Revolutionizing Bitcoin Custody with MPC and Swiss Bunkers
When Satoshi Nakamoto, the pseudonymous creator of Bitcoin, published the system’s whitepaper in 2008, he directly criticized financial institutions and the trust they require. However, in 2010, one of the most prominent Bitcoin collaborators in the early days and the recipient of the first Bitcoin transaction in history, the cypherpunk and cryptography specialist Hal Finney, envisioned a future in which bitcoin banks should exist. In this mixed zone, between the ethos and the potential deployment of this system over the global financial world, we have bitcoin-native banks like Xapo Bank today.
Founded in 2013, Xapo Bank is one of the pioneers on the custodial side of Bitcoin, as projected by Finney. It was born as a solution for family and friends, imagined and built by Argentinian entrepreneur and trailblazer Wences Casares, one of the prominent advocates of this technology in Silicon Valley. But it grew. Significantly. And right now, it’s one of the few fully licensed banks worldwide that operates with BTC and other digital assets.
Its business model combines state-of-the-art Bitcoin technology and a physical bunker in the Swiss mountains. This physical place combines the old-fashioned Swiss protocols with today’s top security technology. It’s an atomic bunker and works as the backbone of what Xapo offers its clients: high-quality security to hold digital assets.
From a technological perspective, Xapo is looking into innovative paths. Multi-signature solutions dominate the custody industry, but for the Gibraltar-registered bitcoin bank, the best alternative and solution for security risks is the multi-party computation protocol.
At a broad level, MPC allows several parties to share information without fully disclosing their shared data. In the context of Xapo, this works by dividing the digital asset master private key into several unique fragments, known as “key shares,” which Xapo Bank has stored and dispersed in undisclosed locations worldwide, with the Swiss bunker among these locations.
The MPC protocol guarantees that participants can keep their contributions private during key generation and signing without revealing them. This functionality ensures that no single party within the quorum has complete access to or control over the stored assets, taking the collusion risks to almost zero.
“MPC is a much more modern and secure setup compared to a still more popular multi-signature approach. The fact that the private key is not put together at any point in the transaction means there is no moment it can be potentially exposed or hacked, which is not the case with the more traditional multi-sig technology,” Xapo Bank’s Chief Technology Officer, Kamil Dziubliński, explained to me in an interview.
However, there are threats and risks, even with a movie-like bunker and this innovative way to secure the keys and the transaction signing process. Hacks, and phishing attempts, from a security perspective. From a financial point of view, threats are related to money laundering, terrorist financing, and other similar financial attacks.
“Given that we’re operating in the crypto world, we had to create expertise and utilize the right tools to get the same level of protection from malicious actors that you would expect from a regular bank, but instead tackling on-chain transactions,” Dziubliński detailed.
And inside the company, they have several protocols to ensure the mitigation of inside threats. “Segregation of duties, four-eye principles, multiple approval processes, and providing only the required set of permissions are critical to ensuring no single employee (or even a group of them) can harm our users or us,” Dziubliński underscored.
But as we stated at the beginning, financial institutions have been under scrutiny from Bitcoin’s perspective since the beginning. In fact, a bitcoin advocate who reads this article and keeps digging into Xapo Bank might find that it offers something dramatically distant from one of the main mantras of the industry: ‘Not your keys, not your coins.’ Xapo provides a radical alternative to self-custody.
“I truly believe that a bucket of mass adoption — early majority, late majority, and most likely even laggards — will look for simple solutions. Solutions that don’t require technical knowledge. Self-custody is not as simple as it is being advertised. Just the fact that $484 billion of BTC has been lost so far is a data point that is hard to argue with. Human error is a real thing, even among experts,” Dziubliński sentenced.
The potential of Xapo Bank and similar service providers is still to be fully realized. However, after more than 15 years of Bitcoin’s history, the development of these types of products makes Hal Finney’s predictions seem more tangible than ever.
link