Koine, Co-Founder, Phil Mochan
The emergence of new digital technology in finance has, somewhat ironically, brought back the terminology of a bygone era. Tokenised value (invariably held on a distributed ledger such as a blockchain) is now kept in “cold storage” (think physical safe), secured by digital keys and transacted by manual processes involving humans and “hot wallets” (think armoured cars).
The nature of digital assets is that the access layer to the value is via a private key, typically a string of alphanumeric characters that can be written down as a piece of paper or saved in a computer file. Digital assets can be compared to a credit card number without a pin or signature being required to authorise expenditure. They are bearer instruments: you hold them, you own them. A familiar bearer instrument is paper money, such as a £10 note. The difference is that the note, whilst having a unique serial number, also has number of additional anti-counterfeit measures. By contrast, the digital asset’s private key has no such measures and can be copied simply by recording it by hand, photographing it or accessing the computer on which it is stored.
Private keys are not only more vulnerable than conventional bearer instruments, such as cash, they also come in a highly portable format. A million pounds in cash will fit in in a modest suitcase. At ten million pounds, it starts to become burdensome and noticeable. By contrast, the same digital asset’s private key can equally hold one pound or a billion pounds, held on a slip of paper in a jacket pocket.
As the value of digital assets has grown exponentially since their emergence in 2008, to a peak of over 700 billion dollars, so has the risk around holding private keys grown dramatically – particularly when funds are exchanged through intermediaries. When paper certificates and cash were used by capital markets to transact 40 years ago, the model involved holding the paper in large physical bank safes and manually removing the transaction amounts using humans to transfer them to armoured trucks with guards.
Not only was this security model rather expensive (armoured vans, steel vaults and lots of people), it was also rather susceptible to internal collusion and theft. As Hollywood has demonstrated with its many heist movies, stealing from armoured trucks and safes is a popular criminal activity, with each subsequent movie seeking to explore a more elaborate and sophisticated way of stealing the money.
There have not yet been mainstream Hollywood movies depicting the opportunity for digital assets (“Bitcoin Big Bang”, a movie on MtGox was a rather niche production), but the press has covered a number of the more spectacular ones. It is estimated that the value of assets stolen in 2019 reached 4.4 billion dollars, up by 260% compared to the previous year (1.7 billion dollars)[1].
With digital assets, such as Bitcoin, hot wallets are the transitory accounts (funded from cold storage) used to settle investors transactions. “Hot” refers to the fact that these accounts are accessible through a public network. Other than that, there is no consistent definition in the industry in terms of the type and strength of controls required (or relaxed) compared to cold wallets. As investors have learned from a long litany of incidents, hot wallets are the preferred target for attacks.
The idea of treating digital assets as physical items reveals the teething issues of these new markets: a digital safe requires humans to interact with value. This renders settlement among market participants risky and inefficient, with many operational limitations.
Faced with similar issues – the risk of handling paper certificates – financial markets developed central securities depositories, institutions that maintain a record of ownership of assets, making the paper certificate irrelevant. The advantage of settling securities in this novel way proved immense: the risk of handling certificates – tangible objects – was eradicated, opening the way to the exponential growth of global securities markets.
The growth of S&P 500 trading volumes over time
Investors in digital assets today are faced with material levels of operational risk, similar to those that forced securities markets to restructure their infrastructure with the dematerialisation of securities.
In the digital assets world, the current poor security model has come into focus in particular from regulators (such as SEC which has blocked insurance of Bitcoin ETF due to lack of effective custody solution) and for institutional capital, which seeks an insured and safe digital asset market which conforms to the expected norms of a trading environment.
Market Infrastructure providers to digital asset markets have been slow in addressing this risk. Controls over private keys (the physical element kept in hot or cold storage) have been strengthened with elegant technology – better safes, better armoured tracks and more people – but little has been done to tackle the principal issues inherent with the handling of bearer assets. Multi-signature accounts or multi-part computation are often cited as effective solutions. These controls are the digital version of better physical safes or armoured tracks, but they remain ineffective against internal collusion – the primary cause of loss for investors. Furthermore, the manual handling of keys significantly limits scalability and performance of settlement processes.
The cryptocurrency Bitcoin was initially devised to deprive intermediaries of their dominant role in the management and transfer of value yet, ironically, intermediaries are still dominant, they are just new (and probably riskier). The dream of anonymity and disintermediation from centralised trusted parties as imagined by the creators and many supporters of Bitcoin, has given way to hard practicalities of delivering effective security, operational efficiency and meeting the regulatory requirements.
Therefore, in this new environment, centralised trust will continue to be an essential feature to ensure that these new digital markets function efficiently. Fundamentally it comes down to trust in the custody of assets, when investors are required to delegate its safekeeping to an independent party, and trust in the settlement of transactions, to an agreed set of standards with certainly of timely legal finality.
The digitalisation of assets will in future bring frictionless value transfer and riskless trade matching. This will evidently require improved conventional market models using dematerialised digital assets, operating with a full separation of duties model, with DvP settlement and using digital CSDs.
Digitalisation will undoubtedly increase the investible universe of assets available to capital (be it property, collateralised debt or digitalised art), increase the accessibility of those assets to a wider range of investors, and create greater fluidity (price transparency, low cost execution and buy-side access) when it comes time to sell. We can foresee that digital custodians, using dematerialised business models, will grow to become the dominant providers in a rapidly growing market for holding safe, all digital value. This, we believe, will prompt an exponential growth in trading volumes and, particularly in stressed market situations, a considerable reduction in systemic and trading risks.
[1] See CipherTrace report https://www.businesswire.com/news/home/20191127005510/en/
