In our last article, we explored Multi-Party-Computation (MPC) as a crypto custodial service used to safeguard digital assets. In this piece, we’ll take a deep dive into Hardware Security Modules (HSM), and why it’s becoming increasingly important for crypto institutional investors, trading platforms and projects to consider the benefits of such a model when selecting a crypto custodian solution.
Ensuring the secure transfer and trading of digital assets is just as crucial as safeguarding them. In Q1 of 2023, traders have been swapping or trading stablecoins due to the recent uncertainty in the traditional banking space, as well as the recent stablecoin crisis. Combined, this has led to several issues, such as Paxos halting BUSD minting and USDC de-pegging concerns resulting from Circle’s exposure to Silicon Valley Bank (SVB). Despite continued concerns about the situation, the Federal Reserve Board has announced additional funding to help assure banks can meet their depositors’ needs.
For crypto traders, a secure and reliable system is necessary to safeguard their assets and facilitate transactions. At Cactus Custody, we aim to provide such an infrastructure to enhance our clients’ crypto investments and trading experience. We achieve this through the use of Hardware Security Modules (HSMs).
HSMs are dedicated computing devices designed to safeguard cryptographic keys and ensure their secure use. They have been trusted and utilised in the banking and payment industries worldwide for over a decade, and they are now used in the crypto space to protect private keys and enable seamless and secure use of those keys. HSMs enable clients to safeguard their private keys without the need of sharing the burden or responsibility of managing their own key shard. The private keys generated by HSMs never leave the modules, and a variety of security technologies protect the entire lifecycle of these keys, from generation to backup, use, and destruction.
Hardware Security Modules employ a multi-layered approach to ensure the highest level of security, incorporating physical protection, robust authentication, and access control measures, as well as efficient key usage and management, thorough software activity auditing, and built-in preemptive warning sensors. This comprehensive security framework enables them to effectively defend against a wide array of potential threats and vulnerabilities, making them indispensable tools for organisations seeking to protect their valuable digital assets.
- Physical protection: HSMs utilise a robust material shell for multiple layers of protection, enabling them to resist electromagnetic interference (EMI) and radio frequency interference (RFI) attacks. They also incorporate a dedicated encryption chip to prevent other forms of malicious infiltration, such as channel measurement and fault injection by cracking the key.
- Authentication and access control: HSMs establish specific permissions and authentication procedures for each user and strictly isolate access among users. These include, but are not limited to, passwords, fingerprints, hardware keys, and one-time password (OTP) strong authentication devices. At least two or more combinations of these authentication methods are required.
- Key usage and management: HSMs utilise a specialised key management system for storing and managing keys. These keys must be highly encrypted and safeguarded using strict access control rules, ensuring they are never exposed outside the HSM throughout their lifetime.
- Software activity and log audit: HSMs employ security-certified firmware programs, with their internal software and protocols also verified and adhering to strict security regulations. Every security event and activity should be recorded within the HSM and remain tamper-proof. These records encompass access logs, audit logs, and other activity logs.
- Built-in preemptive warning sensors: HSMs feature a variety of built-in warning sensors to address extreme environments and unlawful physical damage.
Thanks to the outstanding security capabilities of our HSMs, our clients no longer have to worry about misplaced private keys. Cactus Custody’s robust security infrastructure has had zero security incidents since its inception.
Our HSMs comply with the highest security level in the blockchain industry — the Federal Information Processing Standard (FIPS) 140-2 level 3 or above. They also incorporate additional security measures, unlike other custodians that use HSMs. For example, each set of our HSMs is deployed in Tier 3 or above1 data centres in four different locations (the United States, Switzerland, Singapore, and Hong Kong) across three continents. The data is backed up to the other data centres in different locations. Access to one of the data centres requires an appointment in advance and strict review and records to prevent any unauthorised entry.
Cactus Custody also uses HSMs from different manufacturers to ensure that any vulnerability in one manufacturer’s model does not affect all. These HSMs are strategically deployed across different countries and regions to mitigate damage from natural disasters or conflicts. Clients determine the specific number of signatures required for each transaction signature. After the client completes the signature process, the default setting of our HSMs initiates the final confirmation by obtaining 2 out of 4 possible signatures from data centres. These signatures should be obtained from randomly selected data centres across various regions in order to prevent any possible points of vulnerability, while also removing any element of predictable pattern identification.
We have designed strict rules and regulations, with a clear and distinct division of responsibilities among personnel to prevent any potential security risks from negligence or lack of security awareness. In addition, regular inspections every six months help to detect and eliminate possible dangers.
Although some may attempt to determine which of the two mechanics, MPS or HSM, is superior, the crucial aspect is to utilise a mechanism that aligns with your specific needs and demands. It is crucial to conduct your own research (DYOR) and choose a service or solution that is suitable for you, your clients, customers, and community.
In summary, Cactus Custody’s mission is to provide a secure and reliable infrastructure to our clients, enhancing their crypto investment and trading experience. Our HSMs, coupled with additional security measures, ensure the highest level of security in the blockchain industry.
Furthermore, Cactus Custody is actively exploring innovative methods to incorporate the MPC mechanism within its current infrastructure. By doing so, the company aims to optimise the benefits while mitigating the drawbacks of both HSM and MPC technologies. Don’t miss our upcoming updates and developments.
1Data centres are classified into four tiers based on their level of complexity/redundancy and uptime. Tier 1 has the least redundancy and uptime while Tier 4 has the most. Traditional banks generally prefer to use at least a Tier 3-rated system.