The Risk of Holding Your Investors’ Private Keys

March 19, 2015

Imagine that you’re a wealth manager or a fund investor, and you just raised a $100 million fund with the promise of hefty returns.  You relish the moment as your investors stop by to drop off pallets of physical cash in your offices.  Once you have all the cash, you take great care to mark each bill, putting them in plastic envelopes (so they are mostly water proof), and then you transport them to a safety deposit box or lock them in a cabinet in your offices.  Every time you make an investment or a payout to your investors, you go to your storage location and remove physical cash in order to make a payout.  You pay for guards, surveillance, armored trucks, myriad security precautions, sparing no expense.  Everything is great until one day an unforeseen event occurs and the cash is lost.

This scenario should sound crazy. A prudent institution would keep the money in an FDIC-insured bank (or banks) and use the banking rails for transmitting value instead of physical cash.  It’s simply a more secure way — anything else would just seem reckless.  Further, in the event of a loss of the cash, the question would be asked why the better alternative wasn’t pursued, raising questions about judgment, fiduciary duties, and liability.

Amazingly, many institutions follow an analogous practice with respect to bitcoins. Using storage techniques like paper wallets or printed key back-ups, as required by certain storage solutions, is akin to managing a large swath of physical cash.  In actuality, attempting these methods of bitcoin storage is worse than the cash example, since private keys must be transmitted electronically at various points in the process and are thus vulnerable not only to physical theft, but also to theft online.  Like cash, the tangible wallet or printed back-up keys are also subject to potential theft during transportation or even while in storage.

Just like leveraging the security and insurance of banks for storing or transmitting cash, attempting to manage or even briefly touch private keys when a better option exists could be viewed as reckless and potentially result in personal liability in the event of a loss. In order to avoid this, a prudent fiduciary should 1) use a vetted and insured storage provider that specializes in security and 2) make sure that such solution never requires a fund or manager  to be responsible for private key creation or storage.

Xapo’s security architecture, products and services were all built with these concerns in mind. Xapo’s vault uses private keys that never touch the the client or the internet and are buried deep within geographically dispersed heavily guarded locations that leverage multi-signature technology for transaction signing.  Our processes have been rigorously penetration tested and successfully passed a SOC2 audit in August 2014 — the first of its kind.  Our customized security protocols further reduce the likelihood of theft through social engineering, phishing or brute force hacks.  Finally, in the unlikely event of a loss, the bitcoins held in Xapo’s vault are fully insured and Xapo is fully responsible.

Trust the bitcoin custodian used by top global hedge funds, venture capital, family offices and exchanges. Protect your bitcoins with Xapo.

Ted Rogers

By Chief Strategy Officer


Article published on March 19, 2015

, , , , , ,

Xapo regulatory status in Switzerland

Three years ago, Xapo set out to determine the optimal jurisdiction from which to serve non-U.S. customers.  Our research ultimately identified Switzerland as the ideal jurisdiction, as explained in a May 2015 blog post. We are happy to announce that, after almost two years of substantial effort and investment, Xapo has received conditional approval from…

By Wences Casares

What would happen if Xapo got hacked

In light of the Bitfinex hack, we have been asked multiple times, “What happens if Xapo gets hacked?” This is the answer. TL;DR: If Xapo’s hot wallet were hacked, Xapo would cover the loss from its own reserve of bitcoins. Less than 3% of bitcoins are kept in our hot wallet, so our bitcoin reserve would…

By Wences Casares

Xapo joins in with industry leaders to support BIP101

Our community stands at a crossroads. The debate about which path to take has, by and large, been a healthy one, and we have not interposed our own positions or interfered in the discourse. Until today, our involvement has consisted of listening, researching and testing. We believe that work is complete, and it is time…

By Xapo Press