Setting a new standard for securely storing digital assets

Long before I entered the world of crypto, I tested experimental aircraft in the U.S. Air Force. The high stakes environment of military flight test required every system and safeguard be checked and rechecked for safety and performance.

As Bakkt prepares to provide custody of digital assets for sophisticated institutional clients, we’re applying the same rigor to safeguarding our customers’ funds. Having worked in the crypto space developing advanced trading and custody solutions since 2013, it’s clear to me that ironclad infrastructure and a security-first mindset are fundamental to storing digital assets. It’s also critical to assemble the right team, with engineers that deeply understand cryptography, distributed systems and other aspects unique to the space, and I’m excited to share some news about that too.

This combination of advanced systems design and human expertise, supported by robust operational controls, provides the foundation for a custody solution that has the potential to attract greater participation from institutions, investors, merchants and consumers.

At Bakkt, we’re focused on building the future of digital asset infrastructure. We’re doing this to help broaden adoption for a technology that holds tremendous promise, but has yet been developed to its full potential. By launching a regulated custodian for digital assets, Bakkt will be able to support a variety of products and services that help fulfill this potential.

Our first solution, as many who’ve followed Bakkt know, is a physical-delivery bitcoin future. This contract will be traded on ICE Futures US (IFUS) and cleared on ICE Clear US (ICUS), a federally regulated exchange and clearinghouse regulated by the CFTC. Bitcoin delivered upon contract settlement will be stored by Bakkt. To provide regulated custody, we have filed with the New York Department of Financial Services for approval to become a trust company and in this capacity serve as a Qualified Custodian for digital assets.

This structure will provide the first end-to-end regulated environment for price discovery of crypto — bitcoin will be stored at a regulated custodian, and traded and cleared on a federally regulated exchange and clearinghouse. This means investors will have access to the same high performance, low latency exchange and clearing infrastructure that powers many of the world’s most liquid futures markets. We believe that end-to-end regulation, paired with reliable infrastructure, will unlock greater institutional participation and, as a result, establish more liquid, fair and efficient markets for this emerging asset class.

We also intend to build products that drive greater adoption of the technology itself. By understanding and applying the attributes that make public blockchains unique, Bakkt will launch products that solve real problems for real people. We’re starting with one of the most well-known applications of public blockchains — value transfer — to enable faster, less costly, and more efficient payments for companies like Starbucks. The safe and secure storage of digital assets is fundamental to this product too.

In order to launch these products, we’ve spent two years developing a custody solution from the ground up. Bakkt leverages the same institutional-grade hardware, operational controls, and cybersecurity systems that Intercontinental Exchange (ICE) uses to manage all thirteen of its regulated exchanges worldwide, including the New York Stock Exchange.

While we’ve leveraged ICE’s expertise developing and operating institutional-grade products, we’ve also tailored our custody offering to protect against risks unique to the crypto space.

Wallet Architecture

Bakkt uses both warm (online) and cold (offline) wallet architecture to secure customer funds. The majority of assets are stored offline in air-gapped cold wallets that are insured with a $100,000,000 policy underwritten by leading global insurance carriers. Both wallet architectures employ on-chain and off-chain security measures to safeguard cryptographic keys, including the enforcement of multi-signature controls. Customer funds are also protected by layers of automated controls including multi-factor authentication, destination address whitelisting, and role-based permissions.

Key Security

Bakkt uses FIPS 140–2 level 3 or higher hardware security modules (HSM) to manage and secure its warm wallet cryptographic keys. The physical and logical attributes of HSMs prevent the viewing, modification, or extraction of private key material. All cold wallet cryptographic keys are encrypted, sharded and are geographically distributed in an m-of-n architecture. Private keys are never transferred across any open or unencrypted communication channel, and access is protected by firewalls and other network layer security controls.

Physical Protections

All cryptographic systems are secured in bank-grade vaults and datacenters that are protected with 24/7 physical security. Role-based permissions strictly limit employee access, and systems are routinely tested to ensure a seamless transition to our parallel disaster recovery facilities. Additionally, Bakkt is working closely with BNY Mellon to offer geographically-distributed storage of private keys secured by the bank. BNY Mellon has a longstanding history of safeguarding the assets of institutional clients such as hedge funds, asset managers, and broker dealers, and we’re excited to work with them.

Cybersecurity Program

Bakkt leverages one of the world’s most sophisticated cybersecurity programs, and the same systems that protect the New York Stock Exchange. Threats are identified from a “red team first” perspective and managed by a global team of security specialists. These experts collaborate closely with law enforcement and the global intelligence community to identify, analyze and prevent attempts at inbound intrusion. This results in a program that continuously adds controls to prevent the unauthorized access, disclosure, destruction, modification, or disruption of company data and prioritizes protections from a threat-objective driven approach.

Operational Controls

Bakkt implements strict operating procedures to direct the safekeeping and storage of customer funds. All withdrawal requests are received, verified, and processed by dedicated staff located in multiple geographies. Requests are validated, both manually and systematically, against a policy ruleset that controls for parameters such as amount, destination, and velocity of transactions. Bakkt has also implemented additional anti-collusion and insider threat controls requiring multiple individuals from multiple teams in multiple locations be involved to process a transaction. No individual can access customer funds.

It is with that same commitment to setting a new standard for securely storing digital assets that we’re excited to announce that we have acquired Digital Asset Custody Company (DACC). DACC shares our security-first mindset and brings extensive experience offering secure, scalable custody solutions to institutional clients. The team’s experience integrating multiple blockchains and operating cutting-edge consensus mechanisms is a valuable addition to our team and future product line. As we look to scale and support custody of additional digital assets, DACC’s native support of 13 blockchains and 100+ assets will serve as an important accelerator, and we’re pleased to welcome Matthew Johnson, Adam Healy, and the entire DACC team to Bakkt.

Our team at Bakkt is relentlessly focused on building the future of digital asset infrastructure. Whether it’s supporting fairer and more efficient markets through physical-delivery futures, or enabling natively digital payments via merchant processing, the secure storage of digital assets is at the core of each solution. Launching a regulated custodian for digital asset represents a key milestone in that effort, and we will continue to share updates on that progress.