Own Your Own Key: Cutting Out the Crypto Custody Middleman

By July 13, 2023No Comments

Why one member set up cryptocurrency self-custody with Fireblocks instead of using a custodian.

When El Salvador officially recognized bitcoin as legal tender in 2021, one NeuGroup member company that does business in the country had to act quickly to figure out how to pay or be paid via bitcoin.

  • “If someone wants to pay in bitcoin, we couldn’t say no,” the member said at a recent meeting of NeuGroup for Digital Assets sponsored by Fireblocks. So the treasury team started a focus group to unite functions across finance and decide on the best course of action.
  • The member, a treasury IT manager, implemented a self-custody solution using tools from software provider Fireblocks to set up a digital wallet owned by the member company.
    • Fireblocks, a digital asset security platform, offers proprietary software that helps build secure infrastructure for moving, storing and issuing digital assets. The cloud-based solution enabled the member company to own its own wallet and create a rules-based flow of approvals for all transactions.
  • Though no payments have been made in bitcoin since setting up the digital wallet, the corporate now has a standardized process to set up a new wallet for other cryptocurrencies—a process it’s already putting to use.

Why self-custody? A number of other multinationals that do business in El Salvador tapped services from crypto custodians offering secure storage of digital assets; or they use third-party providers who accept bitcoin payments and convert them to fiat for high fees. Initially, the member looked into custodial offerings from BNY Mellon—which uses Fireblocks technology in its crypto infrastructure—and Coinbase.

  • Custodial institutions assume the risk of holding crypto by retaining the so-called “key” to a user’s digital wallet. The key is a complex passcode that grants access to a wallet and cannot be recovered—if a wallet owner loses track of the key, all funds are permanently lost. Since custodians hold the key, a customer only needs the password to their account on the custodian’s website—which can be reset if lost.
  • BNY’s service did not launch in time for the company’s project, and the member decided to cut out an intermediary entirely because he couldn’t trust a third party like Coinbase with something that valuable—a decision that’s paid off in recent weeks.
    • “We would have complete exposure to those companies if something happened, so I had no interest in that,” he said.
  • “Not your key, not your crypto,” is an oft-repeated motto among self-custody proponents, and one that the member said, “really rings true.”

Custodial controls. The downside to self-custody, the member said, is that the corporate assumes all risks. Tight controls would be needed to ensure stakeholders have access to the digital wallet key in a controlled manner, the ability to approve payments and a reliable recovery mechanism to prevent loss of the keys.

  • Because payments are irrevocable and only need a wallet address, without the right controls a simple typo could lead to a complete loss of a payment.
  • “If we pay to a dead wallet, it’s gone,” he said. “But one thing that really appealed to us about Fireblocks is the robustness of what you can build for a control framework in one tool.”

How the custody setup works. After collaborating with other teams at the company to ensure an effective, secure digital wallet, the member set up a straightforward process using Fireblocks to accept or make digital payments.

  • “You can define layers of approval, including people from different groups signing off,” he said. “We used traditional payment controls as the model.”
  • Setting up the configuration for payment approvals required no coding on the member’s part. “Building the transaction flow was pretty simple,” he said. “As I was setting up rules I was like, ‘Wow it should be more complicated.’”
  • It all begins with a business group requesting permission, which is reviewed by its finance team; if approved, it then goes to treasury before execution. The process, shown below, is overseen by the company’s compliance team and owned by treasury.

Putting the wallet to use. Though El Salvador’s embrace of bitcoin was the catalyst to start the project, the company’s wallet has not yet been used, with no customers or vendors requesting payments via the cryptocurrency. Instead, another business line approached treasury with a need to support a different digital asset.

  • The model built in Fireblocks was easily applied to this use case. “We set up that team with roles for payment requests and approvals,” the member said. 
  • “It was really, really important to treasury that nobody thought we were the ones pushing crypto,” he said. “We are enabling the business, and the model has served us well.”
Justin Jones

Author Justin Jones

More posts by Justin Jones