Threats to digital asset custody (and how to mitigate them)

In 2016, Bitfinex was one of the largest crypto exchanges in the world, trusted by many institutional investors to safeguard their assets. But in August of that same year, hackers exploited a vulnerability in Bitfinex’s multisig implementation, stealing nearly 120,000 BTC–worth millions at the time and valued in the billions today. 

This breach was another wake-up call for the industry, highlighting the risks of institutional investors relying on centralized custody solutions.

In this article, we’ll break down the threats facing traditional custodial solutions and how Wallet-as-a-Service (WaaS) providers like Turnkey enable institutions to hold and control their own keys securely, without compromise.

A custodian’s role in institutional investing

Custodians serve as trusted third parties, safeguarding assets and managing back-office operations for institutions. With mature legal frameworks and built-in recovery processes, custodians provide the stability institutions rely on. 

In traditional finance, custody is typically handled by banks, trust companies, or specialized custodians to manage regulated assets like stocks, bonds, precious metals, and more.

How digital custody evolved to meet new threats

In 2008, when Bitcoin first emerged, it was fundamentally different from these traditional finance models.

Because of the secure, decentralized, distributed technology that underpinned the protocol, individual users could manage their own funds and transact tokens between each other, peer to peer, with no bank or trusted third-party required. 

Although this was powerful, it also introduced new risks. In early 2010, a lot of Bitcoin was handled with desktop wallets or on centralized exchanges that allowed the easy exchange of Bitcoin to fiat. However, these services lacked both robust security and strong regulation. 

Following several hacks and threats, including Bitfinex, Mt. Gox, and others, many in the industry started to change their approach to asset management. In the years following, crypto-native custodians emerged, originating from exchanges such as Coinbase Custody, or independently, such as Anchorage. 

These custody solutions sought to offer a more traditional and mature approach to serve institutions, with much more robust infrastructure. 

Now in 2025, this trend has continued, with platforms built to offer institutional-grade security, regulatory compliance, and technical infrastructure tailored specifically for digital assets. 

How institutions custody their crypto 

There are many approaches to custody. Institutions can choose from self-custody, third-party custody, hybrid models, or non-custodial solutions – each designed to meet different operational and security needs. 

Self-custody

Traditional self-custody is the original way to handle cryptoassets, and refers to users controlling their own private keys (and in turn, their own assets). 

The benefit of the self-custody approach is that a user (or institution) has complete control over their assets because their private keys aren’t being held by a third party. The downside, though, is that storing private keys securely can be difficult and get increasingly complex. 

Users also accept risk: if a private key is lost or stolen, the funds are totally inaccessible.

Third-party custody

This model delegates control of private keys to a third party (a custodian), who holds the private keys and manages security on behalf of clients. 

There are different types of custodians, the most popular one being centralized exchanges. Many third-party custodians offer sophisticated security infrastructure, including multi-signature schemes, geographical distribution, insurance, and access control policies. 

The tradeoff is that users give up some level of control over their private keys for a more mature key management solution. 

Hybrid custody 

As the name suggests, hybrid solutions can offer a mix of the two. A common approach for institutions is to offer “hot” wallets with smaller amounts of funds self-custodied, while larger amounts of funds are stored in “cold” wallets that are secured by a third party. 

There are also Wallet-as-a-Service (WaaS) providers that offer their own hybrid solutions, allowing institutions to both delegate security to a third party, while retaining the option to have full custody and control over their private keys and associated assets.

Non-custody

Providers like Turnkey use trusted execution environments (TEEs) to allow users to securely generate, store, and use private keys without ever exposing them externally. 

Turnkey uses TEEs to enable customers to build non-custodial models. Turnkey customers may configure their Turnkey implementation to limit their access to the raw private keys such that end users (including institutions) retain full control over their assets while benefiting from robust infrastructure, security, and policy controls. 

Overall, these solutions combine the security benefits of self-custody or shared custody with the operational ease of third-party platforms, enabling institutions to manage keys securely without building and maintaining their own hardware security modules (HSMs) or enclave-based infrastructure.

Threats to digital custody

Operating in a decentralized ecosystem comes with risks, some of which are unique to digital assets. Let’s take a look at some of the threats that custodians (either end users or third parties) may have to mitigate.

Loss of private keys 

If a private key (usually represented by a seed phrase) is lost or forgotten, the owner assumes total loss of funds in the account. As crypto is decentralized and immutable, this process is irreversible - unlike with some mistakes made in traditional finance.

Likewise, if a private key is stolen by an outside threat actor or used inappropriately by an insider, stolen funds cannot be returned. 

Phishing and social engineering

As is common with most security breaches in companies and institutions, if there is no weak link from a technical perspective, individuals are usually targeted instead.

Sophisticated phishing scams can make employees of institutions unwittingly reveal sensitive information or access to private keys.

Physical threats and theft

While uncommon, some public figures have been targeted and extorted for access to their cryptocurrency. Hackers have also attempted to gain physical access to devices containing private keys—such as hardware wallets, phones, or computers. 

In both digital and physical domains, high-value targets must assume that attackers will exploit any vulnerability, whether through coercion or compromise.  

Key-person risk

Assets under the control of a sole individual risk becoming unavailable or compromised. That single point of failure could allow for funds to be inaccessible to other employees in the institution.

Digital asset custody solutions aim to mitigate these risks through various strategies and technical solutions.

How to ensure safe custody and secure private keys

To mitigate these risks, institutions should consider adopting a multi-layered custody strategy. Here are some of the key tools and practices used to protect digital assets:

Multi-signature wallets

Traditional blockchain transactions require a user to “sign” a transaction with their private key, which authorizes the transfer of funds. Multi-signature wallets require multiple signatures in order to authorize the transfer of funds. 

Multi-signature functionality has been built into Bitcoin since P2SH, and exists on many other blockchains in the form of smart contracts. 

Some common setups for multisigs are “M-of-N”, meaning a minimum number of total members must sign. For example, a 3-of-5 multisig would have 5 approved members with private keys, and at least 3 of them must approve a transaction before funds are distributed. 

This is beneficial as it allows some leeway if a private key is lost or compromised, and also addresses key-person risk. 

Multisigs solve the problem of access control and add a heightened level of security, but each individual key still needs to be secured. Implementation and/or adoption can be complex for large institutions. 

Multi-party computation (MPC)

MPC breaks a private key into pieces, distributes them, and allows participants to jointly sign a transaction without ever reconstructing the full key.

Benefits:

• Removes single points of failure
• Ensures the full key is never revealed

Drawbacks:

• More computationally intensive
• Complex key refresh and backup processes
• Increased latency and slower transaction times
• Uses newer cryptographic libraries that are less battle-tested

Trusted execution environments (TEEs)

A trusted execution environment (TEE) is a secure, isolated region of a processor that protects sensitive operations such as key storage and cryptographic signing. Common implementations include Intel SGX, ARM TrustZone, and AWS Nitro Enclaves.

Benefits:

• Protects against compromised operating systems
• Fast transaction signing
• Can be combined with MPC for additional layers of protection

Hierarchical deterministic (HD) wallets

HD wallets derive multiple public/private key pairs from a single seed phrase. This allows institutions to manage many wallets while maintaining a streamlined backup process.

Air-gapped cold storage

Cold wallets are stored entirely offline and never exposed to the internet. When combined with physical security measures (e.g., vaults, biometric access), they offer the highest level of protection for long-term holdings.

From a usability perspective, keeping all funds in air-gapped cold storage isn’t really ideal for institutions wishing to make frequent transactions. Air-gapped storage is usually used for long-term cold storage of assets, such as large amounts of funds on centralized exchanges, while “hot” wallets are used for day-to-day interactions. 

Wallets-as-a-Service (WaaS): A new custody paradigm

While traditional custodians focus on safekeeping, Wallets-as-a-Service (WaaS) platforms provide programmable, secure wallet infrastructure that institutions can integrate directly into their applications.

Instead of simply holding your keys, WaaS providers like Turnkey offer a full-stack wallet management platform built on secure enclaves, flexible access control, and user-centric design.

How WaaS changes custody:

• Programmable policies: Institutions can define custom transaction rules, user permissions, and workflows
• Developer-friendly APIs: WaaS makes it easy for teams to integrate secure wallets into apps without reinventing the wheel
• Separation of concerns: Institutions retain control while WaaS platforms focus on infrastructure and security
• No vendor lock-in: Some WaaS solutions allow exporting or importing wallets without friction

Turnkey's model: non-custody

Turnkey uses secure enclaves to ensure raw private keys are never exposed, even to their own employees. With root users, policy engines, and HD wallet trees, organizations can delegate access to mirror their internal hierarchy—think finance teams, compliance officers, and C-suite, each with custom roles.

Benefits:

• Eliminate single points of failure
• Streamline operational overhead
• Customize granular access permissions
• Onboard seamlessly

Turnkey: The infrastructure for asset custody solutions

As Bitcoin and other cryptoassets become increasingly intertwined with the global financial system, the methods of digital asset custody have become a cornerstone of institutional adoption. From the early days of password-protected wallets to today’s advanced systems leveraging TEEs, MPC, and air-gapped storage, custody has evolved to meet the growing demands of security, compliance, and scale.

But the threats are evolving too.

For institutions, funds, and onchain organizations, the choice of custody provider and the underlying security architecture can mean the difference between safety and disaster.

Wallets-as-a-Service platforms like Turnkey are leading the next wave of innovation by combining robust security with programmable flexibility.

Whether you're managing a DAO treasury, a crypto hedge fund, or a growing fintech app—Turnkey provides the modern, non-custodial crypto architecture designed for developers and institutions alike.

Learn more about Turnkey in our docs and get started today.

_{*The information provided in this article is for general informational purposes only and does not constitute legal advice. Nothing in this article should be relied upon as a substitute for consultation with qualified legal counsel regarding your individual circumstances. This article does not create an attorney-client relationship between readers and the article’s publisher. The publisher does not assume any liability for actions taken or not taken based on the content of this article}