COLD STORAGE

After a series of hacks, cryptocurrency issuers may turn to old-fashioned bank vaults for security

Inner sanctum.
Inner sanctum.
Image: AP Photo/Gerald Herbert
By

After hackers looted $30 million worth of ether last week, a company planning to raise money with cryptoassets is turning to an old-fashioned solution to safeguard the funds: a bank vault. It highlights the difficulty of keeping even the most sophisticated new technology safe and secure.

BitBounce, an anti-spam e-mail provider, is planning to raise as much as $20 million through an initial coin offering of digital tokens on the ethereum network. Founder Stewart Dennis says he may have millions of dollars worth of tokens left over from the ICO, which will need safekeeping. Recent hacks have revealed the risks of storing digital money online. Given those concerns, Dennis said he’s considering offline options, such as safe deposit boxes and theft insurance.

Crypto heists work like this: ether and bitcoin holdings can only be accessed by a private key, a kind of password to a digital currency wallet. The trouble is safeguarding that key: If hackers find a way to steal it, then a digital wallet can be accessed.

One way cryptocurrencies bolster their security is through “cold storage,” meaning that private keys are kept offline, away from the reach of online hackers. The key can be written down on paper or stored on a drive that’s locked away in a bank safe.

Xapo has been providing such services for bitcoin (and only bitcoin) since early 2014. Investors can store their assets in its vaults, some of which are located in a decommissioned Swiss military bunker in the Alps, where offline servers are located. They’re “guarded by intense human and automated security measures,” according to the company’s website. Higher security naturally impedes convenience—Xapo says it can move bitcoin from its offline vaults to an online digital wallet within 48 hours.

Tokens, bitcoin, and ether were designed to democratize money outside the traditional financial system. But the existence of Alpine vaults raises certain questions. Granted, even central banks can get hacked, and commercial financial firms suffer their own breaches. Still, when businesses raise money via traditional means, executives probably don’t have board meetings about the risk of crooks stealing their funds—that problem was solved long ago. Old-school security, in the form of steel and security guards, may still serve a purpose for newfangled cryptoassets as well.