Colin is an associate editor and staff writer for Bitcoin Magazine. He's proud to call Nashville his home, where he lives with his family and doesn't eat hot chicken as much as you might think.
Within the sphere of traditional finance, at least, crypto has a custody problem. The problem? Crypto is complicated, security is tricky and — if we’re being frank — the suits don’t know a bit from a byte (or a blockchain from a cloud server).
In fact, you could rightly say that what makes crypto, well, crypto actually makes them nervous. Unlike settling traditional assets, you can’t reverse a bitcoin transaction, the blockchain offers no internal or centralized controls and there’s no one to go to if you muck up a transaction. Bitcoin is everything that the traditional finance sector is not, so it’s understandable that Wall Street and friends would be wary of holding an asset they don’t understand and can’t control.
And holding is precisely the issue. In its many ETF rejections, the United States Securities and Exchange Commission returns to the same problem (among others like market maturity) ad infinitum: ETF providers must ensure proper custody for crypto assets so mismanagement doesn’t throw investor funds into the void.
So how do we give these institutions proper custody to appease both them and the regulators? Striking up a partnership with Legacy Trust, a Hong Kong-based asset management firm, French hardware wallet manufacturer Ledger thinks it’s whipped up a solution.
Introducing Ledger Vault
“We want to be the technology provider for the folks who want self-custody, [to] have their own keys and be their own bank, but we also want to provide it to the larger institutions that want to provide a service into the marketplace,” Demetrios Skalkotos, global head of Ledger Vault, told Bitcoin Magazine.
The Ledger Vault bills itself as the world’s first institutional-grade, multi-authorization wallet management tool. During our interview, Skalkotos told us that the Ledger Vault separates itself from other custody solutions by being more holistic in its approach, encompassing both hardware and software technology solutions. As a tech company first, he elucidates, they’re not concerned only with business practices.
“We are a hardware/software security company. Most of the folks in the market today are process-oriented solutions rather than technology-oriented solutions.”
These solutions involve one of Ledger’s existing devices, the Ledger Blue, its BOLOS operating system and a hardware security module (HSM). The BOLOS operating system, which powers the Ledger Blue, interacts with the HSM, which is used to store keys for transaction and fund management authorization. Skalkotos says that the combination of the two pieces of hardware and Ledger’s proprietary software create an “encrypted endpoint and secure channel” to allow the Ledger Blue and the HSM to talk to each other. This, in turn, allows users to facilitate multi-authorized transactions.
To set this up, each of the account’s multiple stakeholders generate a key/seed, which are then combined to create a master seed. Then, the shared owners devise the account’s governance scheme (like how many people are needed to sign off on a transaction) and appoint administrators. These administrators can designate account operators and assign them varying degrees of responsibilities/permissions. Ultimately, the administrators are in charge of setting rules for transactions, such as timelocks, authorization requirements, etc. But, depending on permissions, operators could have the ability to create, authorize or cancel transactions.
Preferring the phrase multi-authorization rather than multi-signature, Skalkotos said that this scheme allows for a great degree of flexibility for fund management. The solution allows its users to set up multiple wallets and offers four levels of governance, ranging from what Skalkotos called a “warmer” variant, which only requires two to three approvers, to a “colder” one that would need eight to nine approvers. The latter, which would be much slower, would likely be used by a trust and could be a treasury wallet of sorts.
“In essence, you're eliminating the single point of failure. What you’re providing is a device to initiate and approve a transaction as a part of a bigger governance scheme.”
The solution could be used by any flavor of financial firms who want to add crypto assets to their portfolio, including hedge funds, family offices, banks and trust companies. It could also be used by exchanges to bolster their security and custody practices. While Ledger Vault was built primarily for institutional custody, however, Skalkotos told us that they are “working at all levels from a retail side and institutional side.”
They’re also working to build additional services on top of the solution, including staking services (the solution accommodates ERC20 tokens) and bolting on liquidity options.
With a global team presence in San Francisco, New York, Paris and (with this latest partnership) Hong Kong, Ledger boasts of growing a “diversified group of international clients across the board” since Ledger Vault went into beta in January 2019.
“We provide a technology platform for the industry, whether its family offices, crypto hedge funds, banks and trust companies, and custodians to self manage their assets or be able to provide a platform for services to the marketplace. So if a legacy trust company is hearing demand from their customers and they want to provide custody for the digital asset space, our platform will offer that.
“We have a global enterprise sales and technical team.” team in france, ny, and san francisco, people in hong kong
“They’re ranging from exchanges, to trust companies and banks, to family offices and hedge funds.”
“On the enterprise side, we’re working with a hardware security module, and our operating system, BOLOS, is interacting with the operating system of the HSMs. We also provide the customers the ledger blue devices, which are specifically built for the enterprise customers, so they’re authentication devices. That’s how we created that encrypted endpoint, secure channel in between talking to the HSM and the ledger blue device for initiation of transactions and approval of transactions.”
“You can create as many wallets as you want to. We have four layers of governance, and you can devise the governance rules and policies per each wallet independently. So I may have one wallet that’s very warm, it has two or three approvers and is going to a very direct whitelist and moves rather quickly. I could have another wallet that could be a treasury wallet that has 8 or 9 approvers and may have a time limit around it so it acts as if it were an offline, cold wallet solution.”
Could build other service on top of it, like staking and offer certain liquidity options
“We’re really a security software company.”
Clients and partnerships forthcoming