Xapo Announces Free Multi-Signature Deep Cold Storage; Five Private Keys Generated Offline and Scattered Across the World
If the headline sounds too good to be true, don’t worry. It isn’t and there’s more.
During an interview with Bitcoinist, Xapo CEO Wences Casares said that in the wake of Mt.Gox and Bitstamp, they’re ready to implement their newest features to prove their dedication to security. In a four-part announcement, the California-based company laid out their plans for 2015 that would make any bitcoin enthusiast giddy.
Part One: The Deep, Deep Multi-Signature Cold Storage Vault
The Xapo deep cold storage vaults will now be three-of-five multi-signature enabled. According to Casares, the five private keys will be generated offline. The servers will never touch an internet connection. On top of that, according to Casares, the servers are held in five different underground bunkers around the world, a majority of which have confidential locations.
“It requires three keys out of five, so we can still lose one location to a natural disaster, war, hacks, or thefts, and we still can move the coins to a safe address,” Casares told Bitcoinist.
In other words, Xapo may have just redefined deep cold storage as deep, subzero cold storage. All vaults are equipped with this technology, making it a non-optional feature. Rather, the company believes they’re raising the industry standard.
“For added protection, our deep cold storage servers are housed in radio wave-blocking Faraday cages and secured behind military-grade security controls deep within reinforced underground bunkers. Our primary deep cold storage vault is located in Switzerland, with additional secure sites deployed around the globe.”
Part Two: The Free Deep, Deep Multi-Signature Cold Storage Vault
Wences wasn’t done there though; not by a long shot. In addition to the storage portion of the four-part announcement, Xapo is also offering all of their hot wallet and deep multi-signature storage vault services for free.
“Usually, most of our current customers keep 90 percent of their funds in the Xapo vault and 10 percent in the Xapo wallet. If you have 10 bitcoins with Xapo, normally you’d keep one in the wallet and nine in the vault, like a checking account and a savings account,” explained Casares. “Sometimes we find customers that have five bitcoins in the wallet and five bitcoins in the vault.”
“We ask them why they do that; it’s obviously safer in the vault. They say that it’s because of the cost. We don’t want to create that wrong incentive. We want anyone who uses bitcoin that wants this level of security to use it for free.”
Part Three: Xapo Taking Security into Space
Along with the multi-signature storage, Casares also told Bitcoinist that Xapo has officially partnered with a satellite company called Satellogic to keep an X-ray of their transaction servers.
“Whenever we are withdrawing coins from the vault, one of the many controls that are performed is that we, in that instance, take an X-ray of our transaction systems,” said Casares. “We compare the original to the X-ray copy that’s held in the satellite. If there’s any difference, it means that someone tweaked our system somehow and we need to freeze everything and find out what happened.”
Casares said the reason they plan on keeping the X-ray in the satellite is to make sure it cannot be altered in any way. The only way is to visit the actual satellite, which is incredibly difficult to do.
Part Four: Passing an SOC2 Audit
Finally, Casares wrapped up the interview by announcing that in August, Xapo became the first bitcoin services company to complete a Service Organization Control 2 (SOC2) Type 1 audit.
“The audit is something a lot of our customers demand from us that checks our internal controls and processes. We’re very proud to be the first bitcoin services company to offer that.”
Xapo’s announcement was hands-down the largest innovation in security bitcoin has seen in a long time. After all the reports of theft and stolen bitcoins, it seems like Xapo is challenging the industry to implement stronger security across the board.
The only concern many bitcoin users have is that they continue to trust Xapo with their five private keys, but one has to wonder when someone is considered trustworthy enough. Xapo still operates on the belief that a mass majority of potential bitcoin users don’t want the responsibility of holding their own keys, and it looks like they’re offering a solution to the problem.
What do you think of the increased security Xapo is offering? Let us know in the comments below!
Photographs courtesy of Xapo