You may also want to consider the geographical distance between the different copies of your keys — perhaps you want a significant distance between your key’s locations so it’s impossible for them to be recovered in a single day. You may need to fly to some of the locations. This is something the Winklevoss twins did to protect their bitcoin wallets, with them spread across multiple bank vaults in different US states.
Assuming you have appropriate controls in place, you may also need to ensure that the recovery process is possible without you. Maybe you have a spouse who would need to figure this out in the event that something happened to you.
By now, you should be starting to appreciate all of the nuances of what self-safe custody looks like in reality. There are still plenty of other topics you can take into account such as how you ensure there’s no spyware on your machine and that you use air-gapped computers.
The point is that doing self-custody right entails a lot of hoops to jump through. This is why for the vast majority of users, it’s simply not sensible to burden them with this, as once their keys are lost or compromised, they’re gone for good.
Paying for a custody service seems like good value given the overhead required to do it properly which we have just outlined. This could easily cost $1000-plus annually. However, there are risks with such an approach and you don’t truly control your funds. Exchanges are becoming wise to this by in some cases offering insurance for their user’s funds (Coinbase offers £150,000 protection
for each user account in the UK) which is similar to banking guarantees offered by governments in some jurisdictions, such as in the UK where the Financial Conduct Authority (FCA) provides deposit and savings protection up to £85,000 for funds held with banks and building societies.
This still falls foul of the utilitarian view at the heart of Web3 for most people, whereby they don’t control their assets. But a middle ground is emerging which has the potential to appease both Web3 businesses and Web3 consumers in the form of semi-custody wallets.
Semi-custody wallets use a technique called multi-party computation (MPC) where wallets can be split between multiple parties or devices in order to transact with a blockchain. A threshold is defined that sets the number of parties required to successfully perform a transaction out of the total parties storing parts of the key.
For example, a key could be split between a device, a user account and an exchange with a threshold of two. This means that two out of the three parties or devices need to be used in order to authorise a transaction successfully.
In practical terms, this means that a user can have an MPC wallet they are in charge of primarily via their local account and device, but there is a backup party in the mix should the user lose their device or forget their local account credentials.
This approach ensures that they get the best of both worlds — security in part underpinned by an organisation adept at managing digital assets, but also the flexibility to remain fully in control of their wallet.
The crucial detail is that the user controls the majority of the split keys to retain this control. It seems feasible that this approach could become the new standard for the management of digital assets, with Coinbase recently launching its own MPC wallet
Whilst the MPC wallet is not going to prevent scam websites from trying to steal people’s funds or replace the need for cold storage. It does leave me optimistic that combined with some of the other technologies such as hardware wallets it could provide a far more robust approach to safeguarding these digital assets than what we have now.
There are still many challenges associated with solving the UX in Web3, but MPC wallets seem like a positive step forward for the industry, and if your average user no longer has to know what a seed phrase is, that’s a big win for all.