Institutional Custody Will Challenge Retail-Oriented Crypto

The bearer nature of digital assets presents challenges to institutions getting into crypto. The need for greater security will likely impact the whole industry.

AccessTimeIconJan 7, 2021 at 4:04 p.m. UTC
Updated Sep 14, 2021 at 10:52 a.m. UTC
AccessTimeIconJan 7, 2021 at 4:04 p.m. UTCUpdated Sep 14, 2021 at 10:52 a.m. UTC
AccessTimeIconJan 7, 2021 at 4:04 p.m. UTCUpdated Sep 14, 2021 at 10:52 a.m. UTC

The institutions are coming. The herd is arriving. Institutional participation in the digital asset market is imminent. 

As this happens, it’s worth considering how the entry of highly regulated financial companies will change the marketplace infrastructure for crypto, which, until now, has been largely oriented to retail investors. Institutions will have different and higher requirements across the transaction chain, notably in the custody of digital assets. 

Phil Mochan is the co-founder and head of Strategy & Corporate Development at Koine, an international digital assets custody and settlement platform.

Digital assets are bearer assets, raising implications for trading and safeguarding, and surfacing considerations for institutional asset managers looking to allocate capital to a digital asset fund.

Bearer assets

With a bearer asset, ownership is determined by possession alone. If I hold a $10 note, it’s mine. If I hold a $300 million bearer bond, it’s mine. In the same way, if I hold a private key to a bitcoin wallet that holds 10 BTC, then it’s mine (probably).  

We say "probably" because most bearer instruments are difficult to copy. Various counterfeiting measures have been built into them such as serial numbers, holographic images, stamps, ultraviolet threads etc. A private key for a bitcoin wallet, on the other hand, is simply a string of 32 alpha-numeric characters that can be copied with a pencil, an iPhone camera or a good memory. A $10 note would have to be stolen to be usable, whereas a bitcoin private key can simply be copied. 

Private keys are therefore the most vulnerable form of bearer asset, and once they have been exposed to a human, it is impossible to prove unique ownership. They may have been copied and there will be no record of the copy having been made. 

One very large crypto fund revealed to me that it holds the private key across three bits of paper, held by three individuals.

The safeguarding of these private keys thus becomes a critical issue for digital assets. The original design for a blockchain record of assets is based around a wallet model. The use of the word wallet indicates the security issue. In practical terms, why would you want to store more value in a digital wallet when you would feel comfortable in a physical wallet? Owners may feel that they have cryptographic security, but do they have physical security?  

There are numerous examples of people who have been robbed of their digital assets under physical threat. It may be a shock to learn that one very large crypto fund revealed to me that it holds the private key across three bits of paper, held by three individuals. I advised them that for their personal safety never to reveal their methodology again to another person. To illustrate how unsafe, it is perhaps sufficient to say that crypto exchanges in aggregate lose the entire contents of their hot wallets roughly every six months.

Various technical solutions have emerged with the objective of making the wallet more secure, including MPC technology. But while reducing the risks (supposedly), these fundamentally don’t address the nature of the risk. Robbing $1 billion from a bank remains a high-cost, high-risk exercise. Robbing a bitcoin owner with $1 billion held in a personal wallet is significantly easier and with much lower risk. 

Industry implications

The first implication for safeguarding is that the wallet model is inadequate for high value (>$1,000). Its design and architecture leave it too vulnerable, and no technological improvements, however innovative, will ever resolve this challenge. “Better” is never going to be “sufficient.” 

One alternative model is the account structure where a trusted third party takes control of the assets and separates the authorization processes from the private key management. This is how a bank works and it requires trust, regulation and governance, most of which are anathema to the progenitors of the cryptocurrency world.  

The second problem arising from the bearer nature of digital assets is proving unique ownership. The only solution is to ensure (and prove) that no humans ever come into contact with a private key. Given that cold stores (the most common form of long-term storage for digital assets) require humans to move assets across the air gap (with the commensurate risk of collusion and poor scalability) it would seem such solutions are unacceptable. 

A third issue relates to regulatory rules around bearer instruments (which vary by country). In the U.S., any fund of more than $150 million in size is obliged to "dematerialize" bearer assets and record them on a register of ownership maintained by a custodian. This is why nearly all traded bearer assets are dematerialized onto electronic registers normally held by regulated depositories whose records are legally deemed the "truth." 

Given these rules and existing models, it is therefore likely that all digital assets would be similarly dematerialized, in this case onto a digital ledger (not for operational reasons likely to be a blockchain) with ownership rights attached, in order to fulfill existing regulations.  

Just the beginning

The institutionalization of the digital asset trading environment is just beginning. The next couple of years will determine whether we have an efficient unitary solution such as for the bond markets, or a more fragmented approach such as exists with the FX markets. 

There will be a shift from crypto evangelism to capital market pragmatism.

DBS, Standard Chartered and Northern Trust have already launched in-house custody solutions, with the larger banks still considering their options. Should a group of four or five coalesce around a core infrastructure in 2021, the market is likely to develop more rapidly, and the high-frequency trading funds will drive volumes by many multiples. 

For the existing mainly retail exchanges, such as Binance and Coinbase, catering to institutions will require a considerable transformation. The changes might rapidly overwhelm some of them because their technologies are mostly unsuited to the behaviors of high-frequency traders.  

As the ratio of spot to derivatives is low, the cash-settled derivatives exchanges appear to have the most to gain if they can become institutionally compliant, accessible and cost-effective.

There will be a shift from crypto evangelism to capital market pragmatism, and the anticipated mass adoption of blockchains will become more grounded in operational reality. Capital markets infrastructure will lead that realignment.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.

Read more about