To enable the average person to use crypto-based products, we need secure and user-friendly solutions to manage private keys. In addition to being secure, it’s also important that these solutions are non-custodial, which generally means that a user has not surrendered control of their private key to an outside service.
Not your keys, not your crypto.
“Not your keys, not your crypto” is a popular saying in the crypto community because unlike traditional finance, there are no “take-backs” once money is moved on the blockchain. If someone has your private key, they can irreversibly move your assets to anywhere they want. Unfortunately, people are bad at managing their online security:
To lower the barrier to entry to the crypto ecosystem, many companies are working on solutions that make managing private keys easy. Many of these solutions claim to be non-custodial, yet these solutions can access and lose their users’ private keys. They take advantage of legal gray areas and falsely position themselves as a happy medium between security and user experience.
Non-custodial guidelines need to improve for a safer crypto ecosystem. Specifically, there needs to be more restrictive rules around what defines a non-custodial service. If someone chooses a non-custodial service, they should have the total peace of mind that their private key is safe forever.
“Semi-custodial” Solutions
A handful of private key management solutions allow users to simply sign in with email to create a wallet. These services generally work by associating user emails with private keys on an off-chain backend. When a user wants to sign a transaction, the service will retrieve the corresponding private key and take action. The only thing a user needs to use a dApp is their email password.
This smooth user experience has resulted in millions of new crypto users that don’t need to deal with the headache of securing their private key. The downside is users have to trust the service they’re using is secure. If the service turns out to be malicious or gets hacked, they’ll lose their funds!
These services can claim to be non-custodial because their users can technically access their private key. They are exploiting a legal gray area, and may face scrutiny as regulation around crypto tightens. Custodial solutions are required to follow a much stricter set of laws, and it feels wrong to allow these services to masquerade as fully non-custodial solutions.
The New Standard
A common-sense, more restrictive guideline for categorizing custodial and non-custodial solutions is whether a service can access a user’s private key. In practice, this is a difficult line to draw because it involves opaque companies claiming that they follow security best practices. The reality is that software companies are constantly changing (especially startups!) and even with the best intentions things can go wrong. All it takes is one small mistake to lose users’ funds forever!
An even better guideline for categorizing custodial and non-custodial solutions is whether a service can lose a user’s private key. In the extreme case (perhaps not so extreme anymore) if the government shut down the service’s AWS account, could their customers still access their funds?
In short, a private key management solution should be considered non-custodial if the following conditions are met:
A user can access their private key
The service cannot access the private key
The service cannot lose the private key
There are many ways that the previous three conditions can be met, although the one gaining the most traction recently is Multiparty Computation (MPC). MPC is a branch of cryptography for doing computation among untrusted parties, and was invented in the late 1970s.
The next article will dive into how leveraging MPC results in a secure, user-friendly, and non-custodial private key management solution. Here’s an article about it if you want to get a head start!
Thanks to Sam Hatem for his contributions to this article. Subscribe to his Mirror to learn more about how crypto will be brought to the masses!