Kapitalex has been working hard to deliver a new multi-signature security solution for cryptocurrency exchanges and its users. This exchange, which is now open for beta access, allows users to make deposits in 2-of-2 multi-signature (Multisign) accounts, where the user controls one key, and Kapitalex the other. Future Deposit Guarantees, pre-signed by the users, allow the exchange to recover funds in case the user loses his private keys or becomes unresponsive.

Since Multisign deposits are held in accounts that the user controls, i.e., the user owns the private keys, it is impossible for the exchange (or attacker) to move (or steal) the funds without also having the users’ cryptographic permission. Likewise, since it’s a 2-of-2 shared multi-signature address, it’s also impossible for the user to simply take back his or her cryptocurrency funds (for example, after selling them) without the exchange’s signature. Having said that, the user controls and initiates each transaction, i.e., deposit, withdrawal, or balancing (explained below), with his Multisign wallet, signing with the private keys that only the user has access to. The exchange can only oversee that the transaction is valid, that it complies with exchange rules, and only then can the exchange sign off (approve) each user action with its own signature.

With traditional exchanges, once the user funds enter the system, they have the means to really do whatever they please with the funds — they own the private keys. Some exchanges may even go as far as moving user funds to other exchanges or OTC markets, trading, loaning, or using them for arbitrage and market making; basically, operating a fractional-reserve system. There are no guarantees, few protections, and users are expected in-essence to “just have faith”. When an exchange goes bust, the users are rarely compensated, at best are comforted with IOU tokens, at worst are kept in the dark with no legal recourse whatsoever.

With traditional (centralized) exchanges, the user relinquishes control, relinquishes personal private keys. With Kapitalex, users that opt-in for Multisign deposits do not relinquish control. The users’ private keys, (residing on users’ own computers and networks, or even in a user’s hardware wallet), embedded into each multi-sign deposit, are required for each transaction. The funds never move anywhere without the users’ explicit permission, each and every time.

The attackers’ job has now gotten to be much harder (or for a rogue employee or management member within the exchange itself). It’s no longer as easy as targeting one centralized location, one set of private keys, residing within a traditional exchange. With a distributed, user-managed multi-signature system such as the one with Kapitalex, the attacker now needs to target an increasing number of user networks, private keys, one user at a time. If and only if he succeeds to break not only the exchange’s network, but also a private user’s network, then he would only be able to acquire (from just a single user) a sliver of the exchange’s cumulative total.

To go after the whole pie, he would need to target each and every single Multisign user, making the problem, perhaps, exponentially harder to do. As more multi-signature wallets are created, the universe of the private keys needed to unlock funds becomes larger and more distributed, making it increasingly harder and practically impossible to steal large amounts of crypto out of Multisign wallets. The attacker better spend his efforts on traditional exchanges, where the coins are more centralized, more targetable.

In the eyes of Kapitalex, this is where the industry needs to and inevitably will head towards — distributed private keys and more decentralization. Exchanges will act merely as counter-parties, or full-reserve escrow systems, and perform trade oversight (i.e., drop copies). Less and less will they act as sole custodians of large centralized pools of cryptocurrency. The responsibility is too great for any one exchange to bear. In 2018 alone, according to Forbes, $1.7 billion was stolen. Kapitalex believes now is the time for the exchange industry to build and walk the bridge towards decentralized solutions.

Of course, small-scale and retail traders may continue to use standard, traditional centralized deposits, and Kapitalex offers traditional deposits alongside with Multisign deposits. But, traders and investors with larger amounts of capital have much more at stake and are expected to benefit from Multisign. If larger and larger pools of crypto-currency reside in distributed Multisign accounts, then at least exchanges will be able to compensate for the small-scale thefts that may occur in non-Multisign accounts — damage mitigation.

Currently, Kapitalex supports Electrum software wallets, and the Trezor hardware wallet for Multisign. Ledger, and other wallets coming soon.

If the user happens to lose the private key or hardware wallet, Kapitalex has come up with a unique solution — Pre-Signed Future Deposit Guarantees. To be specific, for each deposit a user makes, before it becomes credited into the system for trading, the user must first pre-sign a deposit transaction that would only become valid sometime in the future, currently set to 30 days. So, even if the user loses his private key (or hardware wallet), and has not made a back-up, Kapitalex will at the very least be able to recover the locked funds after the 30 day period lock time expires. Otherwise, the deposit guarantee simply expires or is re-generated by each incoming deposit or withdrawal. (For select, VIP, high-net worth clients, it’s possible to waive the Future Deposit Guarantees altogether for additional security).

Multisign users have more security, but with more security comes greater responsibility. When Multisign users sell crypto-currency, they have the responsibility to do what’s called “balancing their wallets” with the exchange. For example, if they sold 1 BTC, then they eventually need to sign off on a Multisign transaction to send 1 BTC out of their Multisign wallet to Kapitalex’s counterparty balancing address. For simplicity, balancing is automatically included when a user makes a withdrawal. But if a user incurs a large debt to the exchange, i.e., sells a large amount of cryptocurrency out of his Multisign wallet, then a user may be asked to balance his wallet sooner so the exchange can continue to operate smoothly.

It’s the user’s responsibility to always check that this exchange’s balancing address matches the transaction he or she is signing (i.e., to make sure it wasn’t somehow injected with an attacker’s (different) address). Kapitalex’s official balancing address is always posted on Twitter, and on the exchange’s website. Users should store the balancing address somewhere, and be very cautious if it ever changes. Kapitalex does not expect the balancing address to change too often, but it may happen. It’s important that Multisign users are aware of this balancing address at all times, and that it always matches the transactions that they are signing. Currently, Kapitalex’s official balancing address is: 3KRGNgukCtJeNn1KHh3JVu5K3LQpUQQx3w.

As of today, not a single crypto-currency exchange has user-controlled multi-signature accounts (with pre-signed future deposit guarantees) available. Kapitalex is the first to do so and is excited to lead the industry towards a more secure, decentralized future. Kapitalex’s mission is to make large exchange crypto-currency thefts a thing of the past, to build the bridge towards exchange decentralization, and to move away from the collection of large sums of cryptocurrency in centralized locations — one Multisign account at a time.

Users can register today and become a beta user of the platform at https://www.kapitalex.com

Kapitalex has filed patent rights for the utility invention, titled “User Managed Distributed Private Key Security Model For Cryptocurrency Exchanges Utilizing Blockchain Protocol Compliant Multi Signature Wallets And Pre-Signed Future Transaction Guarantees”, filed 17th of July, 2019, application # 62875288.

Kapitalex is co-founded by Yuriy Urakhchin and Jose Carlos Flores Lopez.