Report on Crypto Custody and Off-Exchange Settlement Solutions

Introduction

Establishing a strong foundation in digital asset custody is vital to encourage institutional adoption. This concern is amplified by the nature of digital assets as bearer instruments, during which transactions become irreversible upon initiation. Therefore, it is imperative to understand available options, custody mechanics, and strategies for mitigating counterparty risks, while safeguarding against exchange insolvency, hacks, and potential asset misappropriation.

The collapse of FTX in 2022 served as a stark reminder of these risks. However, it also served as a catalyst for the industry to accelerate the development of innovative solutions that could level the playing field when compared to traditional finance.

In this report, we will discuss crypto custody that incorporate levels of security, governance, operational control, and policy control effectively akin to those in established traditional finance hedge funds. Additionally, we will explore some of the solutions that the industry has developed to mitigate exchange counterparty risk, with a focus on off-exchange settlement (OES) systems like Copper’s ClearLoop, alongside other tri-party solutions offered by prime brokers and exchanges.

This report is for educational purposes and not to be construed as investment advice.

Institutional Digital Assets Custody

In traditional finance, qualified custody ensures that assets are securely held by custodians meeting specific criteria for holding securities and client funds. These criteria include being a bank, a registered broker-dealer, or a futures commission merchant. Qualified custodians must also adhere to requirements such as providing audited financial statements to the SEC, keeping client assets separate from their own, and undergoing periodic examinations by regulators. Notable players in this space include behemoths like BNY Mellon ($43 trillion in AUC) and State Street ($38 trillion in AUC). Given the solidity of these banks, institutional investors seldom worry about custody in traditional finance.

However, in crypto, custody takes on a different form. Digital asset custodians do not actually hold digital assets; instead, they store and safeguard the owner’s cryptographic private keys. These keys are stored and managed in customizable cryptocurrency wallets, which may be either connected to the internet (known as hot wallets) or physically isolated from it (known as cold wallets). Regardless, custodians manage these keys and authorize transactions on behalf of clients, directly engaging with brokers, dealers, and exchanges to trade their clients’ funds.

Historically, centralized exchanges like Binance, OKX, and others have played a significant role in managing and holding the assets of their clients, particularly for those engaged in active trading and needing to keep assets on the exchange. Effectively, exchanges have acted as custodians. However, the blending of custody and exchange functions has resulted in significant industry challenges, notably highlighted by the increasing number of hacks and incidents involving exchanges, most recently FTX.

Consequently, there has been an overall erosion of trust among traditional investors regarding the implementation of digital asset custody, and a notable decline in the trend of institutional funds being entrusted to exchanges in recent years. Instead, institutions are increasingly relying on third-party institutional digital assets custodians.

Qualified Custody in Crypto

In this context, the industry has seen the rapid emergence of experienced and institutional-grade qualified custodians that adhere to rigorous frameworks designed to meet the highest standards of safety and reliability.

These custodians:

• Adhere to stringent protocols, regulatory requirements, and industry best practices to develop digital asset custody solutions that satisfy compliance, transparency, security, and integrity standards mandated by institutions requiring qualified custodians to safeguard their assets.

• Utilize cutting-edge technology, including Hardware Security Modules (HSMs), Multi-signature (Multisig), or Multiparty Computation (MPC), to enhance the security and efficiency of their custody solutions. These technologies enable robust protection of digital assets while ensuring operational efficiency and reliability. More on that below.

• Often offer substantial insurance coverage against potential losses, providing additional protection and peace of mind to clients. For instance, Coinbase boasts a $255 million insurance policy for crypto held on customers’ behalf.

Examples of crypto firms that meet the SEC definition of “qualified custodian” include:

• Coinbase Custody, a limited liability trust company licensed by the New York Department of Financial Services and regulated by the New York State Banking Law and the SEC);

• BitGo, which obtained a New York Trust license to operate as a regulated qualified custodian; and

• Anchorage, boasting of being the first and only federally chartered crypto bank.

Furthermore, an increasing number of traditional finance custodians are also entering the space. BNY Mellon led the way by launching its crypto custody program in 2022, and Fidelity, which also holds a New York Trust license and is registered with the UK’s FCA, has followed suit. However, a current limitation of these options is the breadth of access to exchanges, the assets that they can custody and products they offer.

Core Technology Solutions

Industry-leading digital asset custodians today rely on advanced technology solutions to meet the custody and operational due diligence requirements of sophisticated investors. Among these technologies, Hardware Security Modules (HSMs), Multi-signature (Multisig), and Multiparty Computation (MPC) stand out.

Hardware Security Module (HSM) - An HSM is a hardened, tamper-resistant physical device that undergoes lab testing and government certification to ensure its security. It is designed to safeguard cryptographic processes like encryption, decryption, authentication, and key management. Unlike devices connected to a client's computer network or the internet, HSMs operate offline, requiring physical access for key usage. To execute a transaction, client instructions must be combined with the HSM. While HSMs offer robust protection, storing keys in one location poses a potential single point of failure, which can often be mitigated by configuring the system to require authorizations from multiple HSMs. While HSMs can be used to secure and store private keys directly on the physical device, they are more commonly employed to secure backups in the crypto industry today, and may not be the ideal solution for handling faster and more complex transactions.

Multi-signature (Multisig) - Multisig is the process of requiring multiple signatures/keys to authorize a digital asset transaction rather than a single signature from one key. Typically, Multisig involves a majority of the keys associated with an asset to sign the transaction, such as three out of five. These signatures may come from different devices, such as an HSM and a mobile phone, or from different parties involved in the transaction. Multisig offers advantages over relying solely on HSMs by reducing the risk of a single point of failure. However, it comes with certain limitations. For instance, Multisig implementations may vary across different blockchains or might not be supported at all. Once implemented, the Multisig configuration cannot be easily changed, which may pose challenges in certain situations, and may not provide the desired operational flexibility. Multisig arrangements may also introduce additional vulnerabilities, particularly if poorly coded smart contracts are involved. Additionally, the use of Multisig can result in higher transaction fees compared to traditional single-signature transactions. Furthermore, depending on the signature algorithm used, Multisig setups may inadvertently reveal information about their configuration, potentially compromising security.

Multi-Party Computation (MPC) - MPC is a process that splits a private key into key shares, which can then be distributed across multiple devices and parties. Through cryptography, these shares will be allowed to jointly execute an order based on their inputs while keeping those inputs private and encrypted. The entire key is never fully assembled in one place, even during its generation, which prevents a hacker who gains access to just one device from ever obtaining the full key. MPC offers flexibility in various aspects of digital asset management. It allows for multiple authorizers to sign a transaction, enables the creation of complex signing rules, permits parameters to be changed after creation, allows signer shares to be revoked without altering the key, and supports the use of both hot and cold wallets. Moreover, MPC generates a standard digital signature, making it compatible with any blockchain and asset. Also, it does not reveal any information about the signers involved in the transaction.

In our view, MPC has emerged as the most advanced and secured method for safeguarding digital assets, particularly for actively traded asset management firms requiring institutional-grade digital asset custody. This is due to its robust security measures, which rival those of traditional custody solutions, while still allowing investment managers to trade in real-time without impediment.

A leading example of MPC-secured digital asset custody is provided by Copper, a UK-domiciled digital asset custodian founded in 2018. Through its MPC-protected custodial architecture, Copper’s system distributes control over the client's vault across three individual shards, each simultaneously and independently formed and held by three independent parties: the Client, Copper, and a Trusted Third Party.

Key elements of this solution, which we believe position Copper as a solution with one of the highest levels of security and integrity available in the industry, are the following:

• Utilizing MPC cryptography, the three shards enable transactions to be signed online without the risk of exposing private keys. With no single private key, the isolation of key shards creates a significant barrier for bad actors attempting to access assets, as they would need to identify and exploit each intermediary effectively.

• No party retains copies of each other's shards, guaranteeing redundancy and resilience against potential threats. Copper ensures that no record of the client's and the trusted third party's shards is retained on its own servers.

• Operating on a two-of-three signing quorum to move assets enhances security by eliminating central points of failure, without impeding the investment manager’s ability to trade in real-time.

• Governance controls enable clients to make tailored and customizable permissions across their teams and vendors (read-only access, etc.).

• Further, Copper's Policy Engine adds another layer of security by operating on a role-based access control framework, granting advanced control and flexibility over operations.

Off-Exchange Settlement

As an alternative to the traditional custodian approach, Copper and other custodial solutions providers have been at the forefront of developing innovative solutions utilizing MPC (Multi-Party Computation) and Multisig (Multi-signature) technology to ensure secure custody and seek to eradicate the risk of a central point of failure. However, despite the robust security measures allowed by advanced technology, it's crucial to acknowledge the persistent challenge of counterparty risk, particularly when clients initiate asset transfers from custody wallets to exchanges for transaction execution.

Historically, in the digital asset market structure, it has been a common practice to transfer assets to hot omnibus wallets on exchanges to facilitate trading activities. This practice obviously presents several key risks and challenges, including exposure to exchange counterparty and insolvency risks, capital inefficiency due to network fees associated with asset transfers, and operational overheads.

Thus, despite stringent custody measures and technology, exchange-related incidents remain a prevalent concern among institutional investors. As a result, it was imperative for the industry to develop solutions aimed at minimizing such risks. In the subsequent sections, we will delve into these solutions, exploring their key features and benefits in addressing the evolving landscape of institutional digital asset custody and trading.

ClearLoop

The leading industry platform in this regard is ClearLoop, a solution developed by Copper in direct response to the needs of institutional clients, aiming to provide a resilient and secure solution that facilitates seamless access to liquidity across various trading venues with speed and security.

ClearLoop is a service empowering trading clients to settle crypto asset trades with exchanges integrated with the Copper platform (referred to as “ClearLoop Exchange”, currently including OKX, Bitget, Bitfinex, ByBit, Deribit, and others) without requiring the prior transfer of assets from their accounts on the Copper platform to those held with the ClearLoop Exchange. This approach effectively mitigates counterparty risk for Clients, as their crypto assets consistently remain safeguarded within Copper's MPC custody framework.

The ClearLoop process encompasses several key stages:

Delegation: Initiated when a client submits a transfer request via Copper's platform, delegating a specified amount of crypto assets from their Custody Account to a designated ClearLoop Exchange for potential trading activities). Upon receipt of the transfer request, Copper's automated system verifies the availability of the requested assets within the client's Custody Account. This delegation process enables the designated assets to be earmarked for settlement obligations with the ClearLoop Exchange.

Locking. Once instructed by the Client to designate assets for delegation to a ClearLoop Exchange, those assets are automatically locked, preventing the Client from withdrawing, transferring, or otherwise managing the assets until they are unlocked.

Trading and Settlement. ClearLoop's leverages Copper's extensive network of exchange integrations and liquidity partners. Execution and settlement of obligations with the designated ClearLoop Exchange happens securely and efficiently.

Unlocking. Following the settlement of the Client’s obligations to the ClearLoop Exchange, previously designated crypto assets become available to the Client. This allows the client to receive settled PnL on a periodic basis without the need to have moved assets onto the exchange.

A sample process for a BTC-ETH trade is represented below.

The ClearLoop solution offers a multitude of advantages, each tailored to enhance efficiency, security, and flexibility for institutional clients engaging in cryptocurrency trading:

• Mitigate Counterparty Risk: By enabling clients to trade on centralized exchanges without funds leaving Copper’s secure MPC custody, ClearLoop ensures that assets always remain safeguarded within the secure custody framework. When delegating and undelegating assets to an exchange, the assets do not physically move to the exchange, reducing the risk associated with traditional custody solutions.

• Efficient Trading Through Delegation: ClearLoop enhances capital efficiency by allowing assets to be deployed to multiple exchanges from a single pool of collateral. This streamlines the trading process and maximizes the utilization of available assets, ultimately optimizing trading strategies and reducing operational complexities.

• Off-Exchange Settlement and Enhanced Capital Efficiency: Settlements between the client and the exchange occur on the Copper platform, eliminating the need for assets to traverse the blockchain for settlement. This off-exchange settlement mechanism enhances capital efficiency by enabling assets to be deployed to any supported exchange from a single pool of collateral without incurring network fees until final settlement. Additionally, since assets do not physically move on ClearLoop at the blockchain level, deposit, transfer, or withdrawal fees are eliminated, further reducing operational costs for clients.

• Bankruptcy Remote: To address the insolvency risk of any network participant, Copper has established an English law trust over assets on ClearLoop accounts. Within this structure, an English Law Trust is created to provide an additional layer of protection for client and exchange assets held in a dedicated ClearLoop omnibus account.

The advantages of adopting a solution like ClearLoop are evident, particularly for institutional investors who prioritize custody and counterparty risk management. It comes as no surprise that the platform has experienced significant momentum in adoption over the past 12-18 months. Here are some notable statistics:

1.      March 2024 volume of ClearLoop enabled exchanges vs. Binance

• Total spot and derivatives volume:

  • Binance: $4.0 T (not accessible via ClearLoop) 

  • Current ClearLoop exchanges: $3.4 T (total number across ClearLoop enabled exchanges, not actual volume through ClearLoop)

  • ClearLoop Exchange pipeline: additional $713 B 

  • Other major exchanges: $934 B 

• 11.7 million trades processed via ClearLoop in March, representing ~$60 B in trading volume.

• Each exchange settles netted collateral back to Copper every 4 hours, 24/7/365, resulting in 13,610 individual risk-clearing settlements in March alone (total netted amount of $246 M).

• Total ClearLoop volume is up month-over-month and continues to increase.

2.      Ongoing addition of integrated Exchanges

• Currently integrated: Deribit, Bit.com, Bitfinex, Powertrade, Gate.io, ByBit, OKX, and Bitget. 

• Agreed to integrate: Bitstamp, Bitmart, HTX.

3.      Multi-Custody Agreement

• Signed agreements with BitGo and Komainu to allow clients to access Clearloop

• BitGo and Copper Combine Crypto Custody Settlement Networks

• Nomura-Backed Komainu Joins Crypto Custodian Copper’s ClearLoop Network

Options for Accessing Binance

While other major cryptocurrency exchanges have chosen to collaborate with solutions like Copper ClearLoop, Binance has adopted a different approach due to its leading position in trading volume. Throughout 2023, Binance's market share experienced a decline from over 60% to a low of 42%, yet it remains the dominant exchange by volume. Since the announcement of its settlement with the DOJ, Binance's market share has rebounded somewhat to 50%.

Currently, there are four options available for trading on Binance:

1)      Hold assets on Binance. This option represents the status quo, where traders maintain their assets directly on the Binance platform. While sentiment surrounding Binance has improved following the DOJ settlement, concerns persist regarding counterparty risk. Diversification and real-time alerting systems are recommended to mitigate these risks.

2)    MirrorX, the Off-Exchange Settlement solution offered by Ceffu. Binance offers an off-exchange settlement option through an affiliated custodial entity, Ceffu, that is substantially like ClearLoop, but exclusive to Binance. Through MirrorX, institutions allocate a specified amount of their asset balance available in their wallet and delegate them from Ceffu to their designated Binance sub-account instantaneously. Their assets remain in Ceffu’s custody at all times and are automatically settled off-chain at T+1. Ceffu also provides insurance and an English Law Trust structure designed to protect assets in the event of bankruptcy. MirrorX represents a positive step for institutions and funds needing to trade on Binance but seeking to reduce counterparty risk. However, questions arise about the segregation of Ceffu's ownership structure, team, and wallets from those of Binance, raising questions about asset security and segregation.

3)     DMA on Binance via a prime broker such as Hidden Road. This option is akin to the first, with the distinction that it entails trading on Binance through sub-accounts managed by a prime broker, such as Hidden Road. While this may elevate exposure to both Binance and the prime broker, Hidden Road's unique status as the sole prime broker possessing both an FCA investment firm license and an FCA digital asset firm registration offers a degree of assurance. Furthermore, this arrangement presents additional advantages, including access to reduced trading fees via aggregated volume discounts across all prime broker clients, and the ability to borrow funds for leveraging returns or keeping capital off the exchange. Additionally, Hidden Road provides optional exchange insurance to safeguard against exchange defaults, typically quoted at an annual premium of 5%.

4)      Margin loan with collateral held at Swiss Bank: A newer solution involves an arrangement between Binance and a third-party banking partner, a Swiss-regulated bank under FINMA jurisdiction. At present, the solution is in pilot mode, and as such Valmar is under agreement not to disclose the name of the Bank. In this setup, traders can hold T-bill collateral at the Bank, against which Binance extends a margin loan with a 98% haircut and a margin cost of approximately 7.5% per annum. With T-bills yielding around 5%, the net cost of this arrangement is ~2.5%. Flexibility in improving the economics of this arrangement may be possible with increased business volume. There are discussions about the potential for collateral held at the Bank or other participating banks to be mirrored on the exchange with periodic settlements against the collateral, offering further convenience and efficiency (i.e. “virtual margin”). Presently, the new solution is being tested for perpetuals and futures trading.

Conclusions

With abundant opportunities available for sophisticated traders and managers to generate yield through active crypto trading, the participation of many traditional finance institutions and family offices in this growing asset class hinge on the security and safeguarding of their assets.

Headlines such as the FTX debacle have not helped improve the reputation of the asset class. However, solutions within the ecosystem are evolving rapidly, and strong platforms have emerged and consolidated both in the US and offshore.

Custodial options such as Coinbase, BitGo, Anchorage, and Copper stand out for their commitment to best practices, advanced technology, and the protections they offer, including insurance coverage and banking or trust licenses.

Even when one is confident in the security measures protecting keys and assets, meeting the SEC's definition of qualified custody remains virtually impossible for the most active trading strategies, which often requires transferring assets to exchanges, where custody, security and counterparty risks persist. However, the industry now offers off-exchange settlement solutions that significantly reduce such risks, led by Copper’s ClearLoop.

In this context, Binance remains the elephant in the room, and participation with Binance remains a question of risk versus reward. Traders may opt to execute active strategies entirely on exchanges supported by ClearLoop exchanges, accepting the associated costs typically in terms of strategy yield and capacity. Alternatively, they may choose to add Binance, but limit their exposure to it by leveraging prime brokers' DMA solutions, Mirror X, or integrating with the Swiss Bank's tri-party system as it becomes commercially available.

Security of investor assets for actively traded crypto strategies has matured in leaps and bounds, and counterparty risk is being diminished day by day. The evolution will continue at an accelerated pace, and so the analysis of the best pathways will likewise evolve. In the end, we believe that, based on an investor’s level of comfort with Binance exposure, a vigorous and layered capital-security program can today be instituted.

Valmar is available to discuss mandates and bespoke program structure for family offices and various financial institutions.