GK8 by Galaxy What Impenetrable Custody really means for digital asset security

Why Seed Phrase Security Should Be Priority Number One

Private keys are the backbone of digital asset security as they provide the means by which transactions are signed. Without private keys, institutions cannot access their cryptocurrency or initiate transactions. Similar to […]

Private keys are the backbone of digital asset security as they provide the means by which transactions are signed. Without private keys, institutions cannot access their cryptocurrency or initiate transactions. Similar to other passwords, authentication methods, and authorization codes, it is paramount for institutions to take steps to protect their private keys and keep them safe from unauthorized access.

Losing a private key or having it stolen is a worst-case scenario for any institution providing custody of digital assets. In such cases, a seed phrase is part and parcel of any disaster recovery plan. Seed phrases, usually a string of random words, provide a way to retrieve or restore access to the private keys in case of loss.

If the original private key is lost, the owner can re-enter the seed phrase into a new wallet/vault to recover access to his assets. A proper institutional-grade custody solution will generate seed phrases for any authorized approver in the quorum during the account creation process. Users are then taught how to store their seed phrases (or portions of their seed phrases) securely and how to reinitiate their keys in case of disaster. Keeping backups of the different portions of the seed phrase in various storage locations is considered best practice.

Never give anyone access to your private key or your complete seed phrase

Lately, the market has seen the offering of a seed phrase backup service utilizing third-party entities. This service has been met with concern across the industry, and with good reason. Many fear this service can serve as a backdoor used to gain access to users’ seed phrases. Such fears are not unfounded, as similar approaches have been utilized by malign actors throughout history.

While third-party backup services may seem convenient, they introduce additional risks by opening the organization to counterparty risk. If the third-party service is breached, goes bankrupt, or even has a dishonest employee, seed phrases (and thus private keys) may also be put at risk. While this is true for all users, for institutions managing millions of dollars in assets under management, the security of your private keys and seed phrases is paramount as any unauthorized access to these codes can lead to catastrophic losses.

Moreover, transmitting the seed (shares or portions that can reconstruct the seed) over the internet fundamentally alters the security threat model of a hardware wallet. To enact the backup, users must connect the wallet to their phone via Bluetooth. As mentioned, any device connected to the internet can be hacked. Experience indicates that hackers, on average, spend about $1 million to breach an internet-connected device. If you are an institution with a multimillion-dollar AUM, the potential ROI is enough to encourage cyber criminals.

The only safe solution for seed phrase backup is a proper disaster recovery plan that ensures that seed phrases are never shared with unknown actors but rather stored in a secure location that can be readily accessed in case of any unfortunate scenarios.

Disaster Recovery Hygiene

At GK8, we believe a secure and effective disaster recovery plan is one of the most critical components of an institutional-grade digital asset custody solution. It is essential to have the portions of the seed phrase backed up in both a primary storage location as well as a separate secondary backup location or escrow agent in case of disaster. This ensures the seed phrases are protected while remaining under the direct control of the institutional users.

We recognize how essential seed phrases are for institutional investors to manage their crypto assets properly. That is why our team will walk you through the seed phrase generation process. We will also train you on the best practices of seed phrase regeneration.

At no point does GK8 have access to your seed phrases or your private key.

We urge our institutional users to approach seed phrase backup with caution. Ultimately, the security and safety of both private keys and seed phrases should be taken seriously, and both should be protected and backed up, to ensure that their crypto assets are safe and always accessible.

To learn more about the GK8 solution, click here.

Continue reading

The Tortoise and the Hare: How Banks Can Stay Ahead In the Crypto Race

Fortune favors the bold, one can’t help thinking when looking at early adopters of innovative technologies. After all, who doesn’t wish that they had the foresight to mine a few bitcoins back […]

GK8 grants institutions secure access to DeFi through integration with MetaMask Institutional

GK8’s users will be able to use their MetaMask Institutional wallets from their MPC Vaults on the platform, unlocking new revenue streams through DeFi services  GK8, the leading institutional-grade self-managed digital asset […]

GK8 is first to provide institutions access to $1B insurance coverage

In light of recent market events, it is clearer than ever that financial institutions, especially those who are responsible for billions USD worth of clients’ assets, can no longer rely on third-party […]