Security Standard Proposed for Bitcoin Exchanges and Wallets

The Cryptocurrency Security Standard draft proposal calls for 10 standardized approaches to bitcoin security.

AccessTimeIconFeb 17, 2015 at 11:30 p.m. UTC
Updated Sep 11, 2021 at 11:33 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

A group composed of developers and security professionals has proposed a set of rules aimed at standardizing security protocols used by companies that handle or store digital currencies for their clients.

The proposal, created by the Cryptocurrency Certification Consortium (C4) and formally unveiled on 11th February during the DevCore bitcoin development conference in Boston, Massachusetts, aims to provide an industry-level standard by which exchanges and wallet providers can operate.

The Cryptocurrency Security Standard (CCSS) draft proposal calls for 10 standardized approaches to key and seed generation, storage and usage, proof-of-reserve and security audits, among other areas. The framework consists of three levels per section, with each grade signifying a higher degree of security based on the proposed guidelines.

C4 offers a bitcoin-focused professional certification test and its board includes Canada-based Bitcoinsultants founder Michael Perklin, Ethereum creator Vitalik Buterin, CryptAcademy founder Russell Verbeeten and Coindroids co-founder Joshua McDougall.

In conversation with CoinDesk, Perklin said that a number of companies in the bitcoin space, including many of those that work with bitcoin security firm BitGo, have expressed active interest in the standards. The proposal was developed in partnership with BitGo, with support provided by wallet service provider Armory.

He said the proposed standard can help set a baseline of security protocols for exchanges at risk of theft or fraud, explaining:

"Up until now, our cryptocurrency industry hasn’t had a similar standard for how to secure cryptocurrencies. Every company has had to sort of 'go it alone' and do what they think is best with respect to securing their funds – and their customers’ funds– which has lead to some good success stories, but also some spectacular failure stories."

An aid for regulators

The release of the proposal comes as governments in countries around the world continue to debate the future of cryptocurrencies.

Perklin said he expects regulators to support standards as they discuss or develop frameworks for cryptocurrencies, particularly among agencies that were prompted to look at the sector after events like the failure of the now-defunct bitcoin exchange Mt Gox.

At the same time, Perklin questioned whether governments are ready to begin regulating bitcoin in the first place, instead advocating for the industry itself to develop solutions that work.

"It’s one thing for government to mandate that the cryptocurrency industry take care when securing the public’s funds," he said. "But frankly they’re still scrambling to learn about cryptocurrencies in the first place."

Looking ahead

According to Perklin, the next steps for the CCSS will consist of reviewing and responding to community feedback, which he has described as both positive and constructive.

He cited the response from wallet and exchange service providers as notable, telling CoinDesk:

"We’ve received emails from principals at major exchanges around the world who have reached out to offer their assistance in fine-tuning the draft to make it even stronger and ensure it acts to raise the bar on actual security rather than offer barriers of entry for compliance."

C4 will soon launch a Lighthouse crowdfunding campaign later this month to raise seed capital to support the ongoing development of the standard, Perklin said.

The full text of the CCSS draft proposal can be found below:


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.