This chapter details the technical implementation of crypto custody on the ecrop platform and provides developers and system architects with essential information on the architecture, components, security mechanisms, and key management. It serves as a technical introduction for integrating and operating the platform. ecrop GmbH will offer crypto custody services in compliance with the requirements of the KWG (German Banking Act) as soon as the necessary license is granted.

Technical Architecture: Hot and Cold Storage for Maximum Security

The crypto custody architecture is based on a combination of hot and cold storage to ensure both robust security and operational efficiency, fulfilling the requirements of the KWG and the KryptoWTransferV (German Crypto Asset Transfer Regulation). This multi-layered architecture guarantees optimal protection of clients’ private cryptographic keys while simultaneously ensuring rapid transaction processing. Segregating hot and cold wallets enhances security by keeping the majority of crypto assets offline in cold storage.
  • Hot Wallets (AWS KMS): Hot wallets are utilized for daily operations and smaller transactions. Private cryptographic keys are encrypted and stored within the AWS Key Management Service (KMS) and rotated regularly in accordance with BAIT (German Banking Supervisory Requirements for IT) and MaRisk (Minimum Requirements for Risk Management) guidelines. AWS KMS provides a high degree of security and scalability, meeting the stringent requirements of the KWG. Access to hot wallets is protected by multi-factor authentication (MFA) and strict, role-based access controls (RBAC).
  • Cold Wallets (Hardware Security Modules - HSMs): Cold wallets are employed for the secure, long-term storage of the majority of assets. Private cryptographic keys are generated and stored offline in certified Hardware Security Modules (HSMs) that adhere to the highest security standards (e.g., FIPS 140-2 Level 3). HSMs are tamper-resistant hardware devices offering robust security and protecting keys from unauthorized access. Access to the HSMs is strictly controlled, logged, and requires the presence of multiple authorized personnel according to the four-eyes principle.
  • Wallet Management System: The Wallet Management System is responsible for the centralized administration and monitoring of all wallets and complies with the KWG and KryptoWTransferV requirements for secure crypto asset custody. It provides functionality for secure key generation, storage, rotation, and recovery. The Wallet Management System is protected by strict, role-based access controls (RBAC), multi-factor authentication (MFA), and encryption. All actions and key access are logged for comprehensive auditability.
  • API (REST-API): A REST API enables secure and efficient access to the crypto custody functions. The API is versioned, comprehensively documented, and provides developers with a standardized interface for integration with other systems. It supports JSON as the data exchange format and utilizes JWT-based authentication and authorization for secure access. The API documentation includes detailed descriptions of all endpoints, parameters, data types, and code examples in various programming languages.
  • Monitoring & Alerting System: The monitoring system continuously monitors wallets, HSMs, system status, and network connections to detect and address security incidents and outages promptly. It employs real-time monitoring and anomaly detection, generating automated alerts for critical events. Monitoring data is stored and analyzed in a central SIEM system (Security Information and Event Management) to identify threats and enhance platform security.

Security Architecture of Crypto Custody

The crypto custody security architecture is multi-layered and incorporates the following measures:
  • Cold Storage: The majority of private keys are stored offline in HSMs (Cold Storage). This provides a high level of protection against cyberattacks and unauthorized access. The HSMs are stored in secure data centers with physical access restrictions.
  • Multi-Level Access Controls: Access to crypto assets is protected by multi-level access controls. Role-based access controls (RBAC), multi-factor authentication (MFA), and the four-eyes principle are implemented for critical operations. This ensures that only authorized personnel with the necessary permissions can access crypto assets.
  • Encryption: All data is encrypted both in transit and at rest. TLS 1.3 is used for data in transit, and AES-256 encryption is used for data at rest. Keys are managed within HSMs.
  • Regular Security Audits: ecrop conducts regular security audits to identify and remediate vulnerabilities. These include penetration testing, security audits, and vulnerability scans. Audits are performed by both internal and external security experts.
  • Intrusion Detection & Prevention System (IDS/IPS): An IDS/IPS monitors network traffic and system activity in real-time to detect and block suspicious activity. The system is regularly updated to recognize new threat patterns.
  • Incident Response Plan: ecrop has a defined Incident Response Plan for handling security incidents. This plan encompasses incident identification, root cause analysis, implementation of countermeasures, and communication with affected stakeholders.

Key Management: Secure Generation, Storage, and Rotation

Key management is a critical aspect of crypto custody and includes the following measures:
  • Key Generation: Keys are generated within HSMs using cryptographically secure random number generators (CSPRNGs). Key generation is performed offline, and the keys never leave the HSM unencrypted.
  • Key Storage: Keys are stored encrypted within HSMs.
  • Key Rotation: Keys are rotated regularly to minimize the risk of compromise. Rotation intervals are determined based on key type and security requirements.
  • Key Recovery: ecrop has a secure and documented key recovery process for emergency situations. Recovery requires the presence of multiple authorized personnel and the entry of multiple secrets (Shamir’s Secret Sharing).

API & Integration: Interface for Secure Data Exchange

The crypto custody REST API enables secure and efficient data exchange with other systems. The API is documented, versioned, and provides developers with a straightforward integration method:
  • Endpoints: The API documentation provides a complete description of all API endpoints, including function descriptions, parameters, data types, and return values.
  • Authentication: The API utilizes JWT-based authentication and authorization via API keys. The documentation includes a detailed description of the authentication process and code examples for authentication in various programming languages.
  • Examples: The documentation provides code examples for API integration in various programming languages and for different use cases, such as querying wallet balances, initiating transactions, and retrieving transaction details.

Compliance Features: Adherence to Regulatory Requirements

The crypto custody solution includes various compliance features to ensure adherence to regulatory requirements:
  • Monitoring: The system continuously monitors all wallets and transactions to detect suspicious activity. It generates automated alerts for critical events. Monitoring occurs in real-time, and the data is stored in a central SIEM system.
  • Reporting: The system facilitates automated report generation for clients and regulatory authorities. Reports can be customized to meet individual requirements.
  • Controls: The system incorporates integrated control mechanisms to ensure compliance with regulatory requirements. This includes adherence to KYC/AML requirements and transaction data validation.