Trusted advisors and the self-sovereign individual
merlo.eth
0x33D2
January 1st, 2023

Disclaimers - this article:

  • Is not tax advice, financial advice, legal advice or security advice;

  • Is intended for Australian readers but may be relevant to others;

  • Focuses on Ethereum but may be relevant to other Ethereum Virtual Machine (EVM) compatible or equivalent blockchains;

  • Contains opinions that are my own; and

  • Is not sponsored.

Self-Custody or bust

One of the core values of the crypto community is self-custody; not relying on centralised operators holding your assets but taking responsibility of safely and securely storing your assets into your own hands. While not necessarily for the ‘right’ reasons, I had the opportunity, the interest and enough technical know-how to learn how to do this when I first made the leap into crypto and later realised my alignment with this core value.

However, not everyone is the same. A lot of people are used to trusting actors in traditional finance because of the level of regulation underpinning that industry. They don’t know that there are opportunities; or realise the sense of satisfaction in taking control of your wealth. If you were one of these people and you lost your assets to the now-defunct centralised finance operators like FTX, Celsius, BlockFi et al, you may have just learned an expensive lesson in custody.

Not your keys, not your crypto
Not your keys, not your crypto

Where to next?

I will continue to advocate for more education around self-custody of assets to anyone in crypto, regardless of how much time or money they have in the industry.

However, the issue remains: how can you safely and securely store your assets on-chain if you:

  • Are new to self-custody;

  • Are not familiar with the inner workings of public-private key cryptography;

  • Have a large amount of assets to self-custody (either in fiat terms or as a percentage of your net worth); or

  • Any or all of the above?

There are a number of solutions available, each with their own features, trade-offs and technical requirements.

This article will provide a starting point for investors, with resources to different rabbit holes to jump down. It will also outline where and how advisors can position themselves to assist clients that wish to take the leap and ‘go Bankless’.

Cryptography - What’s under the hood

At the core of most blockchains is a technique for encrypting and securing data known as public-private key cryptography. The public key, commonly referred to as a ‘public wallet address’, is the address that you and anyone else can use to send and store Ethereum (ETH) or other compatible tokens. This wallet address can be viewed by anyone. For example, if you were to view my wallet address on a blockchain explorer like Etherscan, you would see every token I hold, or have held, as well as every single transaction involving that wallet address.

The private key, which is kept a secret when the key pair is first generated, is the key spend those tokens, or send them to another address. Without the private key, this cannot happen. It is therefore important that this private key remains a secret to everyone but the intended owner of that wallet address.

Software Wallets - The convenient self-sovereign solution

The most common first step is installing a software wallet. This allows investors to access their assets through either a smart device application or an extension on their internet browser. They can be used to store, receive, and send cryptocurrency. Some software wallets also offer additional features such as the ability to exchange or trade cryptocurrencies within the app, or to track the value of different cryptocurrencies over time.

Software wallets tend to be easiest and most convenient to use, as they can be accessed from any device with an internet connection. They are also usually free to use.

However, the trade-off with software wallets is that they are the least secure option available. Because they spend the most time online, they are the most vulnerable to hacking and malware attacks. It’s also possible to lose access to your assets if the device on which the software wallet is installed is lost or stolen, or if the wallet app is deleted.

Software wallets are best used in situations where:

  • You have a limited amount of asset exposure (either in fiat terms or as a percentage of your net worth) or lower security needs;

  • You can, or know how to, safely and securely store your private keys;

  • It is used in combination with other solutions (covered further below).

The most well known software wallets include MetaMask, developed by Consensys, and Coinbase Wallet, developed by centralised exchange Coinbase. However, the options for software wallets are continuing to grow. Be sure to do your research and find out which solution best suits your needs.

Hardware Wallets - Take your assets on and offline with ease

Another solution available to investors is holding assets in a hardware wallet.

Hardware wallets are physical devices that are specifically designed to store cryptocurrency. To access assets stored on a hardware wallet, you would enter a PIN code or use a physical button, depending on the device.

Hardware wallets are considerably more secure than a software wallet as they are offline devices, which means that they are not connected to the internet and are therefore less vulnerable to hacking and malware attacks. Depending on the device, they are also portable and can be easily carried around.

The main trade-off with hardware wallets is the additional cost. They may also require additional technical knowledge to set up and use compared to a software wallet. Like software wallets, it is still possible to lose access to assets if the hardware wallet is lost, broken or stolen, or if you forget the PIN code to unlock the device.

Hardware wallets are ideal in situations where:

  • You have a material amount of asset exposure or higher security needs;

  • You can afford between AUD 100 - AUD 600 to purchase the device(s);

  • You have the means to securely store the device(s);

  • It is used in combination with other solutions (covered further below).

The most well known hardware wallets include the Nano S, developed by Ledger, the Model T, developed by Trezor, and the Lattice1, developed by GridPlus. It is important, however, to purchase brand new devices directly from the manufacturer and not from secondary market vendors (new or used), regardless of which device you choose to purchase. This will ensure that you have recourse in the event that anything goes wrong with the device and that it hasn’t been injected with malicious software designed to drain your wallets.

Smart Contract Wallets pt. 1 - A self-custody solution with fallbacks

Smart Contract Wallets (‘SCWs’) are digital wallets that are built on top of blockchain technology and use smart contracts to store and manage assets. They typically involve the use of multiple software or hardware wallets to sign and approve transactions.

The biggest benefit to SCWs is the security. Set up correctly, in combination with software and hardware wallets, they allow you to establish fallbacks to retain access to your assets in the event that any one of the signing wallets is lost or stolen. Where multiple signatures are required to approve transactions, the risk of losing assets due to human error is also greatly reduced.

With these advanced security features, SCWs do require a greater level of technical knowledge to set up and use. They also tend to have comparably higher transaction fees to a software or hardware wallet, due to the advanced features typically requiring more computing power to be processed. If you intend to explore the frontiers of the crypto ecosystem, SCWs may hinder your ability to be nimble due to the restrictions of the underlying code.

SCWs are ideal in situations where:

  • You have a material amount of asset exposure or are managing collective funds that require the highest of security needs;

  • You can afford between AUD 100 - AUD 600 to purchase the Hardware wallet device(s) used as signatories;

  • You have the means to securely store the device(s);

  • You have the technical skills to operate within a smart contract wallet environment (or have people you trust to assist with the operation).

The most common SCWs in the Ethereum ecosystem are Gnosis Safe and Argent.

Smart Contract Wallets pt. 2 - Where trusted advisors come in

As you can see, taking the leap into self-custody can be daunting. There are many tricks and traps that anyone just starting out on journey may not be aware of. Further to this, recovery of assets can be incredibly difficult in instances where someone passes away without leaving a sufficient amount of information to their surviving family members on how to access their on-chain assets. To make matters worse, in many instances few of the surviving family members have any technical background or understanding of crypto to know where to look or how to access the assets. This can result in the total loss of those assets or additional costs to engage professionals that can recover them.

I see an opportunity for trusted advisors such as accountants, financial advisors and lawyers to step up in this space. Advisors in these industries that are experienced with the functionality of crypto are in a position to provide an invaluable service for their clients, in life and death, by becoming a signatory on a SCW.

Taking Gnosis Safe as an example (link to their suggested setups here), their solution allows for multiple accounts to be designated as Safe ‘owners’ and a minimum number of approvals from said owners (‘threshold’) before a transaction can be sent for inclusion in the blockchain.

A common suggested setup for individuals, as set out on their website (link above) is to have three Safe owners:

  • One on a software wallet;

  • One on a hardware wallet that is easily accessible;

  • One on another hardware wallet that is locked away in a safe place.

In this setup, the threshold for signing transactions would be set to two, allowing an individual user to perform day-to-day operations with little to no external assistance. If that user, for example, loses the smart device containing the software wallet, or that account is compromised, no one can access the funds on the SCW without gaining access to either hardware wallet. To recover access, the user can connect both hardware wallets, sign a transaction to remove access to the compromised software wallet and sign a transaction to grant access to a new software wallet.

This setup can scale out in examples of larger pools of assets, multiple directors of a company, multiple trustees of a trust or Self-Managed Superannuation Fund (SMSF) or, in its most common use case, multiple senior members of a Decentralised Autonomous Organisation (DAO). These setups could also be useful in cases of assets that form part of a business sale, a bankruptcy or company liquidation, a deceased estate or even a matrimonial asset pool during divorce proceedings. A flow chart of such examples are illustrated below.

Examples of potential Smart Contract Wallet setups
Examples of potential Smart Contract Wallet setups

Advisors have an opportunity to form part of what’s known as ‘social recovery’, by being a physically and emotionally separate party that provides one of the potentially many fallback options to a client’s access to their funds, should any of the day-to-day methods fall over.

Advisors beware

As with any opportunity to expand service offerings, advisors will need to consider their own potential risks in this space and take the necessary steps to manage them.

First, firms will need to consider where the education level of their key people is at and whether it is sufficient to be able to roll out these services. This can be a combination of additional research into potential solutions they choose to roll out, as well as using these solutions in a testing environment. Doing this will help to conclude which solutions the firm will offer to their clients.

At the time of writing, there are two test networks (or ‘testnets’) available on Ethereum: Goerli and Sepolia. However, it is suggested on the Ethereum website that Sepolia be used for testing applications.

The next important consideration for firms will be planning and executing a set of cybersecurity measures and internal controls to minimise the risk of loss or theft of the firm’s signing keys.

Some examples of such measures include, but are not limited to:

  • Separate wallet addresses for each client’s SCWs (Note: you can have multiple wallet addresses on a single hardware wallet device, however this could be taken one step further and be kept to one hardware wallet per client, or even per client SCW in the event that a client has multiple SCWs set up);

  • Keeping keys offline on hardware wallets;

  • Password policies and 2-Factor Authentication (2FA);

  • Implement access controls to people within the firm chosen to be signatories to client SCWs, with consideration given to each person’s education level, time served at the firm, position in the firm hierarchy and relationships with other staff or clients);

  • Assigning SCWs as wallet owners of a client’s SCWs, effectively requiring the firm to have two or more of its employees to approve transactions for a client;

  • Keeping appropriate records of wallet addresses (Client name, wallet address for that client’s SCW, the wallet owners of that SCW including which one the firm controls, location of hardware wallet, internal reference numbering of hardware wallets);

  • Storage of wallet address records (on an offline air-gapped computer, on a storage solution with sufficient password protection layers, on a hardware security module);

  • Signing keys should be single-purpose i.e. not used to store any other assets except a sufficient amount of Ether (ETH) or other token to pay for the relevant transaction fees;

  • Engaging in regular external security audits;

  • Formulate incident response plans in the event that any incidents occur.

Insurances will also be a major consideration. It is important to ensure that if something goes wrong, even after implementing any combination of internal controls and cybersecurity measures above, that you are sufficiently covered for any potential claims for damages. Consider speaking with an insurance broker to discuss the potential options available to the firm.

It all comes back to trust

While trust is a key part of how our society functions efficiently, utilising technology that allows us to minimise trust allows our society to function even more efficiently. Rather than trusting someone they don’t know, investors have the opportunity to take charge of their own wealth, while also leaning on advisors they know and trust. Similarly, advisors have an opportunity to offer a considerable point of difference to their competition and provide relationship-building services that help to secure their clients’ wealth, both now and into the future.

Thanks for reading. Show your support by subscribing and/or minting this article as a NFT. Proceeds go towards funding more articles like this.

Subscribe to merlo.eth
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
kxIS8t2R9KovVvj…klMuMh-niuNwwao
Author Address
0x33D27b662df56Ed…22Da8dc65cfa932
Content Digest
NX2AYM_GLKRAXkp…FDStpx7_PhIPJM0