L5 - Crypto Asset Custody Flashcards
Types of digital assets
Security tokens Stablecoins Utility tokens E-money tokens Cryptocurrencies
Before modern key storage
HSM technology..
Traditional asset custodians
- custodians are like vaults holding assets in both electronic and physical form
Digital asset custodians
- primary role of safekeeping digital assets
- safe key management (by holding the private key)
What is the private key made out of?
Two very large secret prime numbers
What is the public key made out of?
The product of those two very large prime numbers used to make the private key.
Can cold wallets be costly
yes
What is an HSM?
Hardware security module
- physical device that safeguards digital keys
- facilitates encryption, decryption, signing and verification
- private key is generated within a secure device from which it cannot be extracted without damaging the device
- the private key is never exposed, even to the holder of the device, and therefore cannot be copied or hacked.
What is the access gateway into decentralized economy.
Non-custodial wallets are the access gateway as users interact directly with smart contracts and not through another middleman.
Seed phrase how long
12-24 words generated by the crypto wallet.
What is the seed phrase?
Like a master password. As long as it exists you can access your funds.
Is the seed phrase the same as the private key?
No the private key allows to sign transactions. The seed phrase allows access to wallet and all private keys in wallet.
What does MPC minimize?
The single point of compromise
What is MPC
Multi-party computation
Multiple servers host the private key together
Avoids a single point of failure
Enables a custodial solution that is online.
Pros of centralised custody
(exchange hosted wallets)
- high convenience and operability
- ease of access
Cons of centralised custody
(exchange hosted wallets)
Ease of access but huge counterparty risks with the exchange
- exchange hacks
- mixing of client assets and no clear separation
- counterparty risk of insolvency.
pros of centralised custody (third-party custody)
- clearly defined functions and controls
- institutional-level technology and security
- transparency
- regulatory compliance
cons of centralised custody (third-party custody)
- fee
- counterparty risk as the custodian is exposed to potential hacks
pros decentralised custody (self-custody /non-custodian wallet)
- 100% control over digital assets
- free
- secure
cons of decentralised custody (self-custody /non-custodian wallet)
- when access to assets is lost, the assets become irretrievable
- holds responsibility for assets, asset management, and associated risks
- requires expertise in digital assets
- more susceptible to hacking or loss of assets
Hardware wallet level of security and ease of use
security: high
ease of use: medium
Software wallet level of security and ease of use
Application installed on a device, such as a smartphone or computer
security: medium
ease of use: high
Web wallet level of security and ease of use
accessed through an internet browser. Quick transaction and high availability
security: low
ease of use: high
Custodial wallet level of security and ease of use
security: high
ease of use: depends on the custodian
Largest hacks and exploits
Mt. Gox was a bitcoin exchange based in Shibuya, Tokyo, Japan.Launched in 2010, it was handling over 70% of all bitcoin (BTC) transactions worldwide by early 2014, when it abruptly ceased operations amid revelations of its involvement in the loss/theft of hundreds of thousands of bitcoins, then worth hundreds of millions in US dollars.
Mt. Gox private key was unencrypted and it would appear that it was stolen via a copied wallet.dat
file, either by hacking or perhaps through an insider.
Once the file was hacked, the hacker(s) were able to access and cipher bitcoins gradually from the wallets associated with Mt. Gox’s
private keys without the hack being detected.
What provides a legal framework for
crypto-asset markets to develop within the EU?
Markets in Crypto-assets (MiCA) Regulation
Why do we need regulation?
- regulatory initiatives lower barriers to market entry
- institutions need more security and clarity.
- helps healthy and sustainable market growth
In Germany Digital Asset regulations falls under the authority of
BaFin.