Digital Custody: Custodial & Non-custodial Crypto-wallets

Digital custody is one of the most important topics for the maturing blockchain-based financial system. The idea of using peer-to-peer distributed systems to provide computational proof of chronologically ordered transactions was inspired by the collapse of the financial markets after the exposure of crucial trust-based vulnerabilities relating to double-spending. Blockchains and other Distributed Ledger Technologies (DLTs) improve the inefficiencies that require extensive reconciliation processes and leaves room for security breaches and accountability deficiency. These benefits have led to the rapid adoption of Blockchain-based systems within the financial industry.

Based on the public adoption of cryptomarkets and the exponential growth it has gotten over the past decade, financial institutions are swiftly working on integrating blockchain technology and digital assets, increasing reach towards new pools of investors.

Cryptomarkets have opened the door for the democratization of finance, allowing the general public to access trading venues with small entry-ticket sizes. An important indicator of the exponential adoption of digital assets is the number of digital custody wallet users currently existing. With increasing capital being traded through digital assets, securely managing custody has become critical to users. To date, there are more than 70 million blockchain.com wallet users and more than 100 million identity-verified crypto-asset users in 2021. According to user data from exchanges/trading platforms and wallets, the global user base increased by 190% from 2018 to 2020, and the number of accounts by 37% (Statista, 2021a).

Blockchain wallet users 

Figure 1. The number of Blockchain wallet users (in millions) worldwide Nov 2011-Aug 15,2021. Source: Statista (2021).

 

number of identity-verified crypto users
Figure 2. The number of identity-verified crypto-asset users 2016-2020 (in millions).

For all users, the type of wallet and the custodian (if needed) is definitely a pivot point for accessing and managing digital assets. Unlike regular wallets that store value, i.e., cash, digital wallets or crypto wallets technically do not store crypto/digital assets: Digital assets are in the blockchain, and they can be accessed through an address, account, or wallet providing a private key (a cryptographic code that allows users to sign blockchain transactions and transfer funds to or interact with other addresses).

The private key is chosen from the existent addresses (secure identifiers) that were generated within the blockchain as the result of a mathematical operation. Digital wallets are able to collect the entropy to generate the ECDSA private key (ECDSA is the cryptographic algorithm in the core of the most important blockchain networks, i.e., bitcoin and ethereum). Afterward, the wallet derives a public key needed to send and receive payments. The critical point here is managing the private key, as it is a mathematically generated figure that uses a P2PKH format -pretty long and difficult to memorize-. If the user loses their private key, the likelihood of recovering is almost nonexistent. Thus, it is crucial to use tools to store this cryptographic figure that gives users access to their digital assets’ deposits. Losing the key may imply losing the proof of ownership over the digital assets.

This article analyses the different types of crypto wallets offered, explaining in detail the type of accounts inherent to the Ethereum blockchain network. In addition, it guides on how to find the best fitting wallet depending on the users’ needs. Lastly, acknowledging the importance of consumer protection regulations and lawmakers’ awareness towards these new digital finance features, the article touches upon the newly introduced custodial legislations in Germany, Greece, US, Japan, and Malaysia.

 

What Are Crypto Wallets?

Crypto wallets are tools allowing users to manage and access their digital assets’ funds. As explained, to interact with other addresses, users need to sign their transactions to verify ownership. Addresses are placeholders to accept and send blockchain transactions, and every transaction is assigned to a certain public key, i.e., a cryptographic method to represent the needed information to assign funds to a private key.

Given the complexity of these and the high value of what they store, using tools to securely manage them is crucial. That is the primary role of crypto wallets: safely recording the private key that generated the public key. On top of these, there are other features that a crypto wallet can have to increase security and allow users to store their digital asset funds securely.

Digital custody elements

Figure 3. Essential custody elements. Source: Decus Network.

In the particular case of Ethereum wallets, they are tools that let you interact with the Ethereum account. A digital custody wallet allows users to read their account balance and transaction history, send transactions and connect to decentralized apps (dapps). An Ethereum wallet can hold many Ethereum accounts, and it is also possible to change wallet providers at any time (Ethereum, 2021; 99Bitcoins, 2021).

EOAs or Contract Accounts

Ethereum offers two types of accounts, Externally Owned Accounts (EOAs) and Contract Accounts. The former is the most used account due to its simplicity. It has a private key that triggers movements in the account and gives the holder control of the private key. Contract accounts are more complex because they have an associated smart contract and the code that defines the contract also includes a set of predefined triggers that control the account.

Differences between Ethereum Accounts
Table 1. Differences between Ethereum Accounts.

When opening a wallet, usually, the platform allows users to create an Ethereum account and address. Then, users who prefer more security recur to a crypto wallet to generate and store the private keys. However, there is a vast amount of providers, and all of them have strengths and weaknesses. Depending on the user’s use case and needs, there are several options among the different types of wallets.

 

Which wallet is the best fit?

The type of wallet will define the benefits and risks the holder will face. Some wallets represent a better choice regarding security, ease of use, speed, or costs. One of the first security choices is hardware wallets because they are offline devices that store crypto-assets and private keys. Since they are not dependent on devices exposed through online networks, these wallets can be the most secure storage solution. If crypto-assets are stored in a hard drive, the holder would have less exposure to hacking risks.

In general, the security risks of online wallets are more significant than offline wallets. However, this solution makes sense if the holder only trades sporadically. For those who trade recurrently, an online solution is more convenient and faster. In addition, online wallets have increased their efforts in security, and there is a range of options to choose from that will be analyzed in the following tables (Deloitte,2020; Goleman, 2018).

Cold Wallets

Cold wallets as hardware wallets and paper wallets are considered the best solution to store high amounts of crypto-wealth in the long term. For interacting with the blockchain, the wallet confirms the transactions in an offline environment. This process helps keep the private keys away from the internet at all times.

By definition, private keys do not leave the hardware wallet. This characterizing feature protects the private key from being lost through malware and hackers’ attacks. Nevertheless, it bears more costs than an online solution and is less convenient for daily usage. Prices range from 50€ – 200€ for the device (Ledger, 2021). Additionally, some of these wallets are still exposed to physical threats, such as fire and water damages. 

Cold Wallets

Table 2. Cold Wallets.

Hot Wallets

Hot wallets, on the contrary, represent a much more flexible solution. They offer an immediate transfer of funds and simpler processes. These types of wallets are convenient tools for short-term transactions and day-trading activities. However their vulnerability to hackers is greater. A solution to this problem is offered by digital assets custodians who provide a centralized solution to store and safe-keep the digital assets and the private keys.

Hot and Multi-Signature Wallets

Table 3. Hot and Multi-signature wallets.

Smart Contract Wallets

Smart contract wallets are contracts on the blockchain that can hold and secure Ether. They can have multiple accounts as owners and keep a full log of all transactions. Contract accounts not only allow to create contract wallets but to create decentralized applications (dApps). Unlike accounts, contract wallets are programmed, and thus, their code can be modified.

Smart Contract Wallet.
Table 4. Smart Contract Wallet. Source: Deloitte,2020; Goleman, 2018; WalletConnect, 2021

Ultimately, the best wallet fit depends on the customer’s needs and risk aversion. Users, private and institutional, have to weigh the security and efficiency of the services offered, paired to their business needs.

 

Digital Custody

Blockchain and other Distributed Ledger Technologies (DLT) promote liquidity, transparency, and efficiency by offering secure and automated decentralized transactions. It uses cryptographic solutions as private-public keys (asymmetric scheme) to protect users’ addresses, accounts, and wallets and hash cryptography to maintain the validity of transactions.

While the digital asset market continues to grow, individuals and institutions accumulate digital assets of significant value. Thus it becomes necessary the role of custodians. Digital custody is critical for maintaining the growth and adoption of digital assets.

Custodians safeguard digital assets and private keys. A custodian (Deloitte, 2020)

  1. Reduces risk and complication: Users transfer risks (with legal liability) to the custodian, responsible for safekeeping the crypto-assets and the investors’ private key.
  2. Increases security: Custodians should have the necessary resources to mitigate the risks (regulated storage, IT security infrastructure, and appropriate loss insurances).
  3. Recourse for investors: Licensed custodians can provide more certainty of value through recourse in the event of failure, being held liable in most cases.
  4. Comfort for investors: Potential investors can perceive the complex nature of the market. Custodians can leverage their technology and regulatory expertise to provide investors with a greater sense of comfort.

Generally, there are three possible digital custody options:

  1. Self-custody;
  2. Exchange custody; or
  3. Third-party custodians.

All of them can be used by both private individuals and institutional investors.

Self-custody considers the investor as the controller of the private key necessary for accessing the crypto-assets. This applies for different wallets such as software, hardware, and paper wallets. In contrast, an exchange wallet gives the control of the private and public key to the exchange, maintaining the customer’s access via an online wallet (risky solution). Finally, a third-party custodian stores digital assets using clearly defined security features and controls. The latter solution is often used by institutional investors implementing a high grade of security and insurance.

Types of custody and micobo’s integration examples.
Table 5. Types of custody and micobo’s integration examples.

Self-custody outlines one of the most secure ways to store crypto-assets and by definition, allows greater control, however, in many cases, users forget or lose their private keys. In fact, lost private keys amounted to 20% of the total Bitcoin in the market by January 2021 (Popper, 2021). This problem could be solved by having a custodian. Nevertheless, users need to feel confident about their custodian and their capability to safe keep crypto-assets since they would not have direct control over their assets. There is an increased risk for those users letting exchanges store their crypto assets, given the increasing amount of AuM. They are common targets for hackers.

Micobo’s enterprise tokenization solution enables financial institutions and large corporations to manage their preferred wallet provider and custodian. It integrates cold and hot wallets, multi-signature wallets for self custody, or third-party custody.

 

micobo’s integration to wallets and custodians

When working with security tokens, or tokens representing assets and financial instruments, the issuance needs to be done through wallets, not only to increase security but to ensure ease of use. Additionally, investors using the platform shall have a wallet to store the tokens they own. Managing public and private keys can be done via wallets that directly interact with the smart contracts and the blockchain delivering efficiency in the process and security.

Micobo’s enterprise tokenization solution integrates hot, cold, and multi-signature wallets, each of them with multiple digital custody providers. Micobo’s clients can choose from a wide selection of custodial and non-custodial wallets integrated through Decus Network and all the self-custody wallets using the WalletConnect protocol (leading industry standard). Depending on the type of the offering, administrators shall select the custody solution that better adapts to their business and compliance needs.

micobo’s integrated wallets by default.

Table 6. micobo’s integrated wallets by default.

Taking into account utmost security standards, it is advisable that the token deployment is done using a hardware wallet (e.g., Nano Ledger S or X). In case of choosing a hot wallet it is recommendable only to store the crypto funds needed for day-to-day transactions. This is because hot wallets are connected to the internet and are constantly exposed to hacks and thefts. In contrast, a cold wallet (hardware) stores the private keys offline. To make transactions from a cold wallet, the wallet confirms the transactions in an offline environment. This process helps to keep the private keys away from the internet at all times.

Custodial requirements for security token offerings vary greatly depending on the jurisdiction where the token issuance is done. Some regulatory authorities require licensed custodians facing the type of financial instrument that is being digitally issued. To learn more about the different legislative approaches around the globe, read here.

 

 

About micobo

micobo GmbH is a leading European software company for Security Token Offerings and Blockchain Software Development (DLT). It provides fully compliant software solutions for Security Token Offerings and advises structuring DLT- and Blockchain-based Securities. micobo empowers financial institutions with state-of-the-art technology focusing on providing a better customer experience and achieving measurable results.

micobo’s solution eliminates redundant verification processes and redundant information registered in isolated databases using distributed ledgers. It uses a proven and fully compliant set-up, adaptable to the customer’s needs.

Authors

Laura Andrade (la@micobo.com)
Luisa Blandon (lb@micobo.com)

tokenization software

Bibliography

Arora, Gaurav. Cryptocurrency Regulatory Framework in Japan. 2020. Retrieved from https://etrst.com/wp-content/uploads/2020/11/Cryptocurrency-Regulatory-Framework-in-Japan-1.pdf. Last Accessed 07.09.2021.

BaFin. Merkblatt über die Erteilung einer Erlaubnis zum Erbringen von Finanzdienstleistungen gemäß § 32 Absatz 1 KWG. 2018. Retreived from https://www.bafin.de/SharedDocs/Downloads/DE/Merkblatt/WA/dl_fidierlaubnis_buba.html;jsessionid=0F2CEC44FCCF956D0E78C37F0461C1CE.1_cid503?nn=9451720. Last Accessed 07.09.2021.

BaFin. Guidelines on applications for authorisation for crypto custody business. 2020. Retrieved from https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/Merkblatt/BA/mb_Hinweise_zum_Erlaubnisantrag_fuer_das_Kryptoverwahrgeschaeft_en.html;jsessionid=9C415FE8DB19BB5C4681AA27F725B2D2.2_cid501?nn=9451720#doc13886752bodyText1. Last Accessed 07.09.2021.

BaFin. Merkblatt: Hinweise zum Tatbestand des Kryptoverwahrgeschäfts. 2020a. Retrieved from https://www.bafin.de/SharedDocs/Veroeffentlichungen/DE/Merkblatt/mb_200302_kryptoverwahrgeschaeft.html;jsessionid=0F2CEC44FCCF956D0E78C37F0461C1CE.1_cid503?nn=9451720. Last Accessed 07.09.2021.

Chambers and Partners. Blockchain 2021. 2021. Retrieved from https://practiceguides.chambers.com/practice-guides/blockchain-2021/greece. Last Accessed 07.09.2021

Coinbase. What is a crypto wallet?. 2021. Retrieved from https://www.coinbase.com/es/learn/crypto-basics/what-is-a-crypto-wallet. Last Accessed 07.09.2021

Deloitte. A Market Overview of Custody for Digital Assets Digital Custodian Whitepaper. 2020. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/xe/Documents/finance/me_Digital-Custodian-Whitepaper.pdf. Last Accessed 07.09.2021

Deloitte.The German approach towards Bitcoin, Ethereum & Co. is set. 2019. Retrieved from https://www2.deloitte.com/dl/en/pages/legal/articles/kryptowaehrungen-kryptoverwahrgeschaeft.html Last Accessed 07.09.2021

Ethereum. ETHEREUM WALLETS: The key to your digital future. 2021. Retrieved from https://ethereum.org/en/wallets/#gatsby-focus-wrapper. Last Accessed 07.09.2021.

Ethereum. Ethereum Accounts. 2021a. Retrieved from https://ethereum.org/en/developers/docs/accounts/. Last Accessed 07.09.2021.
Goleman, Travis. Cryptocurrency: Mining, Investing and Trading in Blockchain for Beginners. 2018.
Grounded. Blockchain 101: Crypto wallets. 2019. Retrieved from https://medium.com/the-capital/blockchain-101-crypto-wallets-dde099de147e. Last Accessed 07.09.2021.

Ledger. Hardware Wallets. 2021. Retrieved from https://shop.ledger.com/. Last Accessed 07.09.2021.

Nasdaq. Deutsche Bank Quietly Plans to Offer Crypto Custody, Prime Brokerage. 2021. Retrieved from https://www.nasdaq.com/articles/deutsche-bank-quietly-plans-to-offer-crypto-custody-prime-brokerage-2021-02-12. Last Accessed 07.09.2021.

Popper, Nathaniel. Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes. 2021. Retrieved from https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html. Last Accessed 07.09.2021.

Reuters. Compendium – Cryptocurrency regulations by country. 2021. Retrieved from https://www.thomsonreuters.com/en-us/posts/wp-content/uploads/sites/20/2021/06/Compendium_Cryptocurrency-Regs_FINAL.pdf. Last Accessed 07.09.2021

Securities Commision of Malaysia. GUIDELINES ON
DIGITAL ASSETS. 2020. Retrieved from https://www.sc.com.my/api/documentms/download.ashx?id=aeb10f62-944b-4d83-8aa0-4ed492dc1109. Last Accessed 07.09.2021

Statista. Number of identity-verified cryptoasset users from 2016 to the 3rd quarter of 2020. 2021a. Retrieved from https://www.statista.com/statistics/1202503/global-cryptocurrency-user-base/. Last Accessed 07.09.2021.

Statista. Number of Blockchain wallet users worldwide from November 2011 to August 15, 2021. 2021. Retrieved from https://www.statista.com/statistics/647374/worldwide-blockchain-wallet-users/. Last Accessed 07.09.2021.

99Bitcoins. A Beginner’s Guide to Ethereum Wallets From The Always Up-to-Date Guide on the Best Ethereum Wallets in 2021. 2021. Retrieved from https://99bitcoins.com/ethereum-wallets/.Last Accessed 07.09.2021.