Digital assets are unlike many traditional assets in that they exist solely in digital form while functioning as bearer instruments whose ownership are not recorded by any trusted party or central repository. Given that many categories of digital assets are perceived to be of high value, with the added characteristic of being potentially accessible and transferrable from virtually anywhere in the world, owners of digital assets have been increasingly targeted by cybercriminals. Due to the specific features of digital assets, there are a number of unique challenges in maintaining their security.
Bearer instruments on a blockchain
Digital assets are based on a blockchain consisting of a distributed ledger held across a decentralised network of computers with the network itself forming an indisputable record. While it is possible to control the digital assets from various nodes in the decentralised network, access to those assets and the ability to transact are provided through cryptographic techniques.
Importance of private key management
One of the greatest challenges in keeping digital assets secure is the management of the cryptographic keys that administer the transaction process.
Blockchain makes extensive use of public key cryptography. Algorithms are used to generate a set of private key and public key, with the public key being mathematically derived from the corresponding private key. While the public key is distributed to all participants of the network, the private key has to be kept secret.
The private key is used to digitally sign transactions, while the public key can verify that the specific private key was the one that actually signed the transaction.
Loss of the private key would result in the owner becoming unable to access the digital asset, and if the private key cannot be subsequently recovered, the digital asset would be permanently inaccessible.
Should the private key become compromised, a channel will be open for cybercriminals to access the digital asset. Whoever has the private key can transfer the digital asset immutably and potentially anonymously to anyone. Due to the difficulties faced by many law enforcing bodies in identifying and taking action against remote hackers, those assets are likely to become irrecoverable.
With the digital assets only as secure as the private keys controlling them, the operation, storage and backing up of the private keys are crucial elements in maintaining the security of the digital assets.
Hot storage of private keys
Hot storage refers to the storing of private keys on devices or systems connected to the internet. Transactions on digital assets whose private keys are kept in hot storage can be performed speedily, including the digital signing of transactions and the broadcasting of the signed transactions to the network. However, storing the keys on platforms connected to the internet make them vulnerable to cyber attacks.
Cold storage of private keys
With cold storage, the private key is stored on a platform that is not connected to the internet, thus protecting the key from internet-related vulnerabilities. The outward transfer of assets may be digitally signed offline before it is transmitted to the online network. Digital assets may still be received in an address whose private key is in cold storage. Execution of transactions would be more cumbersome and time consuming, but the security of the private key is enhanced due to the physical security layer provided by the decoupling of the private key from the internet.
An offline device functioning like a USB, a hard drive, or an offline computer, may be used to store the private key. A most elementary form of cold storage is to have the key stored on a paper document containing a QR code, which can then be scanned to sign transactions.
It is however essential to store all media containing the private key in a physically safe and secure environment with appropriate access controls to prevent unauthorized access to the key backup media. Depending on the assessed risks, appropriate safeguards may include keeping the backup media in a vault equipped with an appropriate alarm and monitoring system.
Trade-off between accessibility and security
Keeping a private key in hot storage allows for speed of transaction but there is a risk that the private key becomes compromised. One of the main challenges therefore would be to determine the optimal trade-off between accessibility of the digital asset and security, and the proportion of asset kept in hot storage as opposed to being maintained in cold storage.
Users of digital assets are advised to evaluate their needs carefully, and if there is no requirement to have instant access to the digital assets, the private key may be stored offline in cold storage. For instance, hedge funds trading frequently may prefer to have more assets in hot storage, while custodians would rather maintain more assets in cold storage for long-term safekeeping.
Backup of private keys
It is essential to back up the private key in a safe and secure environment so that they can be recovered by the owner of the digital asset. Various techniques can be used to back up the private key, including the use of hardware security modules (HSMs)which are specifically designed to securely store keys, or physical backups on a material such as paper or steel which has the advantage of protecting them from electromagnetic attacks.
For added security, the private key may be split into separate shards (pieces) which are then stored in secure and diverse locations around the world. The original key may then be reconstructed from the shards.
Multiple signature protocols
Multi-signature addresses are addresses that require multiple electronic signatures to send transactions. Thus, no single person is solely responsible for securing the private key.
Entities dealing in digital assets would vet their officers for fitness and propriety, as well as establish appropriate controls that do not allow any one individual or conspiring groups of individuals to access the private key in an unauthorised way.
Digital assets could be insured to cover losses arising from theft, or from physical damage to the media storing the private key due to fire, flood, earthquake, and other natural perils.
Assurance from auditors
Entities holding and managing digital assets may consider using the services of auditors who may be able to provide assurance reports based on an independent assessment of the entity’s risk and control environment and in accordance with International Standard on Assurance Engagements.
The development of several categories of digital assets has been marred by frequent and spectacular hacks. Up to now, all major thefts or losses of digital assets have occurred online or because of deficient multi-signature safeguards. Keeping digital assets secure requires a robust cybersecurity strategy as well as operational and technological safeguards that are more complex than those used in protecting traditional assets. It is essential for users of digital assets to be aware of the possible security risks to this asset class and to adopt appropriate policies in order to maintain their security.
DTOS provides valuable insights and value-added services to businesses and individuals with regard to their evolving present and future needs. Should you have any query in relation to the topic covered and require any assistance, please do not hesitate to contact us. We shall be pleased to assist you.
Fred Yeung Sik Yuen CPA FCCA CGMA MBA
Published on 10 March 2020