What is Secure Custody?

Updated: Jun 28

This article was originally published in Blockchain Industry Review - a Crypto Curry Club Magazine published monthly and available in soft copy and the printed version.

Written by Guest Contributor, Jake Rogers,

Chief Information Security Officer of custody application, Copper.co

It is bizarre to think that only a couple of years back, digital assets such as Bitcoin were primarily operating from the fringes of finance. Fast forward to today, crypto is a legitimate institutional-grade asset class embraced by respected financial institutions, publicly traded companies and even a handful of governments.

However, as the size and global reach of crypto markets continues to grow, so do the opportunities for exploits.

Recent high-profile hacks and news reports about would-be Bitcoin millionaires struggling to access their wallets have elevated an important conversation among retail crypto holders, institutional investors and other market participants about digital asset custody and private key management.

Not the sexiest topic, but an extremely important one.

Though this conversation is still ongoing and hotly debated, a new cryptographic key management technology called multi-party computation, or MPC technology, is widely deemed as the best available security solution.

What is MPC?

MPC is a highly powerful cryptographic tool that makes it possible for multiple parties to collectively solve signature equations without ever creating a key to begin with, nor ever leaking any critical information to one another.

The cryptographic protocol is the brainchild of Professor Andrew Chi- Chih Yao, who introduced the idea in the early 1980s. Since then, MPC has evolved into becoming one of the most actively researched areas in theoretical cryptography. However, its transition from an object of theoretical study to an applicable technology only came about recently.

The first known practical use of MPC is actually rather underwhelming, during a Danish sugar beet auction in ‘08 where the winning bids were matched up with sellers without disclosing the prices or identities of any other bidders.

Though MPC can be applied to virtually any problem involving confidential data from multiple parties, demand for the cryptographic tool is huge in the digital assets space.

This is because crypto custodians such as Copper, which manage billions in digital assets, recognise that when it comes to safeguarding the private keys that control crypto assets, MPC technology can afford wallet holders robust protection from potential security breaches.

How does MPC work?

Rather than creating a master private key and storing it on a device that risks being compromised, MPC distributes shards (cryptographic pieces)of a key among devices of participating parties.

MPC key shards then draw on another protocol which is conceptually similar, called zero-knowledge proofs (ZKPs), which works by verifying information between parties without revealing the information itself.

The crucial difference between the two protocols is this: MPC allows the computation upon private data, ZKPs allows that data to be verified without relinquishing any data. So in this instance, ZKPs enable key shards to prove that they have the right to co-sign transactions.

The key that executes the transaction is a collectively generated value, meaning that a single key never exists in whole, or lives on any device.

This renders an attack in key theft effectively impossible while also sheltering from internal fraud and collusionpreventing any employee, or group of employees, from misusing the key.

MPC-based systems are inherently more secure given that transactions can be signed without centrally creating or re-assembling a master private key.

In the case of a disaster where one signing key is lost or unavailable, backup keys can be stored offline in a physically secure location and the validity of the backup is verifiable by ZKPs.

MPC: Sometimes a 'bed of thorns‘ rather than a 'bed of roses’

But beware.

It’s important to note that just because a custodian claims to have implemented and integrated MPC technology into its cyber protection solutions, this doesn’t necessarily mean that an organisation’s security is one big bed of roses.

There are a handful of custodians out there that boast of using MPC technology, but when a shard is generated by one of their clients, this will actually be transmitted back to the custodian for safekeeping.'

This then means that if the custodian is ever breached, all three shard pieces are at risk.

Even if the custodian at- tempts to mitigate risk by using separate environments, the fact is that they will have the same admins and developers working across these environments, so there are already multiple single points of failure compromising in that chain.

Copper’s offering differs from our competitors who also use MPC but warehouse all three shard pieces on their own servers. We ensure to use sharding in such a way as to never keep a record of the shards be- longing to the client and the trusted third party.

It’s important to recognise the key distinctions between Copper’s offering and what is generally available:

  1. When selecting a custodian, arm yourself with these essential questions to ask (and understand):

  2. Past the point of shard generation, where will our shards be stored?

  3. Are shards ever transmitted back to the custodian?

  4. If either of the above is true, what measures are in place to ensure there are no teams or individuals with access to more than 1 shard piece? How does this work with development and operations?

  5. If SGX is being used in the architecture anywhere, how has the provider mitigated the existing, unpatchable vulnerabilities present in the SGX implementation?

Also make sure to zoom out and look at