Liminal’s Smart Cold Wallets, Easy and Secure Way for Enterprises to Safeguard their Crypto Reserves

| November 17, 2023

Share this article

Liminal’s Smart Cold Wallets

Cryptocurrencies are the latest class of highly versatile digital assets that have disrupted the global financial industry. These assets, first introduced in the form of Bitcoin back in 2009, have grown rapidly along with the applications of their underlying blockchain technology across industries.

Bitcoin was designed to be a completely decentralized, transparent peer-to-peer mode of value exchange without intermediaries or trusted third parties like banks or other financial institutions. The premise is carried forward by almost all the crypto assets that followed. The trustless transactions that are carried out on the crypto networks are recorded on a decentralized ledger called the Blockchain, readily queried by using block explorers. The crypto assets themselves are just alphanumeric strings that are associated with a private key. Anyone controlling the private key also controls the assets associated with it, enabling them to hold or transfer these assets to any other private key as they wish.

Crypto Wallets

Crypto wallets are special applications that allow users to manage their private keys so that they can send and receive crypto assets across the world. Crypto wallets are designed to make handling private keys more user-friendly and human-readable while providing additional security features to prevent others from gaining access to the private key, in turn, the digital assets associated with them. Meanwhile, a public key generated by the private key acts as the address for transactions over the crypto network.

Depending on accessibility, key storage, and operating process, the wallets can be majorly classified into software and hardware wallets. The majority of the software wallets fall under the online wallets category, with few exceptions, while most hardware and physical wallet solutions are considered offline wallets. Another familiar categorization of wallets, especially in the enterprise sector, includes hot, cold, and warm wallets, with hot and warm wallets being online software wallets while cold wallets are always offline software or hardware wallets.

Significance of Cold Wallets in Handling Crypto Assets

Cold wallets are an important part of secure cryptocurrency storage solutions, useful especially for individuals and enterprises handling or holding significant amounts of crypto assets. To understand why it is important, a refresher on cold wallets is in order.

What are Cold Wallets?

Cold Wallets are, in a way, regular crypto wallets, but with a major exception. These wallets remain isolated from an internet connection for the most part or throughout their existence. To ensure security and eliminate the potential cybersecurity risks that could compromise assets stored in them, they use private keys that are generated by offline devices. Without the keys being ever exposed online, they are virtually immune to a wide range of cyberattacks, viruses, and malware.

While executing transactions on a cold wallet involves more steps than their hot and warm counterparts, they are not that complicated either. Most of the cold wallet solutions available today are designed to be compact, highly portable, and easy to use. A typical cold wallet is a piece of hardware that resembles a USB stick or a small digital music player. Inside them, they contain a special, purpose-built hardware security module (HSM) responsible for key generation and secure storage. They also include additional security features like a password or a PIN to safeguard the contents in the event it is lost or stolen.

Role of Cold Wallets in Wallet Infrastructure

A typical wallet infrastructure for an enterprise of a crypto platform includes a combination of hot, cold, and warm wallets arranged in a particular order for efficient movement of funds within a secure environment. The cold wallets are responsible for safeguarding a major portion of funds held by the platform. Funds from the cold wallet are withdrawn as a requirement arises to ensure smooth operation while diverting any excess funds to the cold wallet for safekeeping. This combination allows platform operators to minimize risk exposure to their entire holdings without compromising their quality of service to the clients.

The Reality of Cold Wallet Implementation in Today’s Wallet Infrastructure

Theoretically, the combination of hot, cold, and warm wallets, along with best wallet usage practices, should make the existing wallet infrastructure failproof. However, in this not-so-ideal world, the reality is far from expectations, partially due to poor implementation and ignorance. As a result, cold wallets sometimes face continued risk exposure, unbeknownst to the platform operator. Even otherwise, managing cold wallets in the present-day setting is a prolonged and cumbersome process.

Most platform operators today either implement software multisig or MPC-based cold wallet infrastructure. While both types have their own advantages, they also tend to possess a few qualities that fall short of offering the necessary security and flexibility one generally desires from a cold wallet solution. A few common cold wallet-related issues include

Key Leakage and Management Issues

Efficient key management plays a very important role in safeguarding the private keys of any wallet. When it comes to cold wallets, extra precautions need to be taken as these wallets will be securing a major part of overall crypto assets in the platform’s custody. The widely used wallet infrastructure requires manual intervention by designated trustworthy people in possession of the private keys to enable transactions.

A combination of the complex, time-consuming cold wallet transaction initiation process and the unpredictability surrounding liquidity demand on crypto platforms makes it impossible for a single person to manage the entire process. As a result, to ensure uninterrupted service, crypto businesses usually share the wallet keys with multiple senior and mid-level managers to create redundancy. While such practices enable round-the-clock monitoring and timely refill of warm and hot wallets, it also introduces unnecessary risk, exposing the private keys to cyber threats, including hacking, phishing, malware, etc, targeting the key holders.

Sharing the keys with multiple people also reduces accountability, opening the doors for possible mistakes, deliberate misappropriation, and siphoning of funds by insiders.

These abovementioned key management risks are just the tip of the iceberg as there are possibilities of more serious issues occurring at the very top, starting with the key generation. Key generation in the crypto wallet context is the process of creating a wallet by generating a cryptographic private key. Creating own private keys contributes to better security as there is no dependency on third parties. But if good practices aren’t followed, it may have a completely opposite effect. Some of the most common mistakes committed during the key generation process include the use of low entropy secrets without using the Key Derivation Function (KDF) or poor KDF parameters, the use of weak encryption protocols, or unsuitable block cipher modes. All these factors will result in the creation of weaker private keys and associated public keys that can be easily compromised. If that’s not enough, key owners may end up writing down or storing the keys in human-readable plain text format on their devices, which allows cybercriminals or anyone sifting through these devices to copy them and access the cold wallets at their convenience.

MPC Wallets Aren’t Any Better

Apart from the good old HSM-based wallets, some consider MPC wallets to be more secure as they require partial keys generated by one or more devices, either accessed by a single or multiple individuals, to complete the private key necessary to execute transactions. In an MPC setting, unless someone has access to all the necessary partial keys from multiple sources, they can’t access the wallet. However, the MPC wallets are based on proprietary software, generally developed, owned, and operated by a handful of companies. Few operators like FireBlocks adopt the Software-as-a-Service model to deliver MPC solutions to crypto companies at a cost.

The MPC software offered by different providers isn’t always compatible with each other or conventional wallet systems, making it almost impossible to migrate from one provider to another without making significant changes in the operation. As a result, the platforms operating the MPC wallet ecosystem do not have complete control over their wallet infrastructure due to increased dependency on the MPC provider, making them highly vendor dependent, even to resolve any issues that may occur during operations.

No Takers for Native Multisig

Native Multisignature (Multisig) wallets have been around for a while now. As the name suggests, these wallets require multiple signatures to execute transactions that offer similar benefits as an MPC wallet but without creating any dependency on a third party. Unlike MPC, multisig wallets are increasingly becoming compatible with HSMs while creating the necessary redundancies to ensure continued access and safety of funds stored in them.

Multisig wallet operations enable the creation of a trusted group, where each party will have their own private keys used to partially sign the transactions. Only after the requisite number of signatures from the trusted group are satisfied is the transaction gets initiated. Multisig infrastructure allows platforms to specify the number of people/keys to be included in the trusted group as well as the minimum number of signatures necessary for transaction execution. A trusted group can have more people/keys than the number of signatures needed for a transaction. Anyone from the group can sign transactions, which will be executed once the requisite number is reached.

By designating a larger trusted group than the number of signatures needed for transaction execution, companies can create fail-safes where in the absence of a few members, others can still sign the transaction. Such an arrangement will help avoid risks like loss of private keys or passwords, loss or damage of devices due to various reasons, and even the unfortunate demise of one or more members of the trusted group. The need for multiple signatures also reduces the risks associated with cyberattacks as the chances of keys belonging to all the parties to a multisig transaction being compromised is very rare. It also brings in accountability, as any transaction can be executed only after reaching consensus, and no single person can unilaterally initiate a fund transfer with malicious intent.

A Single Solution for All Coins Ends up Lowering the Security for All Assets

One of the main reasons for MPCs gaining popularity is convenience, which may come at the cost of security. MPC wallets can be considered pretty generic when it comes to different digital assets in blockchain parlance. It adopts a “single solution fits all” approach without any room for asset-specific customization. MPCs use the same technology, including security algorithms, to secure both cold and hot wallets. Its design creates many single points of failure, which takes one single solution from an adversary to compromise the entire MPC algorithm, making every single asset across the platform vulnerable to theft.

The nascent stages of development in MPC algorithms and their applications in the crypto sector only make things worse. The complex dynamics and lack of complete understanding of MPC technology by the masses make it impossible to anticipate all possible vulnerabilities. At the moment, to avoid any unexpected shocks, MPCs are ideal for low-risk scenarios that can be automated, like in the case of periodic sweeping of funds from the hot wallet to the cold wallet for safekeeping.

Time and Cost of MPC Operations

As proprietary software, the turnaround time for upgrades or the addition of new assets is difficult as well as time-consuming. Most of these changes can’t be directly affected by the client and need vendor support and expertise. At the same time, MPC wallet solutions do not come cheap as vendors tend to follow USD volume-based pricing structure. As a result, any rise in the value of crypto assets against USD, which is quite common given the volatile nature, will end up raking bigger bills for the platforms.

Further exacerbating the problem is the role of cold wallets in a platform’s wallet infrastructure. Cold wallets are used to store the majority of the platform’s funds. They are either continuously refilled by sweeping in excess funds from hot wallets or used to refill hot wallets, effectively processing huge volumes, and any slight difference in the value of these assets could lead to a surge in the total USD value of assets handled and in turn the service costs in case of MPC wallets. As a result, in spite of their growing popularity, MPC wallets aren’t really suitable for use as cold wallets.

Designing an Ideal Cold Wallet Solution

The issues surrounding the existing cold wallet infrastructure are not a big secret. The advantages, shortcomings, and seriousness of risks associated with the existing infrastructure are well-known yet conveniently ignored so far. Liminal, the enterprise crypto assets storage, and security solutions provider, has reviewed the current solutions and come up with a more secure and convenient alternative in the form of Liminal Smart Cold Wallets.

With its Smart Cold Wallets solution, Liminal has redefined the value proposition for cold wallets by addressing most of the existing shortcomings. It is created by keeping the following design principles in mind.

Design Principles Shaping Liminal’s Cold Wallet Infrastructure

The main intention of using a cold wallet as part of the wallet infrastructure is to minimize the risk of exposure of crypto assets held by the platform. It can be achieved by incorporating enhanced security measures. But as most platforms cater to a large number of clients in a time-sensitive environment, these security measures shouldn’t come at the cost of a reduction in operational efficiency. The design principles of Liminal’s cold wallet infrastructure solution — Smart Cold Wallets, take these factors into consideration and prioritizes accordingly.

Securing Maximum Value First

Crypto enterprises and platforms generally handle large amounts of crypto assets with a very high market value. The wallet infrastructure is designed to minimize losses in case of an unfortunate event where the platform may get compromised. It is achieved by storing a major chunk of the entire crypto holdings in cold wallets, which act as vaults with private keys isolated from the environment. These funds are virtually inaccessible to the world. The general practice involves storing about 70%-80% of the holdings in cold wallets while the remaining 20%-30% is held in hot wallets or other storage solutions to cater to immediate and short-term capital requirements.

Maximum Security at Protocol Level, Wherever Possible

Native technologies are intertwined with the blockchain protocols hosting the crypto assets. Using such technologies makes it possible to address issues at the core instead of operating on abstract layers that create more dependencies and potentially create multiple points of failure if not executed carefully. Using native technologies also simplifies the solution to achieve maximum efficiency. Liminal’s design philosophy relies heavily on this fact to ensure the security and compatibility of its solutions for each supported asset on its respective blockchain protocols. With Liminal’s Smart Cold Wallets, the Multisig implementation for crypto assets is specific to supported protocols and incorporates available native support.

Best Practices Every day, Everywhere

In every secure system, the weak link is usually the user. The security features of any system work in conjunction with a set of best practices a user is expected to follow. There is no second-guessing the best practices, and Liminal completely agrees with the belief. Every Liminal solution is designed to operate within the boundaries of recommended best practices, and the Smart Cold Wallet is no different. Some of the best practices implemented in Liminal’s cold wallet solution include:

– MPC for Assets in Motion, HSM for Assets in Cold

MPCs are ideal for automated processes, while HSMs are a perfect fit for cold storage of crypto assets. Liminal’s Cold Wallets makes the best use of the strengths of available instruments by adopting a hybrid approach. The combination of MPC and HSM in Smart Cold Wallets has specific functions, with the former being used for sweeping funds from hot wallets to cold wallets, etc., while HSM secures most of the platform’s funds.

– Key Distribution Across Organizations

Don’t put all your eggs in one basket, a familiar idiom makes good sense when it comes to safeguarding private keys. The risk of keys being compromised is very high when all the keys are handled within the organization. It could be due to various factors, including the use of poor key management practices to secure all the keys, external attacks on an organization’s infrastructure or individuals, and even misappropriation by an insider. Liminal allows clients to minimize risk by assigning a few keys to trusted third parties as a precaution against threats, both external and internal. Liminal also acts as one of the trusted third-party custodians and signing authority for transactions executed over the platform’s wallet infrastructure.

– Easy and Independent Backup and Recovery

Dependency impacts self-sufficiency. Liminal believes that every crypto user should always be in control of their wallets. They should be able to perform all vital actions by themselves without having to rely on external vendors or other third-party organizations. As a result, all components of Liminal crypto storage and management solutions, including the Smart Cold Wallets, can be backed up and restored by the clients without the involvement of Liminal or other proprietary software.

Liminal’s Smart Cold Wallet Solution

Smart Cold Wallets is Liminal’s cold storage solution for enterprises, family offices, and others to safeguard their crypto assets. Using a combination of manual and automated processes, the Smart Cold Wallets infrastructure allows secure and efficient storage and handling of crypto assets as per the user’s requirements. In an enterprise wallet infrastructure, the Smart Cold Wallets create a secure channel through which platforms can seamlessly transfer funds from their cold wallets to warm and/or hot wallets in a controlled environment with minimal human intervention.

The Smart Cold Wallets solution uses the tried and tested multisig wallets to store funds while offering its users the liberty to choose the number of trusted signing parties as well as desired policies for transaction execution. During transactions, once all the predefined criteria are met, Liminal Signer signs off the transaction with one of the keys assigned to it by the user. Following the Liminal system’s signature, the movement of crypto assets from the cold wallet to the destination wallet will be initiated.

To make the process easier, the Liminal Smart Cold Wallets solution is accompanied by an intuitive, user-friendly interface for setup and transaction execution processes.

Setting Up Liminal’s Smart Cold Wallets

All Liminal Cold Wallets are multisig in nature, requiring at least two users to manually authorize transactions. The setup process starts with the user choosing the key configuration, including the total number of keys as well as the minimum number of signatures required to process transactions. In addition to the key holders, Liminal will be one of the signatories to the transactions processed over the Smart Cold Wallets ecosystem to ensure compliance with the policies declared by the user.

Key Configuration on Multisig Liminal Smart Cold Wallets

First Key — The first key is Liminal Key from HSM with policy check and automated signing capabilities. The key is part of the Liminal Signer, which submits the final signature to the transaction upon satisfying compliance with the pre-set conditions.

Client Keys — All keys apart from the Liminal Key are part of the client’s trusted group network, which is authorized to initiate and sign transactions. A minimum of two signing authorities must be declared during the setup process, with no upper limit. The client key will be part of a consumer HSM like Trezor or Ledger.

Signing Transactions on Liminal Smart Cold Wallets

All transactions from Liminal Smart Cold Wallets will be processed as per the policies declared by the user during setup. Whenever a user wishes to initiate a transaction, they must first enter transaction details on the dashboard. The Liminal system matches the details with the existing user policy declared at the time of setup. Once found in compliance with the particulars, including the transaction limit, the whitelisting status of the recipient wallet address, etc., the user will be allowed to proceed with the transaction.

In the next step, the user will sign the transaction with their hardware wallet. Following the initial signature, all the members of the wallet group authorized to sign transactions will receive an alert over email and SMS prompting them to sign the transaction.

Upon receiving the alert, other key holders must sign the transaction using their hardware wallets to reach the minimum threshold signatures as configured during the initial setup. Once the signature threshold is reached, Liminal Signer checks for the policy.

If all the policy requirements are met, then Liminal Signer will automatically sign the transaction with the key associated with Liminal HSM and broadcast the transaction. Following the last step, the transfer of funds from the Liminal Cold Wallet to the whitelisted recipient wallet will be executed.

The Liminal Gas algorithm continues to monitor the transaction status until it is successful. If the transaction gets stuck due to inadequate gas fees, the algorithm will automatically reattempt the transaction with updated transaction fees. The process will continue at predefined intervals based on the blockchain protocol until the transaction is successful.

HSM and Hardware Wallet Support for Convenience and Enhanced Security

The operation of Liminal Smart Cold Wallets, as well as Smart Wallet Refill solutions, relies heavily on the use of HSM-based devices for security and reliability purposes. Apart from Liminal’s HSM, the Smart Cold Wallets’ ecosystem supports leading consumer hardware wallets like Trezor and Ledger, with more devices to be added soon. Unlike conventional cold storage techniques, both hardware wallets provide advanced security for transactions involving Bitcoin and other crypto assets on all popular blockchain protocols.

Trezor allows users to make secure payments without revealing private keys to a potentially compromised machine connected to the internet. Meanwhile, Ledger uses a Secure Element, dual chip technology to protect the private keys from hardware attacks while performing similar functions as Trezor. Both hardware wallets are designed to safeguard the private keys to ensure the safety of funds stored in them.

By encouraging the use of hardware wallets, Liminal ensures its users are always in control of their funds by protecting the wallet’s private keys from ever getting exposed online. During the entire process, Liminal will never have access to the user’s private keys. Meanwhile, the use of HSMs replaces the commonly followed, tedious offline transaction signing process without compromising security.

In offline signing, the user must first create an unsigned transaction on an online machine with the wallet address, amount, and other details in the current state to retrieve the current nonce. The unsigned transaction must be transferred to an “air-gapped” offline machine containing the private key using a QR code or USB drive for signing. Once signed using the private key from the offline wallet, the signed transaction needs to be transferred back to the online device and broadcast on the blockchain. With hardware wallets, the advanced tamper-proof security features along with secure random key generation capabilities of HSM allow them to create, store and sign transactions in a very robust and secure environment.

Liminal Gas Station for Transaction Confirmation Guarantees

Ethereum continues to be the most widely used blockchain protocol, playing host to thousands of decentralized applications. The prolific Ethereum ecosystem, driven by native ETH cryptocurrency and other utility tokens, makes it one of the must-support protocols in any blockchain solutions ecosystem, including Liminal.

While Ethereum solves the Security and Decentralization parts of the blockchain trilemma, scalability is not one of its strong suits, at least until now. The collateral damage of the scalability problem is unstable, ever-increasing gas fees. While the Ethereum network continues working on addressing this issue, Ethereum Improvement Protocol (EIP) — 1559 was introduced as a way to accelerate and incentivize the mining process. Also implemented as part of this proposal is the process of burning base fees in transactions.

The Liminal Gas Station is an innovative feature supporting EIP 1559 that incorporates an internal intelligent algorithm to determine optimum gas fees for immediate transaction execution. With a combination of EIP 1559 formulas and an in-house intelligent algorithm, the Gas Station is designed to continue monitoring the transaction even after it is executed with optimal gas fees until settlement confirmation is obtained.

The algorithm determines the gas fees by comparing the current and previous blocks’ base gas fees along with network traffic trends to determine the ideal fees for quick transaction settlement. If the gas fees suddenly go up due to increased traffic or some other issue, the Gas Station algorithm reattempts the transaction with the same nonce with gas fees adjusted to the new value. The process keeps repeating until met with success. By retaining the same nonce while reattempting transactions, Liminal Gas Station increases the chances of transaction confirmation as at the protocol level, the protocol doesn’t allow the next transaction nonce to get executed until the previous one is executed.

– Seamless ERC20 Transactions

All transactions on the Ethereum protocol incur gas fees to be paid in ETH, which forces the users to maintain small amounts of ETH in their wallets to make transfers. By doing so, they end up scattering their funds across wallets, and at the same time, they have to make sure that their wallets have enough ETH balance for subsequent transactions. Liminal Gas Station completely eliminates this requirement on the users’ part by taking care of the gas fees on their behalf. The additional convenience offered by Gas Station not only frees up time spent on monitoring but also allows the users to make efficient use of every single token in their holdings.

Policy Shield: Liminal Smart Cold Wallets Policies for Enhanced Security and Peace of Mind

Liminal’s Cold Wallets’ policies, a collective part of the Policy Shield, are designed to keep the security of funds in mind while offering adequate flexibility for the users to customize them to meet their platform-specific needs. The policies, once declared during the signup process, will be applicable to all future interactions on the Smart Cold Wallets solution until the client requests modifications. Even the policy modification is carried out only after the user passes a video verification confirming their identity as well as intent.

Transactions Supported only for Whitelisted Addresses

The Whitelist policy governs all transactions executed over the Liminal Smart Cold Wallets ecosystem. Users should submit the wallet address to which they wish to initiate a transaction from the Liminal Cold Wallet. Once the address is submitted to the whitelist, it needs to be confirmed by all key holders as per the wallet configuration. The submitted wallet addresses will be included in the whitelist only after the necessary threshold signatures are reached. The wallet members sign their consent for whitelisting wallet addresses using their hardware wallets.

Users can send funds from their Cold Wallet only to those addresses that are whitelisted as per the policy. Attempts to transfer funds to any non-whitelisted wallet will be rejected during the policy check, and Liminal Signer won’t sign those transactions. The policy is in place to ensure that users do not send funds to any unknown wallet by mistake. It also prevents any chance of unauthorized transactions from being initiated by one rogue member of the trusted group, which may go unnoticed and signed by other keyholders.

Spending and Transaction Limits

The Spending Limit and Transaction Limit features in Liminal’s Smart Cold Wallets solution are yet another safeguard serving the clients’ interests. Users can declare the maximum amount that can be transferred to a particular wallet address during a specific time frame under the Spending Limit field. Similarly, the Transaction Limit field allows users to declare the amount that can be sent per particular transaction from the Cold Wallet. These limits help platforms manage their funds while ensuring excess funds aren’t transferred to any wallet either deliberately or due to oversight.

How do Enterprises Benefit from Smart Cold Wallets Solution?

Liminal’s Smart Cold Wallets Solution helps crypto businesses create a secure channel to initiate transactions from their cold wallets. The use of reliable multisig wallets with HSM support provides additional layers of security, which is only enhanced by stringent Smart Cold Wallets policies. The external signing authority of Liminal Signer, which executes transactions only to whitelisted addresses only after verifying compliance with current policies, ensures that no unauthorized transactions can be initiated from cold wallets that are part of a more comprehensive wallet infrastructure implemented in the organization.

Apart from making the entire process of storing and transacting crypto assets from cold wallets easier, the Liminal Smart Cold Wallet is designed to work seamlessly with other Liminal products, including the Smart Wallet Refills, to provide an end-to-end crypto asset custody and management solution.

Want to know more about Liminal’s Smart Cold Wallets Solution? Fill out this form to schedule a demo or get in touch with our team for more information.

Learn more about Liminal here.

Do not forget to follow our blog and social media channels to keep yourself updated.

More on Crypto

Digital Asset markets have taken a giant leap ever since their categorization from purely being a volatile alternate investment asset to now being a robust and regulated asset class. 

The journey of digital assets, most significantly that of blue-chip tokens like Bitcoin and Ethereum, has been nothing short of a protagonist in the fight against traditional financial systems, investment avenues, and age-old yield mechanisms. 

However, it was only after the introduction of regulation for these digital assets that they garnered huge institutional interest, pushing the scale of adoption and inviting the likes of family offices to partake in the “coming of age” story of investing in digital assets. 

In the underlying characterization of digital assets as the next best portfolio addition for institutional investors, with a significant boost kicking in after the launch of Bitcoin ETFs(with Ethereum ETFs also on their way), there are still reservations as to how to go about tackling the security, custody, and management challenges that come with them. 

To discuss how current market conditions are driving family offices to embrace portfolio diversification strategies that include allocating funds to digital assets, we dive deep into the intricacies of digital asset custody

Challenges In Secure Digital Asset Investing For Family Offices 

Family offices, traditionally known for their conservative investing approach, sit in the middle of the institutional investors’ branch, bringing untapped liquidity into the market. Conventionally, family offices used to rely only on safer investment bets to accrue value for their investments, but now they are increasingly dipping their toes into the dynamic world of digital assets. 

Despite the potential for high returns, family offices have historically faced significant challenges when considering digital assets as an investment class. Factors such as market volatility, regulatory uncertainty, and the need for established custody solutions have deterred many from fully embracing digital assets.

Talking about the key hurdles family offices face in navigating this exciting but complex landscape, here are some top-of-the-line challenges for them:

  1. Security Concerns: The nascent nature of digital assets presents unique security risks. Hacking, scams, and volatile markets can threaten portfolio stability. Family offices need robust custody solutions, advanced cybersecurity measures, and comprehensive risk management strategies to mitigate these threats.
  2. Regulatory Uncertainty: The regulatory landscape surrounding digital assets is still evolving, creating uncertainty and compliance hurdles. Family offices must stay updated on changing regulations and navigate complex compliance requirements across jurisdictions.
  3. Limited Expertise: Building internal expertise in digital assets can be time-consuming and expensive. Family offices often need more in-house knowledge and resources to properly evaluate, manage, and secure their digital asset investments.
  4. Lack of Infrastructure: Integrating digital assets into existing portfolio management systems can take time and effort. Family offices need secure and reliable infrastructure to seamlessly store, manage, track, and report on their digital asset holdings.
  5. Complex Valuation: Accurately valuing digital assets can be difficult due to their volatility and lack of standardized methodologies. Family offices need robust valuation frameworks and access to reliable market data to make informed investment decisions.

Enabling Family Offices to overcome challenges in digital asset custody

The promise of digital assets is undeniable, yet the hurdles for family offices can seem daunting. 

Overcoming the challenges mentioned above and finding the best probable solutions for them becomes a hardcore reality that must be dealt with utmost precision. 

At Liminal, we work extensively with institutions looking to go one step beyond simply investing in digital assets and look to operate them securely under all circumstances. The same logic applies to family offices as well. 

In our pursuit of building such a robust infrastructure solution, tailored to address the challenges faced by family offices fully and to empower them in their journey to moving to a new asset class for investment, we have created a comprehensive custody solution, integrated best-in-class security protocols and provide real-time monitoring and risk management services to proactively identify and mitigate potential threats, giving family offices peace of mind knowing their assets are secure.

  1. Security Concerns:

Fortress-grade custody: We leverage multi-sig and MPC wallets, leading asset-to-insurance ratios, and bank-grade security protocols to ensure the safety of your assets. Our CCSS Level-3 certification and FIPS-compliant hardware devices go the extra mile, minimizing security risks and providing unmatched peace of mind.

Advanced Cybersecurity Measures: Our vigilant team constantly employs 24/7 SOC monitoring, strict access controls, and penetration testing to identify and mitigate potential threats.

Comprehensive Risk Management: Our experts help you create and implement tailored risk management strategies, considering internal vulnerabilities, market fluctuations, and evolving threats.

  1. Regulatory Uncertainty:

Staying Ahead of the Curve: We have a dedicated team of compliance experts who stay abreast of evolving regulations worldwide. We integrate crucial compliance monitoring in our solutions such as KYC/KYB, AML, and Travel Rule checks, to help navigate complexities across jurisdictions and proactively adapt our services to ensure your portfolio remains compliant.

Streamlined Reporting: Our platform generates comprehensive compliance reports automatically, saving you time and resources while ensuring transparency and regulatory adherence.

Regulatory Partnerships: We actively engage with regulatory bodies and industry leaders 

to become accredited custodians. Currently, we hold a TCSP license in Hong Kong and have also received an IPA from ADGM for an FSP license for our Abu Dhabi entity. 

  1. Limited Expertise:

Your Digital Asset Knowledge Hub: Our team of seasoned custody, compliance, wallet, and security professionals offers expert guidance on evaluating, managing, and securing your digital asset investments. We share industry insights, educational resources, and ongoing support to enhance your knowledge base.

Dedicated Account Management: A dedicated account manager serves as your point of contact, providing personalized guidance and support tailored to your specific needs and goals.

Extensive Resource Library: Access easy onboarding docs, a curated developer section, seamless user-guiding workflow, and trending topic discussions through webinars, research whitepapers, and market reports to build your understanding of digital assets and make informed investment decisions.

  1. Lack of Infrastructure:

Seamless Integration: Our API library, Liminal Express, seamlessly integrates with your existing portfolio management systems, creating a smooth and efficient workflow for managing your digital assets.

Secure Storage and Management: We provide institutional-grade hot and cold wallets for self and managed custody infrastructure, eliminating the need to build or manage complex systems.

Automated Workflows: Streamline recurring tasks and automate key processes with our automation engine, with powerful functionalities like smart refill wallet, smart consolidation, and auto-sweep, enhancing efficiency and reducing operational burdens.

  1. Complex Valuation:

Reliable Data and Valuation Tools: We offer access to trusted market data providers and valuation tools tailored for digital assets, enabling you to make informed investment decisions based on accurate assessments.

Insurance-as-a-Service: We have collaborated with Costero brokers to provide the best possible insurance to our clients that covers their entire portfolio at the best market price. 

Asset segregation and transparency: We deploy segregated accounts, succession planning, and no rehypothecation of assets to allow family offices to maximize transparency and access. 

Embracing the Future Of Family Office Investing 

The future of wealth management includes digital assets. Family offices are actively exploring this burgeoning space, recognizing the potential for diversification and growth. Liminal Custody stands as your trusted partner in this journey. As a regulated custodian, we offer best-in-class security, industry-leading compliance solutions, and a dedicated team of experts, empowering you to invest in digital assets confidently.

Let Liminal Custody guide you through the process, making the path towards secure and compliant digital asset investment smooth and efficient. Contact us today and explore the new frontier of wealth management

Remember, while the potential is promising, navigating the digital asset landscape requires careful planning and collaboration with trusted partners. Liminal Custody is here to equip you with the knowledge and resources to succeed.

February 23, 2024

As we continue constructing a fully regulated digital asset custody platform, ensuring secure storage for both crypto and fiat assets remains a critical priority. 

To facilitate the last checkpoint of enabling institutions to convert their digital asset treasury into fiat currency, we’re expanding beyond pure wallet infrastructure and integrating seamless fiat off-ramp capabilities for our partners.

We’re thrilled to announce our partnership with Encryptus, licensed and compliant off-ramp solutions tailored for institutional clients. This collaboration elevates Liminal’s service offerings by empowering our partners to convert their digital asset treasuries into fiat currencies efficiently.

Integrating A Seamless Off-Ramp Solution

The digital asset ecosystem historically faced friction points when transitioning between fiat and cryptocurrencies. Off-ramp solutions address this pain point by enabling efficient and streamlined conversion between asset classes, minimising value loss and simplifying compliance processes.

Here’s how off-ramp changes the game:

  • Reduced Friction: Frictionless conversion minimises delays and operational complexities associated with traditional fiat-crypto exchange methods.
  • Enhanced Efficiency: Streamlined workflows expedite asset conversion, increasing speed and cost-effectiveness for institutional and individual users.
  • Optimised Value Preservation: Advanced off-ramp solutions prioritise minimising price slippage and value loss during conversion, protecting user portfolios.
  • Simplified Compliance: Integrated compliance features navigate regulatory complexities, ensuring adherence to relevant financial regulations.

With our partnership with Encryptus, we have embedded their institutional-grade APIs, connecting their off-ramp solution within Liminal’s wallet and custody platform. 

This integration simplifies our clients’ liquidation requirements while keeping their assets secure and more:

  • Effortless Digital Asset to Fiat Conversion: Our partners will be able to access treasury management and facilitate business payments in 54 countries and individual payments in an extensive network of 80+ countries.
  • Streamlined Compliance and Regulation: Our partners will be able to leverage Encryptus’s rigorous licensing and compliance framework, ensuring adherence to stringent financial regulations.
  • Enhanced Platform Value: We will be able to expand the functionality of the Liminal custody solution, attracting institutional users seeking comprehensive digital asset management capabilities.

Moving Towards A Robust Off-Ramp Partnership With Encryptus

The partnership between Liminal and Encryptus earmarks a significant step forward in secure digital asset custody, representing a shared commitment to pushing compliant practices while supplying institutions with easy access to convert their digital assets to fiat. 

For Encryptus, the opportunity to integrate with Liminal’s established platform presents a chance to reach a wider audience and scale their innovative off-ramp solutions to new heights. By streamlining fiat conversion within Liminal’s secure custody infrastructure, Encryptus gains access to a trusted network of institutional users seeking seamless and compliant treasury management.

For Liminal, this collaboration reinforces our dedication to partnering with companies that demonstrably prioritise clear governance and robust policy frameworks. By aligning with Encryptus’s stringent compliance standards, we reaffirm our commitment to building a secure and sustainable future for digital assets, where trust and regulatory certainty go hand-in-hand.

January 22, 2024

Hello world, it’s that time of the month when we share the biggest security breaches in the world of Web3 through our Security and Regulatory Newsletter. 

Liminal believes in optimizing security and custody practices globally across the Web3 industry. Through our Newsletter, we highlight security, regulations, and compliance incidents that have happened in the past month and how one can follow better Security practices to safeguard their digital assets. 

We will also highlight regulatory changes that might have happened globally, which were significant to the overall ecosystem.

Dive in and get a detailed analysis of everything security and regulation in the domain of web3 with Liminal’s Monthly Security and Regulatory Newsletter.

Web3 Security Compromises in January

Abracadabra exploited for almost $6.5 million, Magic Internet Money stablecoin depegs

The Magic Internet Money ($MIM) stablecoin has lost its dollar peg again, dipping all the way below $0.77 in a flash crash before returning to around $0.95.

The depeg appears to be related to an exploit of the Abracadabra lending protocol, which allows people to borrow $MIM. An attacker exploited an apparent flaw in the platform’s smart contracts to drain around $6.5 million.

Goledo Finance hacked for $1.7 million

Goledo Finance, an Aave-based lending protocol, was exploited through a flash loan attack. The attacker stole assets estimated by CertiK to be around $1.7 million.

Goledo Finance contacted the attacker to offer a 10% “bounty” for the return of the remaining assets. In a message on January 29, the attacker wrote: “I hacked Goledo and want to negotiate.”

Socket service and its Bungee bridge suffer $3.3 million theft

The Socket cross-chain infrastructure protocol was hacked for around $3.3 million in an attack that exploited its Bungee bridge. The thieves were able to exploit a bug that allowed them to take assets from those who had approved a portion of the system called SocketGateway.

A little over 700 victims were affected, and the highest loss from a single wallet was around $657,000. 121 wallets lost assets priced at more than $10,000.

On January 23, the protocol announced they had recovered 1,032 ETH (~$2.23 million) of the stolen funds.

Web3 Regulatory Practices for January

The EU Imposes Stricter Due Diligence Rules for Crypto Firms

On Jan. 17, the European Council and the Parliament came to a provisional agreement on parts of the Anti-Money Laundering Regulation (AMLR) that now extends to the crypto sector.

Under the new rules, cryptocurrency firms will be required to run due diligence on their customers involving a transaction amounting to €1,000 ($1,090) or more. 

However, the agreement isn’t final yet as it has to be first officially adopted by the Council and Parliament before the rules can be applied.

So, after the EU passed its landmark MiCA regulation last year, which clarified rules about cryptocurrencies, regulators are now targeting the space with tighter controls. 

While these regulations bolster security and trust in the crypto market, potentially attracting more cautious investors and combating financial crimes, they also present challenges. 

The US State of Virginia Introduces Digital Assets Mining Rights

Recently, the Virginia State Senate introduced Bill No. 339, which outlines regulations for the transactions and mining of digital assets and their treatment under tax laws. 

The legislation exempts individuals and businesses engaged in crypto mining activities from obtaining money transmitter licenses. Additionally, it protects miners from any discrimination. 

Issuers and sellers of crypto are also exempted from securities registration requirements if certain conditions are met. Moreover, those offering mining or staking services are not to be classified as “financial investment” but must file a notice to qualify for the exemption.

The bill further incentivizes crypto’s use for everyday transactions by offering tax benefits. Under this, up to $200 per transaction can be excluded from an individual’s net capital gains or gains derived from using crypto to purchase goods or services, starting from Jan. 1, 2024.

Key Takeaways:

  • Hackers continue to exploit vulnerabilities in DeFi protocols and cross-chain bridges, highlighting the need for robust security measures.
  • Regulatory frameworks are evolving rapidly, with stricter AML rules and supportive legislation for emerging technologies like crypto mining.
  • Staying informed about these developments is crucial for navigating the digital assets market safely and responsibly.

Stay #LiminalSecure

These events highlight the constant evolution of Web3 security and regulation. You can confidently navigate this dynamic landscape by staying informed and prioritizing security best practices. 

At Liminal, we’re committed to empowering institutions to unlock the full potential of digital assets without compromising security or compliance norms with our robust custody and wallet infrastructure solutions. Join us on this journey towards a safer, more accessible future for digital assets.

January 15, 2024

Find Out How You Can Benefit From A Fully Self-Custodial Wallet Architecture