The venture hopes that with top guards surrounding the warehouse, security cameras, and iron doors, it will make the vault unbreakable. Bakkt is already setting the all-time highs with cryptocurrency trading. That’s why it will facilitate pentesters and third-party auditors to avoid hacks and other dangers at all costs.
In the past, clients were able to trade Bitcoin futures. But only that. After receiving approval from the NYDFS, Bakkt sets everything to change. Now, accredited investors from all over the planet can call Bakkt to buy Bitcoin custody services with premium features.
Galaxy Digital, Tagomi, and Pantera Capital already signed up for the offer and will trust their coins with Bakkt’s insurance and warehouse offers.
Technology needs something that will impress sophisticated people from higher investment circles. People with a large amount of cash like predictable markets. They don’t appreciate volatility or weak security that is essential for online exchanges and OTC trading. More than that, many of the venture investors don’t want to show off their names. People controlling all those pesky crypto exchanges usually have no names and no addresses, why should one disclose his credentials?
With Bakkt, customer’s funds are stored within a special vault containing a dedicated network.
The infrastructure consists of a series of protected data centers with autonomous electricity, armed guards with superhero skills, security cameras everywhere, and 24/7 incident response teams available to catch any night intruders.
The operations with Bitcoins are not just the act of transaction signing. To send coins, the vault will ask for the corresponding signatures from parties across the planet. This is exactly what a multi-signature wallet does. This looks like a spy thriller, but hold on. The most exciting part here is that they will save your Bitcoins even if a natural disaster will happen and destroy their facilities. It all can be possible thanks to the 125 million United States dollars granted by a ”global syndicate of insurers”. Those guys have a sense of humor.
Coinspeaker has asked hash.fail maintainer James Edwards, who is famous for his expertise in blockchain security, about the measures that Bakkt implemented to protect funds. Here’s his brief review of the offered measures:
”The Bakkt wallet must be signed by all necessary parties for the TX to occur.
If they’re all in different places (on the planet) (# of places = x):
1. X times that these counterparties must communicate over a network of some sort that can be compromised in a number of different ways.
2. Coordination of such a request for signing could present another attack vector.
3. Validation of said request = another attack vector multiplied * by X requisite signatures.
4. Now I and everyone else knows at least part of their protocol at this point and from this + them bragging about them hiding the solution “on-premise” gives me enough info to make several more deductions.
5. Using this info, tracing down the specific address most likely is a lot more simple. These are institutional investors, so safe to assume their funds would be significant & the wallet should at least be 3/5 or greater (a safe guess). Few wallets apart from known exchanges fit those criteria.
6. X number of people are intimately aware of your internal process & they can be compromised a # of different ways.
7. There’s only one TX crafted with all these signatures. So there must be some integration point & someone that’s doing this.
8. Since they announced this was “on-premise” in a room with a vault among other things, there’s a lot of room for me to begin poking at cracks / obtaining info via social engineering.”
Unfortunately, as we see, not every industry expert welcomes such hardcore physical matters of private keys defense and distribution. But does the system has any chances to succeed? We’ll find out in the future.