.
  3. Auditability: Enterprise-level solutions offer a streamlined way to audit transactions and holdings. This is important for institutional participants who need to comply with accounting standards and need a comprehensive history of transactions.
  4. Transaction Efficiency: Proper custody solutions facilitate quicker, more efficient transactions especially important in trading, staking, or participating in complex financial instruments like derivatives. They can automatically implement smart contracts and execute predetermined agreements.
  5. Asset Management: Advanced custody solutions go beyond just holding assets. They can integrate with portfolio management systems, providing analytics and real-time data, which is crucial for effective asset management.
  6. Accessibility: Custody solutions can offer user-friendly interfaces for non-experts to manage their digital assets without compromising on security features.

Digital asset custody is not just a secure vault. It's an entire ecosystem designed to make the use of digital assets safer, more efficient, and compliant with regulations.

Custody Is Easier with Kaleido

With digital custody providers and platform architectures we have to make choices about speed, security, and levels of access. Add to this regulatory frameworks as they evolve in the digital asset space, and custody of digital assets from some perspectives feels like a moving target.

Kaleido makes all this much, much simpler.

With native wallet integrations, click-button connections to third-party custody providers, and the ability to map wallets to users at scale, we’re the partner to help you solve your digital asset custody challenges. Let's talk about digital asset custody today.

Pluggable Custody Solutions

Kaleido makes it click-button simple to build a blockchain, launch a token, and choose your custody solution. Put our platform to work for you.

Request a Demo

Pluggable Custody Solutions

Kaleido makes it click-button simple to build a blockchain, launch a token, and choose your custody solution. Put our platform to work for you.

Request a Demo
Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account
Don't forget to share this article!
Interested in Blockchain?

Start learning blockchain and creating enterprise solutions today with a free Kaleido account!

Create Free Account

Pluggable Custody Solutions

Kaleido makes it click-button simple to build a blockchain, launch a token, and choose your custody solution. Put our platform to work for you.

Request a Demo

Pluggable Custody Solutions

Kaleido makes it click-button simple to build a blockchain, launch a token, and choose your custody solution. Put our platform to work for you.

Request a Demo

Related Posts

Top 3 Technologies for Cross-Chain Interoperability

Bridging the Gap: Comparing Three Technologies for Cross-Chain Interoperability

Marc Lewis
Managing Editor
Kaleido Offers Top-Tier Support for Hyperledger Besu

Maximizing the Potential of Hyperledger Besu: Kaleido's Top-Tier Support

Marc Lewis
Managing Editor
The Types Of Blockchains—Explained

Understanding the Types of Blockchains: Layer 2 vs Sidechain vs App Chain

Marc Lewis
Managing Editor