Department of Treasury Gives The Nod, But Are Banks Ready To Custody Cryptocurrencies?
The Office of the Comptroller of the Currency (OCC) issued a letter on July 22, 2020 clarifying US national banks' and federal savings associations' authority to provide cryptocurrency custody services for their customers. This is a major step forward in bringing cryptocurrency to a place where more mainstream adoption is likely. The big questions are what’s different about providing custody of cryptocurrencies, and how will these mainstream institutions provide these services?
How is Cryptocurrency Custody Different Than Traditional Custody Services?
The first critically important difference is that a digital asset transaction, such as Bitcoin, are not reversible, even if it’s known to be fraudulent. This is a game changer for most financial institutions which have enjoyed the ability to right intentional and unintentional wrongs by simply reversing transactions at a later date.
The second critically important difference is that the custody provider won’t actually hold the digital assets under custody. Instead, the assets will remain on a public blockchain ledger. What the custodians will hold is the private digital key which is uniquely associated with their client’s digital assets. This unique digital key must be used to generate a cryptographic digital signature before any assets associated with the account can be transferred to any other party. Without the key, no signature can be generated, and not transfer of the digital assets recorded on the blockchain can be completed. As a result, securing the key is equivalent to securing the assets.
Security For Cryptocurrency Custody Services Must Be Higher Than Any Prior Custody Service
If any party, be it an external hacker, an armed bank robber, or an internal actor, gains access to the client’s private key they can use the key to fraudulently sign a transaction on behalf of the custody client and transfer the funds to themselves or any other third party. Perhaps more importantly, the transaction cannot be reversed, even if it’s known to be fraudulent. As a result, protecting the private keys held on behalf of large numbers of clients will be more important than any other custody service in banking history.
Modern Cryptography Using MPC Eliminates Classic Internal and External Threats
Cryptographers and researchers have been focused on cryptographic schemes where no single party ever holds a complete key. They’ve also designed systems where and a complete key is never presented to any party or service provider to create the digital signature. Eliminating the key in a complete form means that no single party can be hacked, extorted, or simply become greedy and steal the key.
The technique is known as multiparty computation (MPC). It’s used in combination with a historic cryptography approach known as Shamir’s Secret Sharing to generate threshold signatures. Threshold Signatures use a multiparty approval scheme where each of the approving parties holds a share of a private key on a computing device under their control.
Each approver uses their key share to generate a partial signature. When a pre-defined number of approvers confirm their approval and generate their partial signatures, a complete Threshold Signature is generated and the associated transaction is approved for execution.
At no time in this process does any party every have visibility of or access to a complete key. So the only way a transaction can be signed is if multiple parties, with multiple key shares approve the transaction.
Conceptually, this is similar to a traditional bank security deposit box, where the bank has a key and the client has a key. Both keys must be used concurrently to unlock the deposit box. No party has both keys.
Some important differences from the model of physical keys used with deposit boxes include:
· there are no physical keys (just distributed shares of a digital key)
· different key shares can be stored and used in different locations (preferably with geographic diversity),
· key shares do not have to be used simultaneously (for asynchronous approvals),
· key shares can be stored online (for hot wallets) or offline (for cold wallets),
· lost key shares can be regenerated from remaining shares, and
· encrypted copies of key shares can be stored elsewhere for emergency recovery services.
With MPC, the parties could all be in one bank or physical location, but it’s more secure and more likely that one party might reside at the bank branch, one party might reside at a corporate location, and possibly a third party might be part of a different partnering institution just to provide further segregation.
In this scenario, a malicious party would need to hack, coerce or establish collaboration with multiple parties in different locations to have all parties approve a transaction. They would have to do so in a timely manner or other security measures will prevent the transaction from being signed.
This Threshold Signature scheme, using MPC, has been adopted by some of the largest financial institutions in the world, some with roots in cryptocurrency and others with roots in traditional financial services. It is supported by multiple vendors, many of which are members of the MPC Alliance. Sepior is a proud member and co-founder of the MPC Alliance.