The Future of Collaborative Custody

The OCC is giving banks the greenlight to custody bitcoin, bitcoin exchanges are becoming banks, and public companies are starting to stack a lot of sats. It is all happening so fast! Post halvening, the fourth bitcoin epoch is off to a wild start, and a lot of folks are starting to reassess their security posture in anticipation of the next mass adoption wave. 

As bitcoin adoption waves swing into full force, value increases materially, and seemingly overnight, individuals and companies find themselves securing meaningfully more value. While everyone’s security posture should generally be 10x the current value of bitcoin (h/t Matt Odell), let’s be honest; most people’s security is weaker than they would admit publicly (or privately) and most don’t take it as seriously as they should. Securing bitcoin well is not easy, but it is easy to put off. At Unchained Capital, we are working to lower the bar for individuals and businesses to achieve a level of security that historically would have been reserved to large institutions. We do so by making multisig easy to access through collaborative custody, while also ensuring that clients remain in unilateral control of private keys.

Bitcoin’s native multisig was built, in large part, to enable shared responsibility of securing bitcoin among multiple parties. These responsibilities include storing private keys, backups, or safekeeping critical information about the wallet itself. Unchained Capital has taken to calling multisignature where responsibilities are distributed across multiple parties “collaborative custody”. Collaboration is not required in order to use multisig, but the opportunity to do so is native to the protocol and opens up a wide range of possibilities for individuals and companies to achieve their security goals. To date, Unchained Capital has been included as the primary, if not only collaborator alongside clients, serving both as the coordinator/wallet function and as a trust minimized party to help clients secure bitcoin. This model allows users to remain sovereign over funds, eliminates single points of failure, and builds redundancy into a client’s security posture. The future of collaborative custody will preserve these strengths, while bringing more options and flexibility to both individuals and businesses, allowing clients to better tailor bitcoin security to their own respective needs.

In order to realize the promise of bitcoin’s multisig properties, the coordination of those collaborating and the software that enables that coordination is a critical layer. To a certain extent, coordination already happens in the physical world. Many individual multisig users rely on trusted friends or family members to store certain wallet and private key information as a way to further distribute security. This could mean having a backup seed for a hardware device in a family member’s home or in a safety deposit box. However, this collaboration is typically ad hoc and offline. While our platform has made it easy for individual users to collaborate with Unchained Capital to better secure bitcoin through multisig, the benefits of collaboration have not yet been fully realized at the application layer. Following our release earlier this week, I wanted to share my thoughts on our vision and explain how Unchained Capital’s investments will continue to make it simpler for individuals and businesses to collaboratively use multisig with trusted friends, family or team members (in the case of a company) in ways that increase security by integrating system level and process controls with private key management.

Love it when a plan comes together

Over the past nine months, we re-architected our backend to allow for greater flexibility in account structures and to allow for advanced permissioning at every step of a transaction flow. This has been our single largest investment in 2020, even greater than the major investments we’ve made to further advance our open source multisig wallet (Caravan). When we launched our custody solution in the Spring of 2019, it was with the vision of expanding collaborative custody beyond a single user application, which has been the principal application to date. We recognized the need then for custody solutions built on client-controlled private keys that also allowed for flexible collaboration and coordination among multiple parties on the client side, whether it be in the context of managing the assets of an individual, family or business. However, we are bitcoiners. We love bitcoiners. Bitcoiners want everything and they want it yesterday (h/t wen coldcard). So do we, but we move slowly because we can’t break anything in the process. After all, we are consumers of our own product and we are helping to secure our clients’ bitcoin in addition to our own personal bitcoin. Beyond our families, there are few greater responsibilities. 

This week marks a milestone as we released the first of many major upgrades to our collaborative custody suite that all come as a result of the architectural investments we’ve made over the past year. While our initial release of advance business accounts earlier this week is a big win, we are just scratching the surface of what our investments this year have made possible for the future. It may seem timely but we recognized the need for advanced business applications long before public companies started making it popular to hold bitcoin on balance sheet. As we move forward, we will continue to make investments that further improve functionality for businesses and that are tailored to the needs of individuals and families as well. Private key ownership and decentralization are critical to long-term security in bitcoin and collaborative custody built on top of multisig reinforces both. By providing businesses and individuals with the tools that make private key management and direct ownership of material amounts of wealth more easily manageable, we deliver greater security and align long-term interests with our clients while at the same time eliminating the risks of centralization. Without multisig and a robust collaborative custody layer, we would likely end up back where we were before bitcoin, with everyone trusting too-big-to-fail mega banks. 

Below I’ll highlight what we’ve released to date and our vision for the future.

Advanced Business Accounts

With our advanced business accounts, we are merging corporate governance and the bitcoin protocol. Bitcoin knows about private keys, xpubs, bip32 paths, quorum types, and address types, but it doesn’t know or care about people. It has no opinion on who has what information nor does it care about jurisdictional laws regarding legal claims to ownership. Bitcoin only knows whether information is valid when it comes time to find addresses and to spend bitcoin. Companies care deeply about all the things that bitcoin can’t know about. At Unchained, we’re investing heavily in products that care about people and their roles in securing bitcoin on a company’s behalf.  We’re doing this by integrating system and process controls with private key management. Now, within an advanced business account, multiple members of an organization can log-in with different permission levels and can collaborate in the management of company-held bitcoin. Through access control lists that recognize individual roles and permissions, and by building those controls on top of cold-stored private keys, which can be segregated within an organization, businesses can achieve a level of security that would not be possible if relying solely on either system controls or private keys. 

If your business is holding bitcoin and relying on a third-party custodian, you are relying exclusively on system level and process controls to secure bitcoin. If keys live on your custodian’s servers, your security is built on asking for permission to transfer your bitcoin, and access to your account can become a single point of failure. If your business is sophisticated enough to use open source tools (such as Caravan or Electrum), you would need to develop your own proprietary coordination infrastructure and at minimum, you would need a secure mechanism to pass signatures back and forth. Without significant investment, the ability for a broader group of individuals to collaborate in the management of company assets would be inherently limited, and you would be relying primarily (if not entirely) on private keys, often coordinating on an ad hoc basis through insecure channels. With Unchained’s collaborative custody, system-level and process controls augment private keys, resulting in greater security than could otherwise be achieved if relying exclusively on one or the other. 

There is a permanence in bitcoin (and in private keys) which causes custody to be fundamentally different than in the legacy world. That permanence can be daunting and intimidating. Initially, many businesses might shy away from the responsibility, but private keys are foundational to why bitcoin is more secure than the legacy monetary system. There is a reason why most educated users and long-term holders control their own private keys. It isn’t ideological; it is for security, and the same principles that apply to individuals apply to businesses. With the current release, our advanced business accounts make it easy for companies to take control of their private keys and are perfect for a wide range of businesses. Whether an operating business (bitcoin-centric or not), a family office, investment fund or even an institution facilitating custody on behalf of end clients (B2B2C), our business suite is ideal for any organization that understands the importance of bitcoin, private keys and the challenges inherent to an organization of people securing bitcoin on a direct basis.

Currently, a business account can have an owner, multiple admins and multiple view-only users, with a maximum of 15 total log-ins. On the back-end, we’ve already built in the capability to set advanced permissions on individual keys and per user at every step of the transaction flow, which includes authoring, approving, signing and broadcasting (all at the system level). We can also restrict who within a business has access to sensitive wallet configuration information. For example, an individual may have the capability within our system to only sign a transaction with a specific key, and to further enhance financial controls, that individual may be restricted from having access to wallet information that would be required to spend externally from the application. Separately, individuals within a company may not have access to keys, but may have the responsibility to approve a transaction before it can be initiated. Or, a quorum of approvers may be necessary to author transactions. Our back-end is already capable of administering finely tuned permissions; we just need to layer on the UI/UX to make such a robust and flexible application intuitive for users, which will be coming in a future release. Ultimately, our goal is for any business to be able to tailor bitcoin custody to its own governance and organizational structure, all built on the foundation of native multisig with private keys controlled directly by businesses.

As more businesses hold bitcoin in treasury, Unchained Capital wants to ensure that bitcoin’s censorship-resistant and sovereign properties – properties which differentiate it from fiat currencies – are preserved, which in itself is a core security principle. Separately, businesses holding bitcoin should not be forced to accept the counterparty risk of large financial institutions as a default position. Options need to exist, and we continue to deliver on our promise to help both businesses and individuals access and leverage multisig with their own private keys. We expect a range of custody solutions to exist that complement each other and believe our platform will increasingly represent a critical piece of custody infrastructure to support all those securing a material amount of wealth in bitcoin for the long-term. 

Joint Ownership

When we think about bitcoin custody, it is inevitable that bitcoin will be held by individuals and businesses, but we also know that bitcoin will be held jointly. Bitcoin gives us the base functionality to conceive of products with shared ownership of funds via multisig.  Instead of restricting access to permissions or information, equal access to functionality and information can be ensured through a joint account structure. When we release joint accounts, two individuals will have equal permissions to author, sign and broadcast transactions, and both will have access to important wallet information required to recover funds through our open source application or through a third party wallet provider. While access to private keys could still be segregated between owners in the physical world, joint ownership as defined by the jurisdiction where funds are held requires equal access to functionality and information. 

Consider a small business owner. That person will likely have a combination of bitcoin in a business account, individual account and in a joint account. Our application will provide one interface that allows individuals to switch between accounts and to collaborate with different individuals depending on the nature of the relationship. Collaboration between a married couple holding bitcoin jointly will be as easy as a company managing bitcoin, but there are also different legal consequences of joint ownership. With a joint account, Unchained Capital would have equal responsibilities to both individuals as a trusted financial partner. If either individual passed away, became incapacitated or was otherwise inaccessible, Unchained Capital would collaborate with either to securely facilitate bitcoin transactions.

Multi-Institution Custody

For individuals or businesses that may not want to hold a majority of keys, our multi-institution custody provides a solution in which a client holds a single key, Unchained Capital holds a second key and an independent third-party key agent holds the third key. In a 2-of-3 multisig vault, two keys are required to transfer bitcoin, but no single party has unilateral access. Instead, collaboration is required to transfer any bitcoin. Today, the party that acts as our independent key agent is CitadelSPV. As we expand on our vision for collaborative custody, we plan to on-board a number of key agents to give our clients a range of choice. We just have to build the front-end and execute agreements with prospective future key agents. Holding keys is a significant responsibility and businesses that are already holding keys on behalf of individuals or businesses will be able to further leverage in-place infrastructure to participate in Unchained’s multi-institution custody. Ultimately, we envision a future in which Unchained Capital may not even hold a key. A client could select its own key agent(s) based on legacy relationships and Unchained’s application would become exclusively a coordination engine.

Wealth management is a separate use case for which multi-institution custody is an ideal solution. While we are already working with wealth managers and RIAs today, our application is not form-fit for the type of collaboration we expect between wealth managers and clients. With the greater flexibility and functionality we’ve architected into our backend, individuals will be able to invite wealth managers to participate as key holders within their personal accounts. Conversely, we will also be offering solutions tailored specifically for wealth managers that have many clients, in addition to wealth management firms that have many advisors. Collaborative custody is built to help people work together to secure bitcoin. Managing money often involves a number of people, and historically, there has not been a solution that both preserves private key ownership and allows for multiple individuals to collaborate in the management of assets, especially among advisors and clients. We plan to change that as we continue to productize collaborative custody further. 

The Sovereign Individual

A major motivation for our recent investments has been use cases that involve multiple individuals and particularly businesses, but collaboration does not require sacrificing sovereignty.  When an individual chooses to collaborate with a third party, a trusted financial partner can participate in the security of bitcoin while preserving the individual’s unilateral and sovereign control. The future we’re building will allow individuals more agency in determining who they collaborate with, and what tools those collaborators have at their disposal to serve the individual bitcoin holder. 

Companies like Unchained Capital will likely serve as the primary collaborator for these sovereign individuals, but we plan to offer the capability to have other trusted parties fulfill the role of a key holder within our application (such as a family member). Our goal is to increase choice in our base application and then layer on more advanced applications, including structures that create well defined inheritance protocols. By providing users with a single interface to manage bitcoin across a range of scenarios and relationships, we’re empowering individuals and businesses with tools that reduce complexity and ultimately help clients sleep a little sounder at night knowing their bitcoin is secure.  

The Future of Collaborative Custody

At Unchained Capital, we believe that collaborative custody is the bitcoin standard. Our investments in multi-user account infrastructure, robust access control lists and permissioning,  integrations across multiple hardware device manufacturers and our commitment to open source continue to make multisig simpler for both the individual and business. These investments reinforce our leadership position as a technology provider and as a trusted financial partner. 

We believe collaborative custody is ideal for any individual or company storing material wealth in bitcoin, and we will continue to provide clients with the tools they need to achieve their goals in the safest, most fault tolerant way. At the same time, we are also lowering the bar for other institutions interested in providing bitcoin custody, in a way that reduces the investment burden and lowers risk while ensuring the most critical component of the custody chain remains in the unilateral control of businesses serving end clients: private keys. Collectively, our investments have helped advance a more distributed and decentralized architecture for bitcoin custody and we’re excited to be making multisig more accessible and more secure for a broader audience.

In the coming weeks and months, you’ll be hearing a lot from us on how our investments manifest as new products and features on the Unchained Capital platform. This year has been transformational and we are proud to be playing a meaningful role in helping to advance the commercialization of multisig and collaborative custody for individuals and businesses. With our major upgrade to Caravan (May 2020), our release of a so-easy-a-caveman-could-do-it sovereign recovery tool (June 2020) and our collaboration with Trezor to deliver the ability to confirm multisig addresses on the hardware device (August 2020), we had already made great strides this year in increasing security and improving the user experience with multisig. The enhancements to collaborative custody released this week and those to come in the near future will continue to complement the strong foundational building blocks already in place (and yes, Coldcard support will be available in the weeks ahead). 

At Unchained Capital, we build off the first principle that private keys matter in bitcoin; collaborative custody built on top of multisig is how we express that principle through our products and services. Bitcoin and its multisig properties unlock unique security benefits that we’re dedicated to making accessible for all your personal and business needs. 

If you or your company are interested in our current solutions, or would like to provide feedback on future enhancements, please reach out. You can email me at parker@unchained.com.

Best, Parker