“Harmony has hit a bum note. To the tune of $100M. This is the 3rd bridge in the top 10, and the second drained via compromised private keys.”
“Nomad Bridge has been torn apart, with $190M drained in a savage attack.”
“Approximately 8,000 addresses on the Solana network have been compromised, draining a total of ~$5.3M.”
News like the ones above is scary, but the frequency is scarier. As consumers, getting rekt by making the wrong bets is common and the responsibility is on the consumers themselves. Founders raise money so that they can spend it on growing their project and create an impact on their consumers and their community members, and attacks like the one on Solana wallets that happened on the 3rd of August not only affects consumers but also could’ve affected founders who maintained their funds on a single Solana wallet.
I searched for articles that give anybody actionable information on how to secure funds and the best solutions, but I could find none. I then got in touch with Srikanth Yeleswarapu, one of the financial technology experts in one of the leading global venture firms to give out some best practices and tools to help founders secure their funds better.
Cold Wallets
Most know that hardware (cold) wallets are much safer than software (hot) wallets, so it may seem like some of the project’s funds must be in a cold wallet. This may not be the best thing to do. Most of the high-trust cold wallets are not multi-sig which means that one of the founders will hold the keys to the cold wallet. This is a point of failure. The cold wallet can be misplaced or something could happen to the founder (signatory). If the founders share the private key amongst themselves, there is a higher chance of this getting compromised.
Securing funds in a cold wallet also doesn’t allow two founders to be remote separately if they are sharing the private keys (which is the farthest thing from best practices).
Long story short, although the degree of security is higher in cold wallets, it is not optimal to be securing a project’s funds because it becomes a single point of failure.
Software Wallets
Among software wallets, the most popular one is the Gnosis safe and this works pretty well for many purposes. For early-stage startups, this can work well when the team is small and the hierarchy is mostly flat. Founders will have complete visibility and control over the spending across verticals. Things get a little complicated when there is a structure and also when the project goes public. When the project grows or goes public:
- A separate finance vertical gets created
- Many more stakeholders will get involved (Treasury, Accounts, etc.)
With the finance vertical coming in (which comes in with lower knowledge of the technical structuring of wallets) there will come a need to set up certain measures to secure your project’s funds in a better manner. If your project is using a multi-sig there will be an “m” of “n” signatures that need to sign to approve a transaction. When the “n” number increases, then there can be a higher chance of collusion between the private key holders to approve a transaction. This is where MPC (Multi-Party Computation) wallets save the day. You can write different rules for different types of transactions across different stakeholders. Liminal is a great solution to look at for such purposes.
MPC type protection can be structured over a multi-sig wallet but this will require an intervention from the internal tech team and also a maintenance commitment. Solutions like Liminal although less cost-effective, definitely do optimize for scale. Most MPC solutions also provided advanced features such as batch transactions, multi-factor authentication (MFA), internal transaction policies, user management, etc.
Keeping all your funds in one place or a solution is still a single point of failure. Although not in line with the ideals of decentralization, many protocols do keep a large chunk of their funds (the kind that they don’t need for the next 2-3 quarters) in a custodial wallet with a high insurance cover. This is to ensure that the project doesn’t run out of money immediately in the case of a Black Swan event.
With different buckets allocated for a project tokens max supply, it is advisable to open a separate wallet for each spending bucket (treasury, community incentives, airdrops, etc.). While the management of the wallets becomes slightly more complex, managing the funds become a lot easier and makes it easier for a Web3 company to be compliant with regulatory bodies (if required).
So to sum things up, the project can put:
- Spending money on non-custodial solutions such as :
- Custom Structured Gnosis Safe(s)
- No/ Low Code MPC-based solutions such as Liminal
- “Cash in Bank” money in custodial solutions such as :
Currencies
When projects raise funds in the form of stablecoins, they must be raised in the form of “safe” stablecoins. After speaking to certain experts here is a gist:
- Accepting USDT is ok, but in the long run, holding it there is no clarity of its stability. It has been depegged before and there is no transparency on the audits of Tether yet.
- USDC might be the perfect balance of universal acceptance and trust for all purposes. There is transparency in the audits of Circle and is also regulated. It has maintained a good level of stability since the second half of 2021.
- If the project is very particular about decentralization, the best bet is to hold funds in DAI. There is complete transparency and Maker protocol has built a collectively trusted protocol.
- BUSD is also a widely accepted
Having mentioned the above statements, this is in no way an attempt to attack or promote any currency or solution. This is the currently common practice of treasury and fund managers in crypto. It is completely up to the project or individual as to how their funds are managed.
Additional Best Practices
Most founders do get a little nervous about the volatility of the markets and try and maximize their treasury value by investing in different funds and schemes such as Pillow, Flint, and until recently Vauld. This is a valid mindset, but once again, these are points of failure. Vauld shut down its operations due to the unprecedented effects of the bear market and any organization that had invested, might’ve lost a large chunk of the treasury.
It is better to stray away from the whole yield and alternate investment business as an early-stage startup.
Secondly, many investors observed that the founders wait until the money is raised to open a Multi-sig or MPC Company wallet. This is not a good practice because it doesn’t allow the company to be 100% compliant from day 1. To be 100% compliant, all the grants and funds received must move into the company wallet rather than a founder wallet. It is best if the founders open a Multi-sig wallet before they receive even a single dollar in the form of grants or funds.
Closing Words
With the volatility and vulnerability in the crypto space, founders must be careful while handling the funds secured from investors. BuidlersTribe internally hasn’t conducted special audits of any of the solutions mentioned above, but we spoke to an expert, Srikanth, in the industry who has been successfully securing funds for many years. The above image consists of all the common solutions suggested by him in the venture industry.
Special Thanks to Srikanth Yeleswarapu for taking out the time and guiding us to put out this piece