Whilst current laws recognise that a digital asset can be property, Professor Sarah Green of the UK Law Commission argues that “the concept of ‘possession’ is still limited to physical things”, which consequently has an impact on the way that digital assets are transferred, secured, and protected under the law.
Despite physical possession representing 9/10ths of the law, digital assets are becoming an integral store of value in modern societies. Crypto currencies, smart contracts and distributed ledger technology have an increasing role in the way that digital assets are used and transferred.
Digital assets are defined as electronic records of data that can be owned and transferred, as well as used as a currency for transactions or as a way of storing intangible content. This can be in the form of computerised artworks, videos or contract documents. The most common examples include cryptocurrencies, (Bitcoin, Ether, Tether, Solana etc) asset backed stablecoins and non-fungible tokens (NFT’s).
In many cases, the responsibility of safeguarding digital assets is controlled by the entities with which they are issued and traded. These entities ultimately define the purpose and proposed value of a digital asset. They range from centralised governments and organisations (ie, Government of Bahamas CBDC) to Decentralised Autonomous Organisations – DAO’s (ie, crypto exchanges) and blockchain protocols (Ethereum or Solana).
The regulatory landscape is still highly contentious with institutions often left to their own devices when deciding on best practice. This brings forth issues of transparency and security, not only with how these entities are using digital assets, but with protection from malicious online actors or hackers. According to the industry intelligence site ‘Crypto Head’, there have been 126 big breaches in the past 10 years, totalling $3.1bn of crypto being stolen from online wallets and exchanges. The most famous of the heists being in 2014, where Mt Gox was robbed of $450m worth of digital assets sat in ‘hot wallets’ online.
With the size of the crypto assets market reaching $2tbn by the end of 2021, DAO’s who are able to prove that they have superior protection of digital assets, and the personal data of their users, are ahead of the curve. CoinMarketCap highlights how DAO’s often use a combination of unique methods in order to avoid or mitigate security threats.
The first approach is to offer cold storage options, by keeping private keys offline. Companies such as Ledger Nano X and Trezor Model T offer physical USB style ‘cold wallets’, which allow people to store their assets offline. Other specialist third-party services, such as Vo1t, go one step further by holding private keys in underground bunkers patrolled by ex-military personnel.
The second approach is to provide digital asset insurance to cover when an organisation has been hacked. The larger cryptocurrency exchanges such as Binance and Coinbase provide their investors with ‘secured asset’ insurance funds against data breaches or hacks. Although the levels of insurance vary, the company Bittrex currently holds the record with a $300 million insurance plan for its users. However, this does not protect users if they have forgotten or misplaced their login codes or private keys… a fate which has unfortunately impacted 25% of all bitcoins in circulation!
Finally, DAO’s are building stringent security features into many of the processes for accessing and trading digital assets. For example, Gemini requires biometric login and two-factor authentication to access accounts or to make withdrawals on their platform, which protects users accounts from any unauthorised access to data or funds.
The next generation of crypto platforms have no choice but to come up with new ways to protect their users, particularly as the sophistication of data breaches continues. Perhaps one of the most tightly secure approaches has been utilised by the Himalaya Exchange, who are the first company to use artificial intelligence behavioural pattern recognition for an additional layer of security. This is combined with a minimum of AES 256 level of encryption to protect all data and backed up with 95% of all funds being securely stored offline in geographically distributed vaults.
The Himalaya Exchange utilises a multi-layered approach to cybersecurity and has built in ‘Security and Privacy by Design’ to ensure technical level security safeguards against advanced SQL injections, cross-site scripting, buffer overflow, denial of service and LDAP attacks. The sophistication of these security protocols is not only imperative to protect from malicious attacks, but it is crucial for user confidence.
The future of digital asset protection will depend on the capacity of DAO’s to combine a number of different security protocols together. By having a secure multi-layered approach, these entities are gaining trust and credibility amongst a wider user base. This is not only fundamental to the broader acceptance of crypto technologies, but also the continuing movement from physical toward digital assets.