When we went to market, we were really looking at providers that had a strong reputation, both within the crypto space and from an information security standpoint – and especially providers that we could grow with. Whenever we talk to any of our vendors, or anyone that we're partnering with, we want to make sure that the relationship isn't just one of customer and vendor – it's one of partners that can go into the future together. When it came down to it, Fireblocks met all that criteria.
Hi, I am Sam Auch, Group Product Manager, overseeing institutional services for Bakkt.
Bakkt is an infrastructure company that provides trading APIs to large institutions, fiat on-rails, lightning services, and, very importantly for this conversation, custody and qualified custody.
One of the biggest issues that we've faced historically is legacy systems – where we built products in 2018, which were incredibly secure but not very scalable. So, as we moved into 2023, we were looking for a partner to help us fix a lot of those problems and create a foundation for us to essentially rebuild our custody solution from the ground up.
One of the major requirements was around being able to manage and store all MPC shares and all private key material. We worked with Fireblocks to design a solution that would match those needs, and also worked with them to create a system that would not only protect assets from the cryptographic level, but also all the way through the policy aspect of user management.
We landed on a combination of on-prem deployment for running Fireblocks software, and managed the Transaction Authorization Policy (TAP) Engine in a highly secure environment. That gave our operations team the ability to manage this whole system out of our own proprietary application that then connects to our customers.
We have different layers of security – we have our own policy engine on our customer side, as well as one that communicates with the Fireblocks Policy Engine.
So, when it comes to securing customers’ assets, the ability for the system itself to systematically secure assets and for the product itself to help streamline our operations [is paramount]. What we got really excited about was the ability to control those internal controls on Fireblocks’ side through an API.
I think the one of the primary benefits of Fireblocks for us is speed to market for new assets. One of the issues we’ve faced historically was the architecture was such that we were not able to deliver on new assets in the timeline that customers would want.
