The threat landscape surrounding the blockchain and cryptocurrency is a seriously busy place. The media (clearly) knows it, you know it, we know it – and the regulators know it too. And to top it off, it’s not protected under the same regulations or by the same security practices as fiat or ‘traditional’ assets.
But this is doing more than just really upsetting the people who have fallen victim to hackers or human error: it’s creating a serious and pervasive image problem for cryptocurrency. It’s fuelling a severe lack of trust and credibility that’s holding the masses back from fully embracing crypto. And that is preventing crypto from fulfilling its potential to radically change the world’s financial system.
60%* US crypto curious investors would only invest if their safety concerns are addressed *
This is a excerpt from Coincover’s ebook – The Definitive Guide To Protecting Crypto
We recently caught up with Chris Pace, Chief Technology Advocate at Coincover, here’s what he had to say
Q: What do you see as the problem- that so much crypto is being stolen daily?
A: The digital asset industry is currently facing a very challenging problem: hackers are getting smarter and finding new ways to access data every day. Every new hack instils fresh fear, damaging crypto’s reputation and discouraging further uptake. For crypto to reach its next stage of adoption, the industry needs to build more security from the beginning to prevent these instances of digital theft.
Over US$14 billion of cryptocurrency was stolen in 2021 and that figure could be higher by the end of this year. Almost 97% of all crypto stolen in the first 3 months of 2022 has been taken from De-Fi protocols where the largest thefts are usually due to faulty code.
However, traditionally, the largest thefts have been a result of security breaches where hackers have gained access to the victim’s private keys. Coincover’s most recent e-Book, ‘The definitive guide to protecting crypto’, highlights some of the biggest hacks over recent years.
Q: The recent Nomad and Solana thefts, was this an exchange or a wallet problem?
A: The Nomad incident, where the hackers stole US$190 million of crypto, is one of the latest examples of where a blockchain bridge has been exploited, in this instance the Nomad bridge. Essentially, blockchain bridges connect different blockchains, with the aim of helping investors securely swap their digital assets, or tokens, without having to use a third party.
Blockchain token bridges have been hit by several thefts in the past, with more than US$1 billion stolen from such bridges so far in 2022. In June this year, Harmony revealed that hackers had stolen US$100 million worth of tokens from its Horizon bridge product.
In the case of Solana being drained of US$5 million in funds from around 8,000 ‘hot’ wallets, only a few days ago, this is still being investigated. However, it is suspected there was a flaw in the wallet software, rather than an issue with the Solana blockchain itself. Unfortunately, ‘hot’ wallets pose more security risks, as updates to the code powering these digital tools are more frequent and thus more accessible by hackers.
Q: Is Coincover’s service guaranteed and insured?
A: Any business wanting to avoid the highly-damaging, reputational risk of being hacked will understand the importance of preventing that hack being carried out in the first place. The great news is, there are companies who you can outsource this risk to. Coincover is one of those companies and probably the only technology in the world that can prevent its’ users from having their digital assets stolen.
What’s more, Coincover has insured their theft prevention technology, so they could help investors to recover any preventable losses due to theft or hacking. However, the key distinction here is that prevention comes before cure – and the cure should only ever be the last resort.
Q: How is your Crypto recovery business? It would seem that there would be a ton of demand for something like that.
A: You may have seen the statistic that 20% of all BTC is lost forever? Whilst it is still visible on the blockchain, the owners have lost access to their private keys or seed phrases and won’t be able to recover their funds until they can regain access to their keys or password again.
Coincover helps prevent businesses and consumers from losing their crypto due to missing wallet keys. We call this product Disaster Recovery. What constitutes a disaster? This could be a lost private key, loss of secure devices, change of phone, business failure, death or incapacitation, a lost or forgotten password, computer virus or staff changes.
Every year, more and more clients are coming to us asking for this solution as they recognise the value of mitigating against single points of failure. Simply put, Coincover is a non-custodial third party that backs up and encrypts wallet keys, that are securely stored with military-grade security. If you lose access to your wallet keys, we can usually facilitate recovery within 48 hours.
Q: Does Coincover store their clients Crypto?
A: We store our clients’ data in devices that are FIPS 140-2 compliant and are kept in multiple geo-redundant physical vaults constructed to Federal Standard 832. However, we are a non-custodial solution, so we never see our client’s wallet keys and only they can unencrypt it with a password they determine.
Q: How do you test your own security?
A: Our security is always rigorously tested using a number of methods both internally and externally. Security is at the core of our platform and architected into everything we do. Coincover maintains ISO27001 certification which provides additional external oversight to our approach to securing information across the organisation.
Q: Have any of your clients been hacked since working with Coincover?
A: We are trusted by over 220 of the biggest cryptocurrency businesses worldwide and we have checked over US$ 10 billion in transactions. Our ‘always-on’ technology has prevented countless attacks from taking place.
Q: Are there Wallets that Coincover doesn’t work with?
A: We have long-standing partnerships with Fireblocks, Bitgo and Cooper and strive to work with as many wallet providers as we can. Our usual process would start with an initial risk assessment, prior to starting any technical integration, to ensure our stringent safety measures can be adhered to.