Skip To Content
Menu

Industry Insights, Knowledge Base

Outlining the Crypto Trading and Operations Trilemma

8 min. read

The operational infrastructure for digital asset security has been continuously evolving – shifting from single-key hardware wallets, to multi-sig smart contract wallets, to MPC or HSM-powered wallets. This infrastructure improvement has created greater operational efficiency, enabling trading firms to deploy more capital without compromising on security.

While the underlying wallet infrastructure options available have improved, there are still points of friction that can add both cost and time leading to missed opportunities. These primarily come from the trade-offs that need to be made from an operations perspective. Taking a page from Vitalik Buterin’s blockchain trilemma, Fireblocks calls this the Crypto Trading and Operations Trilemma.

The Crypto Trading and Operations Trilemma addresses three potentially complementary but also opposing forces from an operations perspective – Security, Efficiency, and Scalability. Security pertains to the safety of your firm’s own funds or those it manages on behalf of clients. Efficiency refers to how quickly you can respond to market moves, transfer assets, and settle. Scalability refers to how easily you can grow your operations and team or adopt new strategies.

In this blog we will explore each element of the trilemma and list out the key issues to consider for each of them. You can read about how to approach solving the trilemma here.

Part 1: Security

As trading firms grow and expand their operations, they face the dual challenge of maintaining ironclad security while simultaneously ensuring efficiency and scalability. This balancing act becomes increasingly complex as firms add new team members, explore new trading venues, engage with additional counterparties, and implement innovative strategies. The crux of the matter lies in protecting assets and operations without creating bottlenecks that could hinder the firm’s agility and growth potential.

1. Malicious and non-malicious insiders

Within one firm, many people can have access to mission critical systems. While no one wants to believe their employees could engineer an attack, this is a real risk and as an investor or board member, questions about who has access to specific systems and capabilities should be common – along with how to monitor and limit access.

You can keep all access to mission-critical trading and asset transfer capabilities to a small number of trusted individuals. However, this is both inefficient and not scalable— transfers and trades are slowed down if approvals need to be granted by the same individuals at all times.

2. People-based attacks (e.g. phishing / social engineering)

Phishing and social engineering attacks look to gain access to internal systems by compromising a specific person or group of people. Strong hacking groups, like Lazurus, spend significant time learning their targets, understanding them deeply and creating techniques to mislead employees.

Similar to malicious insiders, you can keep all access to mission-critical trading and asset transfer capabilities to a small number of trusted individuals. However, this does introduce key-person risk should there be a breach, and creates both efficiency and scalability problems as there is now a bottleneck of getting transfers and trades executed.

3. Interacting with malicious dApps or smart contracts

For those engaging with the DeFi ecosystem, interacting with smart contracts and dApps is necessary. This introduces the security risk of possibly interacting with a malicious smart contract or potential front-end attack. While remaining secure is incredibly important, traders and their ops need to be able to move quickly to respond to new opportunities in the market that might be short-lived, and doing deep-dive security checks before every new interaction can have a high opportunity cost, and be time-consuming and resource-intensive.

4. Counterparty risk

The old adage is “not your keys, not your crypto.” The most high profile examples of loss of funds due to counterparty risk involve losing assets kept on centralized exchanges due to a security breach or insolvency on the exchange side. However, removing assets from the exchange after every transaction is complete can be both time consuming, expensive and absolutely impractical for various firms – such as high frequency trading firms, market makers, OTC desks, and so on.

Part 2: Efficiency

What does true operational efficiency look like for trading firms? It encompasses a range of critical factors: rapid transaction approvals coupled with automated workflows, meticulous address management through comprehensive whitelisting, quick and automated compliance checks, and the ability to build redundancies into operational flows.

1. Transaction approvals and automated workflows

The “4 eyes” policy for transaction approvals can be effective in terms of stopping unwanted transactions from being signed. However, this is a manual process and depending on both your strategy and geographic regions of operation, having a small number of people review all transactions before they are signed can create a significant bottleneck.

2. Address management and settlement

As soon as your organization handles any type of volume or begins to manage multiple counterparties’ addresses, the risk of error can increase exponentially. The main operational risk involved is using outdated or incorrect wallet addresses. This not only hurts efficiency because of the time and effort needed to verify new addresses or reverse accidental transfers, but also creates scalability issues, as it makes interacting with more addresses (different exchanges, smart contracts, vendors, etc.) even more difficult.

It is important to note that a static, whitelisted address database cannot prevent a rogue employee from tampering with the whitelisted address list or prevent a fat finger error during the whitelisting process. Additionally, if either side of a trading (e.g. an exchange) or transactional relationship (e.g. a vendor) updates their deposit address and does not communicate this to the other party – or it gets missed by the operational team – it creates a major issue, with a possibility of losing funds.

3. Compliance checks

Most institutions operating in the digital asset space, regardless of their jurisdiction, implement compliance checks to ensure they do not interact with tainted funds or sanctioned/blacklisted entities. Manual compliance checks are resource-intensive, time consuming, not scalable, and potentially not compliant. Utilizing third parties, such as Chainalysis or Elliptic, can remove the manual effort – but these compliance checks still need to be added into your operational workflows to create any sort of efficiency and to be scalable.

Part 3: Scalability

1. Scaling operations as the team grows

With today’s highly distributed workforce, new operational challenges have emerged in the crypto space. With key decision makers and critical personnel working from home across different time zones and geographies, remote transaction approvals, controls for personal devices, and accessing internal wallets at all hours of the day have become real barriers to running a trading business.

The question becomes – how do you scale the people within your organization as your strategy develops, all while remaining secure yet efficient? Centralizing transaction approvals can be difficult from a scalability and efficiency perspective if your team is global, but will certainly be more secure. Conversely, totally decentralizing transaction approvals and decision-making power can create security issues, though it may also be more scalable and efficient.

2. Strategy flexibility

Most firms start with a mandate to execute on a specific strategy (e.g. liquid token investing). However, as the market and crypto use cases evolve, so do strategies and assets to be traded. In order to take advantage of new opportunities (e.g. utilizing DeFi on a new L1, providing liquidity for a new low market cap token), teams need operational infrastructure that gives them the flexibility to execute. This becomes increasingly important as firms look to execute on both CeFi and DeFi strategies.

The issue becomes that most technology providers do not provide the access to both CeFi and DeFi in a manner that allows operations and trading teams to remain efficient. Typically, trading firms will need to utilize more than one platform, introducing operational risk and additional costs. Further, many custodians take a long time to list new assets on their platform – leading to missed opportunities or the usage of less secure wallets to capture short-lived opportunities.

3. Add new trading partners and venues

Finding new counterparties to transact with can be incredibly difficult. Connecting to and managing different counterparties can be just as hard, especially when you want to engage in both CeFi and DeFi operations. Typically, multiple platforms will need to be used, which creates efficiency headaches but also hurts the scalability of your strategies and and team. The same can be said for creating efficient and secure settlement with those counterparties.

Interested in learning more about how Fireblocks can help your team solve the Crypto Trading and Operations Trilemma through balancing security, efficiency, scalability? We developed a checklist for teams looking to solve these issues – review it here for everything you need to know.

About Us

Fireblocks is an easy-to-use platform to create new blockchain based products, and manage day-to-day digital asset operations. Exchanges, banks, PSPs, lending desks, custodians, trading desks, and hedge funds can securely scale their digital asset operations through the Fireblocks Network and MPC-based Wallet Infrastructure. Fireblocks serves thousands of organizations in the financial, payments, and web3 space, has secured the transfer of over $6 trillion in digital assets and has a unique insurance policy that covers assets in storage & transit. Find out why CISOs and Ops Teams love Fireblocks at www.Fireblocks.com.

Topics

  • Security
  • Transaction Policies
  • Treasury Management
Ready for a deeper dive?

Get a Fireblocks Platform Demo

Find out how Fireblocks helps your digital asset business to grow fast and stay secure.

g2 & 4.5/5 stars