Blockchain technology can dramatically improve retail efficiency by enabling fully digital processing and eliminating unneeded intermediaries. It is used for tokenized goods, smart contracts and crypto currencies. However, a challenging problem remains. How can these assets be reliably stored? Technically, each asset is represented by a unique private key that must be protected so that it is not lost, stolen or misused. It must also hold over time. Obviously, PCs are a bad place for such storage because they have proven to be neither reliable nor secure.
It is pretty much the same for servers. While they are more reliable and typically operated in datacenters by professionals, they are very vulnerable. Just follow the news, where you will find almost daily reports about compromised systems and stolen data.
There are three basic requirements for such a storage solution:
Let’s look at them in more detail.
Physical security assures that someone with physically access to the storage device cannot retrieve or access the private keys stored in it. In fact, it should be impossible for anybody, even a disgruntled admin to open the hardware, and simply extract the memory and walk away with the keys. Thus, such a storage system needs to be "self-protecting", where opening the container is discouraged by physical design and active tamper detection. If the physical barriers are penetrated nonetheless, then the keys have to be erased – which calls for a redundant setup, in order not to lose the data (see below).
An often overlook topic is electronic security. Today’s electronics no longer use magnetic hard drives for storage, but flash memory, which is mechanically much more reliable. However this non-volatile storage relies on storing bits in a floating gate. While very reliable as such, user typically don’t give adequate attention to the data retention time of such flash storage. In the worst-case retention time is just few months for typical off the shelf memory used in many USB type vault solutions. Cold storage held in a safe or USB physical vault will lose their keys over time. Higher quality memory can prolong this time to years, even after heavy use.
Also in case any storage might fail, redundancy is required for storage reliability. It is proven good practice to hold private keys or parts thereof located in different secured locations. Also, they should be in secure datacenters. And ideally, these datacenters should be placed in areas with differing geological, social, and political risks. This also requires that the storage devices can autonomously synchronize, exchange new keys with each other.
Many procedures have been devised to ensure access control to the private key storage. Typically, these include multiple safe guards, from "offline" storage keeping, multi-factor authentication, multi-sig and n of m systems. These are all very valuable tools in ensuring access control, however, many require complex manual processes. “Off-line” storage, just as an example, doesn’t really scale when thousands of individual keys are to be managed. Furthermore, access protection often induces new risks: what happens when access credentials are lost? Are the assets then lost too? What about the death of a key holder, can the assets still be accessed (read story). For these scenarios "break glass" rules should be established. Rules based on secure real-world "off-line" processes, such as court-orders or trusted 3rd party signoff. A high quality access control mechanism, supported by hardware multi-signature rules, on a per key basis, provides the means for coping with all these demands.
Putting it all together, a custody solution must build on a hardware security module (HSM), as only hardware can serve as a trust anchor. The access control, such as multi-signature, must be integrated right with the hardware, to ensure trusted processing.
A crypto custody solution should look as depicted here:
The private keys are stored redundantly in three HSM that synchronize themselves. These three HSMs are placed in three different datacenters. The business application can then be run on multiple servers, ensuring availability. Multi-signature access control is collected from different approval terminals or apps and processed by the HSM for verification of the signature and the transaction.
If you want to learn more on how to implement such a solution, don’t hesitate to contact us.
Marcel Dasen, VP of Engineering, Securosys