It is extremely important for anyone holding digital assets to take steps to protect them. However, crypto assets owners need to be even more vigilant about scams and hacks targeting them personally, due to the exponential growth of crypto theft in recent years.
Thankfully, various options, each with differing degrees of security, are available. One of such is GK8 that offers a high-security custodian technology for managing and safeguarding digital assets.
How did GK8 come about? What has the journey been like since?
I fell in love with the world of Cryptography during my university studies. After I graduated, I earned my expertise in cybersecurity while serving in an elite team that answered directly to the Israeli prime minister’s office in the protection of strategic state assets. There I met my co-founder and partner Shahar Shamai.
Together, we founded GK8 with the understanding that the global banking system was about to go through a major shift that would completely change the attitude toward blockchain adoption and cryptocurrency.
Digital assets have opened up new revenue streams for financial institutions, but, they have also introduced new threat vectors. Institutions are aware of the security risks and spend billions of dollars in an attempt to prevent physical and cyber attacks on their vaults and accounts. However, protecting digital assets requires a new mindset.
We developed a platform that enables banks to start offering digital assets and financial services in a way that eliminates any possible cyber threat. Under the hood of this platform is our cryptographic innovation, which enables financial institutions to manage, sign and send transactions without ever connecting to the internet.
Can you introduce us to what you do? What challenges do your solutions help solve?
GK8 offers financial institutions an end-to-end platform for the custody and management of digital assets.
What do we do? As a strategic partner, GK8 helps accelerate, secure, and empower institutions adopting crypto to generate new revenue streams and business. We provide these institutions with an end-to-end platform for custody, staking, DeFi, NFTs, tokenization, and management of any coin, token or smart contract.
What challenges do we solve? In parallel with the growing adoption of cryptocurrencies, we also see a massive rise in the targeting of crypto and blockchain assets by cybercriminals. It is clear that the security challenges of this new digital technology have not been addressed as they should. It is also clear that the industry lacks the expertise, regulation, support, and framework with which to deal with these challenges. That is where GK8 comes in.
We incorporate the world’s first TRUE air-gapped Cold Vault that enables our clients to create, sign, and send secure blockchain transactions without internet connectivity as well as a highly scalable, patented MPC Vault. The Cold Vault is primarily used for custody, high-risk transactions, and interacting with smart contracts or staking functions. The MPC Vault is for high-frequency, automated transactions.
Having a multi-tier solution, enables financial institutions to mitigate threats by diversifying their storage solutions (i.e. not putting all their eggs in 1 basket). More importantly, the hot and cold solutions can, and should, work in conjunction, for optimal risk balancing according to different use cases with the product (custody/staking/DeFi/NFT/tokenization, etc).
What would you consider the most serious threats to digital assets nowadays?
By far the biggest threat is crypto theft and cyber security. Over $14B worth of crypto was stolen in 2021, up from $8B in 2020 and $4B in 2019. In the past weeks alone we’ve been witness to hackings of exchanges (such as Curve), wallets (such as Phantom), and bridges (such as Nomad) to name a few.
These threats are particularly pertinent for a variety of reasons: 1) Blockchain is a new technology and most financial institutions are still learning how to manage risks. 2) Once the transaction has been recorded in the blockchain, there are no rollbacks. Hence more forethought needs to be placed on prevention than on ‘reacting to threats in real-time. 3) Due to the anonymous/synonymous nature of the blockchain user, it is harder to track down hackers than in the ‘real world.
Financial institutions such as banks, exchanges, custodians, and crypto foundations must implement the highest level of security for their digital asset management and custody. They should not hold, store or trade crypto without proper private key security and management technology which is needed for a wide range of transactions including Custody, Staking, Defi, NFT, CBDC, and more.
Hackers, who are constantly searching for new attack vectors that can allow them to modify transaction policies and data, have found a way to hack even decentralized private key solutions such as Multi-Signature and Multiparty Computation (MPC) wallets. We know that hacking is a business, like any other, and hackers will invest millions of dollars to steal billions.
How did the recent global events affect your field of work? Were there any new features added to your solutions as a result?
For institutions, the recent market events emphasize, that they need to control their own destiny when it comes to managing risks while offering digital asset services. Today more than ever, institutions need to have control of the complete technology stack. Not only whether the keys are managed by the client or by third parties (self custody versus managed custody), but also in terms of the institution’s dependence on the existence of 3rd parties services.
Hence, at GK8 we have developed a flexible deployment infrastructure so our clients can decide for themselves what works best for them. We suggest having a dedicated environment (rather than a compulsory multi-tenant solution for all our clients together) for their custody platform (inc. staking, DeFi, tokenization, and more) and that the full technology stack (inc. MPC and Cold vault, etc.) is housed on a dedicated environment for each client.
Since digital assets are a relatively new technology, there are still some confusion and myths surrounding them. What misconceptions do you notice most often?
Blockchain protocols are inherently interactive, they require 2-way communication with the internet, in order to initiate a transaction. This means wallets – any wallet – have to go online at some point to sign off on a transaction.
This inherent connectivity gives hackers a window of opportunity to steal the private key or hamper the transaction. For that reason, most cold wallets are not really cold. To learn more, read our blog here.
What are the biggest mistakes that new digital asset owners tend to make?
I was listening to the other day to a podcast with Josephine Wolff from Tufts University and Marketplace’s Meghan McCarty Carino. I think Ms. McCarty Carino said it best when she said: “When we look at most of these hacks, it’s really not about whether individuals were using good passwords or are practicing good security hygiene, it’s really about whether or not the institutions that they trusted were doing a good job of securing their cryptocurrency …”.
As the continued proliferation of crypto cyber thefts has proven, ‘where there is a will, there is a way’. Cybercriminals are increasingly targeting points of centralization. Do these not indicate that the security and risk management measures practiced by financial institutions have not kept up with the threats?
Removing or minimizing single points of failure is of utmost importance. That is exactly where GK8 is focused - on mitigating the exposure to attack vectors for institutions that have a great responsibility to various stakeholders.
What predictions do you have for the future of blockchain technology?
In my opinion, the only meaningful use cases for blockchain technology are either asset management or documentation. In the short term, blockchain will be primarily used as a decentralized database to store the value of currencies, securities, and equities, CBDC, etc.
Once regulation matures, we’ll see more tokenization of physical assets and documentation processes, such as legal contract signing based on blockchain that will be upheld by the courts, etc.
In your opinion, what cybersecurity solutions are going to become commonplace in the next few years?
- Institutions will look to establish a more diversified risk management strategy (i.e. they won’t put all their eggs in one basket). Increased adoption of a multi-tiered strategy will prevail, where institutions can balance between speed, scale, and security.
- Cold Vaults - that really never connect to the internet for any part of the transaction, and hence remain completely secure, will hold a growing portion of the institution’s assets.
- Institutions will realize that independence and self-sovereignty are critical in times of volatility, but also in order to control the destiny of their assets without any dependence on 3rd party services.
Would you like to share what’s next for GK8?
GK8 has been on an impressive growth trajectory. Our sales and pipeline have expanded phenomenally. We continue to invest in our product, adding additional capabilities and advanced strategic feature sets according to evolving market demands.
We are already a market leader in our offering, whether it is with the widest coin diversity, access to the highest insurance in the market, or the only ‘true’ cold vault in the market. And our numbers speak for themselves. We are consistently recruiting, adding to our growing resources in the US, Europe, Israel, and soon in APAC.