I accidentally stated in a tweet that I would kick off the new year with an important topic, and claimed that 2019 becomes a year of focus on exchange security, custody solutions and insurance.
I have to learn how to express myself better because I was only trying to compliment Hodor on the choice of topic for his latest post, which is indeed important: taking ownership of, and keeping your XRP safe, in your own wallet.
However, I did in fact state that I believe and hope this year will focus on security, custody and insurance, and even though I didn't plan for it, here's a write-up of my thoughts.
We already saw some of it in 2018,
e.g. several exchange hacks, social engineered “hacks” using SIM swap and several mentions of custody and cybersecurity during the CFTC Technology Advisory Committee panel in October.
Most people keep their money in the bank. Why? Because they are safer in the bank than at home under the mattress, they are insured, and it is easily accessible through credit/debit cards and web banking.
But it is not possible to store your XRP in the bank. There is no easy way to store the funds in a place where the purpose is keeping them safe, insured and easily accessible. For now, either you store it in a wallet on the ledger (hardware wallets are also stored on the ledger) or on an exchange or similar service.
1. Exchange security
One of the most common ways we have seen people loose funds is through exchanges. Either through hacks of the exchange itself or bad actors forcing entry in private accounts and trading or withdrawing funds.
No matter how secure an exchange seems to be, with 2-factor authentication (2FA) and e-mail/SMS verification of withdrawals, funds are never safe against an exchange level hack where funds are stolen – because your funds are most likely not insured.
2FA is excellent, but not all 2FA methods are equally safe. It is scary how easy it is to do a SIM swap or gain access to a 2FA apps backup by verifying your account using SMS. Also, in any case if people get access to an exchange’s backend, keys that are shared to enable 2FA apps are presumably unhashed plain text.
It is a scary world, and I think we will see both user demand and increased focus from exchanges on security — both against exchange hacks and users options for securing access, trades and withdrawals.
2. Custody and insurance
We have already seen custody solutions in 2018, such as Polysign and Coinbase Custody, but I think we will see much more in 2019. Mainly for institutions and corporations, but indirectly for you and me since exchanges and other services will eventually, maybe, use these services for storing cold wallet funds.
We already see some sorts of limited insurance on various platforms and worth mentioning is Nexo, a loan provider where you can store your digital assets as collateral, who is also a founding member of the Collateral Protection Insurance (CPI) consortium.
I think we will see a lot of progress on security, custody and insurance in 2019. Where FIAT is lagging behind on many other factors, there is definitely room for improvement in this area in the digital asset space.
I hope that 2019 will be the year when people can sleep well at night, knowing that funds are safe and insured.