We have been witnessing the rising crypto adoption, which has created an increased demand for crypto exchanges and trading platforms, enabling them to handle record volumes. The increasing volumes and gradually appreciating value of these assets make crypto platforms attractive targets for cybercriminals.
Having recognized the constant threat they are always under, crypto exchanges and trading platforms are increasingly focusing on security. However, increased security comes with a trade-off, which is convenience. One such convenience is the ability to support quick transfers, which is important for traders as well as regular crypto users. As a result, the platforms have taken a balanced approach by setting up a combination of hot and cold wallets as part of their infrastructure.
Cold wallets are the most secure crypto storage solution, completely isolated from the internet only to connect momentarily whenever a transaction has to be made. Whereas hot wallets always remain online to enable nearly instantaneous transactions. The design of hot wallets makes them vulnerable to a range of cyber threats, which, if exploited, can result in the loss of funds stored in them. As a result, platforms tend to use elaborate measures to limit the funds available in those wallets at any time without impacting the operations.
Read more about Hot and Cold Wallets.
How are Hot Wallets Secured?
Today, most platforms maintain no more than 5% of the total funds in their custody on hot wallets, the remaining will be securely held in cold wallets. They organize wallet refill teams to maintain a constant supply of funds to cater to user demands. The wallet refill team’s job is to monitor the liquidity in hot wallets and replenish it whenever the levels fall below a certain threshold. They usually have complete access to the hot wallets as well as intermediary warm wallets used to replenish the hot wallets to maintain liquidity levels. Meanwhile, the top executives and other trusted parties control the cold wallets used to secure most of the platform’s assets. Warm wallets usually receive funds from the cold wallets, while in some cases, the platform may also choose to divert a portion of received user deposits directly to these warm wallets as well.
Additional Vulnerabilities in the Name of Security
The practice of maintaining limited reserves in the hot wallet requires the wallet refill team to constantly monitor the liquidity levels. Further, the volatility associated with the crypto markets makes it virtually impossible to predict withdrawal demands from the users, thereby forcing the refill teams to be always on their toes. They should be prepared to execute transfers from warm wallets to hot wallets as and when the liquidity reduces below the designated threshold.
The number of hot wallets and associated warm and cold wallets are usually proportional to the total number of assets supported by the platform. Maintaining them requires a significantly large refill team, amounting to exorbitant operational costs and manpower that could be otherwise put to use for other purposes.
A large team also gives rise to additional risk in the form of human errors, maleficence, and greed. The more people managing a handful of wallets, the lesser their accountability will be, especially with the circumstances that at many times may require access credentials and private keys to be shared with multiple people. Such practices also make the team members susceptible to hacking and phishing attacks that could lead to compromised credentials or confidential information.
So, in a nutshell, the current safeguards in place to mitigate the hot wallet-associated risks themselves end up introducing more vulnerabilities to the platform.
Need for an Economical, Safer Alternative
The straightforward method to further enhance the safety of assets across any crypto platform’s wallet infrastructure is by implementing advanced security features while reducing human involvement to a bare minimum. This goal can be achieved to a great extent by automating the hot wallet refill process. However, such automation solutions should also enable platforms to maintain complete control over the system at all times, allowing for manual interventions and changes in parameters as and when needed.
The need for the hour is an automated, secure hot wallet management solution that doesn’t compromise on the platform’s autonomy. Liminal has answered the call for such a solution with the Smart Refill.
How does Liminal Smart Refill help?
The highly customizable Liminal Smart Refill solution for hot wallet management supports ready integration into a platform’s existing wallet infrastructure. Liminal’s Smart Refill Wallet takes the place of a warm wallet to constantly monitor and conduct periodic refills according to parameters set by the platform’s refill policies.
Advantages of using Liminal Smart Refill Solution for the platforms include:
- Enhanced Security
The Liminal Smart Refill solution makes use of multisig Smart Refill Wallets enabling the platforms to assign transaction signing credentials to multiple people to ensure redundancy of operations. The involvement of multiple people in authorizing transactions enhances accountability, eliminates single points of failure arising due to compromised private keys, and ensures continuity of operations even in the absence of one or more key holders.
The transaction signing process is carried out in batches known as Refill Ceremony. The authorized signatories can pre-sign refill transactions with their HSM-enabled devices in advance at their convenience. The compulsory use of hardware wallets for signing provides additional security, while the Refill Ceremony reduces the possibility of all the associated keys simultaneously getting exposed at any given time. Meanwhile, the Smart Refill Wallet retains one signature to be used to complete the signing process only at the time of refill.
Further, each Smart Refill Wallet is exclusively paired to one hot wallet through a whitelisting process. It effectively eliminates the possibility of fund transfers to any other wallet apart from the one confirmed to be owned and operated by the platform.
- Seamless, Uninterrupted Refill Process
The Smart Refill Wallets operate based on the refill parameters specified in advance by the platform. Whenever the conditions in terms of refill frequency or minimum wallet liquidity threshold value match the declared parameters, the Smart Refill process will be initiated automatically.
Using intelligent algorithms, the Smart Refill Wallet guarantees on-time refill transaction confirmation by setting optimal gas fees and initiating follow-up attempts whenever necessary. It keeps the wallet management team constantly updated with alerts regarding the hot wallet status and actions initiated by the Liminal Smart Refill solution. If the hot wallet balance were to fall below the threshold while the Smart Refill Wallet is in the middle of a cooldown phase, the system would alert the team to initiate a one-time manual override to initiate a forced refill.
- Flexibility and Control
The Liminal Smart Refill solution is a Plug-and-Play solution that requires minimal changes to existing wallet infrastructure and operational workflow. As a highly customizable solution, it allows the platforms to set refill parameters in accordance with their refill policy. The refill settings, once in place, can be updated at any time by the administrator after completing certain security verification steps.
The manual override option ensures that the operator is always in control of the automated wallet refill solution as well as the funds handled by the Smart Refill Wallet.
- Efficient Use of Resources
Apart from reducing the manpower requirements for hot wallet refills using Smart Refill Wallets, Liminal also encourages efficient utilization of funds by the platform. The Smart Refill Wallets don’t require the entire liquidity matching the value of pre-signed transactions to be locked on the platform. Instead, platforms can ensure the availability of sufficient liquidity to satisfy immediate refill needs and put the rest of EVM-based assets to other uses.
Alternatively, platforms can also choose to divert a portion of the funds received in their deposit wallets to fund the Smart Refill Wallet instead of accessing cold wallets for liquidity. Such a practice will introduce some sort of predictability in terms of funds availability, reduce the number of transactions from cold wallets and help in decision-making processes.
Make Your Operations Stress-Free
The Liminal Smart Wallet Refill solution provides a safer and more efficient automation solution for crypto platforms to improve their operations. By minimizing manual intervention in the wallet refill process and implementing additional layers of security without many changes to the existing infrastructure. With Liminal’s solution in place, they can carry on with their business as usual while pocketing some extra change in the form of savings.
To know more, click here.
Follow us on Medium and on our social media channels to keep yourself updated.