Custody Digital Group Is the Gateway to Digital Asset Finance

On hearing “digital asset infrastructure” most people immediately think of securing and managing cryptographic keys.

This post originally appeared on the IBM Cloud Blog on 11 January 2021. Visit the original post here.

While security is certainly a core part of digital asset management, there’s more to it than that.

At Custody Digital Group, we believe that it’s time to move beyond thinking about the possibilities and focus, instead, on the practicalities. Specifically, how to make participation in the digital asset economy profitable, convenient, and compliant for real organizations.

Working with IBM, we’ve created a digital asset platform grounded in a higher-quality experience for the customer and sophisticated governance and control functions at its center. There are also no compromises on security. Together, we are opening up the world of digital assets to even the most regulated institutions.

From concept to reality

Traditional financial institutions are accustomed to the custody of financial assets — they’ve developed mature processes and controls to safeguard and administer these assets. When it comes to their digital equivalents, however, a one-to-one mapping of these processes and controls isn’t possible.

As a result, organizations plotting their entry into the digital asset economy are left asking questions:

• How do I incorporate them into my balance sheet?
• What does it mean if my corporate treasury is now partly based on cryptocurrencies?
• How do I create value from investing in these tokens?

Plus, crucially, “How can I do all these things while remaining compliant with financial regulations?” These questions will only become harder to answer as digital assets diversify, expanding beyond cryptocurrencies as tokenization takes hold.

Moreover, it is essential that financial institutions put safeguards in place to protect against human error, misuse, or lack of oversight. A single mistake could result in the loss of a digital asset, with no easy way to retrieve it.

Many digital asset custody startups are focusing all their attention on cryptographic key security. We wanted to go one step further and provide a digital asset platform that address the gap in the market for comprehensive infrastructure. A platform that offers the front-, middle-, and back-office functionality that makes digital asset management a realistic prospect for mainstream enterprise, financial institutions, and crypto-native industry participants.

Teaming up with IBM

To enable the highest levels of security for Sentry, our digital asset platform, we chose to work with IBM. We opted for Confidential Computing from IBM, underpinned by IBM Cloud Hyper Protect Virtual Servers combined with Hyper Protect Crypto Services, built on FIPS 140–2 Level 4 Hardware Security Modules (HSMs) hosted on IBM LinuxONE servers. Simply put, no other hardware-based cryptography could compete with IBM.

On top of IBM LinuxONE is our proprietary zero-trust network security for microservices and a chain-agnostic security model. The geographically distributed IBM Cloud data centers help to infuse resilience into our platform. The environment offers extremely low latency, supporting sub-50 millisecond transactions for trading and non-trading use cases.

As a startup in a fringe technology sector, we weren’t prepared for the time and attention we received from the IBM team. Compared to other big vendors, their support has been unparalleled. For example, a master architect spent hours explaining the value of the IBM offering to us. Choosing IBM Cloud Hyper Protect Virtual Servers is helping us to achieve short time-to-market and end-to-end product maturity in record time.

Low-risk, high-control

Our custodial platform, Sentry, enables unprecedented control and visibility of digital assets. Using IBM Cloud Hyper Protect DBaaS for PostgreSQL, we’re providing a crypto-asset accounting solution that satisfies granular reporting requirements. For digital asset users with multi-asset exposure, this offers the enhanced level of risk management missing from existing platforms.

Via API, we deliver advanced portfolio management. Our middle-office account management system allows clients to set policies and controls on their assets. They can utilize time locks, per-asset controls, multi-tier accounts, and more to manage complex portfolio requirements and governance structures.​ The immutable audit trail and integrated policy management means that our customers aren’t just protected from external threats, but can closely track the flow of assets within their organization.

We’re now developing a new algorithm called “Confidential Key Construction” (CKC) that’s heavily reliant on the unique capabilities of the IBM platform. The algorithm will offer a superior alternative to multi-party computation (MPC), preserving non-repudiation and embedding governance and controls into all key shares so that they can be rotated or deactivated if required. This will allow us to serve the most heavily regulated markets.

Every step of the way IBM is providing the support to help us address complex risk and governance challenges, which will allow for widespread adoption of digital assets across the financial sector.

To learn more about how Custody Digital Group and IBM are working together, watch the webcast.