―――――――――――――――――――――――――――――――
Unlock the Wealth of DeFi: Checklist for Asset Managers to Access DeFi
Originally written for Levain
―――――――――――――――――――――――――――――――
DeFi offers viable alternatives to traditional financial instruments through yield-generating protocols such as liquidity mining, staking, and options.
​
Leading asset management firms Julius Baer and Franklin Templeton have recently expanded their investment portfolios to offer customers exposure to digital assets. Franklin Templeton, in partnership with cryptocurrency-focused asset management platform Eaglebrook Advisors, offers clients separately managed account (SMA) strategies for digital assets. Julius Baer offers cryptocurrency advice and research to its clients, with plans to partner with regulatory-compliant cryptocurrency service providers.
​
As these two examples demonstrate, institutional participation in DeFi is certainly increasing, and much of this interest is derived from its 24/7 market accessibility, innovative technology and potentially higher yields, to name a few.
​
The value that DeFi can bring to investment portfolios is manifold, and asset managers should therefore allocate digital assets into DeFi protocols as part of their investment strategies. Before doing so, however, there are several key considerations that they must account for.
​
This article therefore provides asset managers with a checklist of seven factors that they should consider before accessing the DeFi ecosystem.
​
―――――――――――――――――――――――――――――――
Security should be the top priority for any asset manager looking to enter the DeFi ecosystem, given the large volumes of assets that they manage on their clients’ behalf. This is achieved by working with a robust custody provider to protect the private keys that point towards the digital assets handled by asset managers.
​
When choosing a custody solution, it is imperative to decide on a design model for the wallet. This is because wallets are fundamental to digital asset management, serving as safehouses for the private keys that bind ownership of digital assets to their owners.
​
There are two common designs in the field of cryptocurrency wallets: Multi-signature and Multi-Party Computation (MPC).
Multi-signature vs. MPC wallets
Institutional-grade wallets must account for the multitude of stakeholders who are involved in the decision-making process. Asset managers have two broad options that fit this requirement: multi-signature and multi-party computation (MPC). Below is an overview of each wallet type:
​
-
Multi-signature: The wallet is paired with multiple private keys, where signatures are required from the majority or all of them to approve transactions.
-
MPC: The wallet is paired with just one private key, which is divided into three or more parts in a process called sharding. Each key shard is assigned to a different stakeholder, with most or all of them required to sign any transaction.
​
Between the two design models, multi-signature is better optimized for asset managers due to its ease of use and the controls that can be implemented to strengthen its security. Although MPC can also be configured to distribute ownership across multiple key personnel, the technology is still nascent and can be complex for asset management use.
​
How to choose a multi-signature wallet for asset management
When choosing a multi-signature wallet, there are several key features that asset managers should look out for to maximize the security of their digital assets while maintaining full autonomy over their control.
​
Generally, an n-of-m quorum is recommended over n-of-n as it offers asset managers two additional layers of security.
​
When working with an n-of-m quorum, asset managers must also ensure that their backup key is stored in an offline hardware security module (HSM) that meets minimum Federal Information Processing Standards (FIPS).
​
Tamper-resistant in nature, the HSM should minimally be FIPS 140-2 Level 2 to ensure that the backup key is generated and managed in a secure, encrypted form that is exclusively accessible by asset managers.
​
Levain’s wallet solution is meticulously designed for asset management, deploying a 2-of-3 configuration that gives asset managers the flexibility to designate one of their private keys as a backup.
​
This backup key is encrypted and stored within a HSM supplied by Amazon Web Services (AWS) Key Management Service’s (KMS) HSM, which is minimally FIPS 140-2 Level 2-compliant.
​
Asset managers who are concerned with the sensitivity of their clients’ data and assets can be assured that the HSM is solely owned and accessible by them, with no access granted to even Levain or AWS’ service operators.
―――――――――――――――――――――――――――――――
To further enhance the security of their wallet, asset managers must also establish safeguards that protect their clients’ digital assets from the risk of internal collusion or bad actors. This is especially crucial given the high volumes of assets that asset managers personally handle on their clients’ behalf.
​
These safeguards are made possible via a flexible policy engine that grants asset managers the authority to deeply customize their workflows according to their operational needs. These are some examples of workflows that a policy engine should enable:
-
Control the users who are included in their enterprise account
-
Determine the number of wallets that should be employed to store private keys
-
Structure transaction flows across the initiation, checking, and approval stages
-
Assign wallet access rights to specific personnel across every stage of the transaction flow
-
Set precise approval thresholds and spending limits for every user
​
With this high level of customization, asset managers are empowered to structure their workflows such that they are seamless yet secure, with appropriate levels of control meted out to the correct personnel across the firm.
​
Levain’s solution is outfitted with a stringent policy engine that gives asset managers the authority to customize their workflows across three levels: Enterprise-Level Users, Wallet-Level Users and lastly, Wallet-Level Policies.
​
Easily managed under a single platform, Levain’s policy engine ensures the security of the digital assets they manage from both external and internal threats. Overall operational efficiency is also significantly enhanced, as the controls and policies set by asset managers are swiftly and automatically executed for every transaction.
―――――――――――――――――――――――――――――――
The ever-evolving nature of the DeFi ecosystem means that asset managers must be equipped with the agility to stay up-to-date with the expansive range of protocols and their respective blockchains. In doing so, asset managers will always be able to deliver the most value to their clients’ digital asset investment portfolios and maximize their potential gains.
​
In this regard, asset managers should work with a solution that constantly stays abreast of the latest DeFi developments, capable of swiftly and securely integrating with new protocols as they emerge. To further facilitate this process, the solution should also have multi-chain access that gives asset managers thorough exposure to the DeFi ecosystem across multiple blockchains.
​
As an industry leader in DeFi, Levain provides asset managers with a secure gateway into the DeFi ecosystem, serving as the single point of entry for asset managers to access its high-yield opportunities. In turn, asset managers will be able to leverage DeFi’s multifarious protocols to gain an edge in their digital asset investment strategies.
―――――――――――――――――――――――――――――――
To further simplify the process of entering DeFi, asset managers should ensure that the interface they utilize is user-friendly. From custody and the policy engine to DeFi access and monitoring, a user-first interface enables asset managers to explore the DeFi ecosystem independently.
​
This begins from ensuring the user friendliness of the custody solution’s interface. Typically, the nascence of digital asset custody technology is such that it is only made accessible via platforms with complex and highly technical user interfaces. This makes it difficult for asset managers to report, track, analyze, and manage disparate DeFi protocol investments.
​
Levain therefore adopted a user-first approach in designing its DeFi platform for asset managers and other institutions. As the single point of integration for institutions to connect with DeFi protocols, Levain’s platform is intuitive and allows asset managers to set up controls and monitor asset performance with ease.
―――――――――――――――――――――――――――――――
From individual retail investors to other institutions, asset managers work with a multitude of clients across different verticals. They thus oversee expansive investment portfolios, finetuning their strategies to meet the varying needs and risk appetites of their clients.
​
Asset managers offering digital assets as an investment option will therefore need to work with a portfolio monitoring system that enables them to manage their clients’ portfolios with ease. In essence, a good portfolio management system should allow asset managers to view transactions across wallets and monitor entire portfolios spanning multiple wallets.
​
Levain’s solution offers asset managers a portfolio monitoring system that allows them to comprehensively monitor their investment portfolios and transactions in real time.
―――――――――――――――――――――――――――――――
It is ill advised for asset management firms to build their custody technology on their own, especially given the financial costs and the time required to develop deep expertise in cryptography.
​
The typical custody solution process involves setting up wallets, establishing management and tracking systems for digital assets, implementing security measures to custodize said assets, and creating workflows to facilitate fund transfers.
​
Furthermore, each of these functions must account for the disparate blockchain systems that make up the DeFi landscape. This entails the need to interpret code, collate information, and generate reports, which requires deep technical expertise.
​
When all these factors are taken into account, it is evident that building custody technology is expensive both in terms of time and financial cost. In turn, asset management firms could be rendered vulnerable to technology risks and poor operational oversight.
​
To mitigate such risks, asset management firms are highly advised to work with a reliable custody technology provider.
―――――――――――――――――――――――――――――――
Although DeFi is rich in high-yield opportunities, it is pertinent for asset managers to note that it is also rife with risks. Below is an overview of the key risks associated with DeFi, which can be divided into three broad categories:
a. Operational risks​​
Operational risks are inevitable in DeFi due to the multifaceted nature of the process. From storage and connection to signing and withdrawal of assets, every step is highly technical and requires separate sets of systems and applications to function smoothly. This increases the risk of human error, as mistakes could occur at every stage.
​
Such risks can be effectively managed by deploying a single platform to execute every step. Levain is a viable solution that effectively mitigates operational risks, as its interfaces adopt low-code and user-friendly design principles. In turn, asset managers are empowered to safely manage their clients’ digital assets with little to no risk of triggering operational errors.​
​
b. Smart contract risks​​
Smart contracts are said to leave little room for error, as their underlying codes are irrevocable and govern whole blockchain operations. Yet it is their immutability that makes smart contracts a double-edged sword, as errors in their codes cannot be fixed; developers will need to redo a new smart contract from scratch, and this can prove to be expensive in terms of time and cost (~$7,000 to $45,000 depending on scale and complexity).
​
Such code errors could potentially be exploited by bad actors to steal funds, as was the case during the $50 million smart contract hack that occurred in 2016. In order to reduce the occurrence of such risks, smart contract audits should be periodically performed to ensure blockchain security before smart contracts are implemented.
​
c. Reputation risks​​
Finally, asset managers must do their due diligence when assessing the viability of the custody provider they work with. Reputation is fundamental to determining the credibility of the custody provider, giving asset managers a clear overview of their ability to securely and reliably custodize digital assets under management.
​
Some key points of consideration they should consider in their assessment include:
-
The provider’s track record
-
The provider’s reputation
-
The provider’s partnerships (if any)
―――――――――――――――――――――――――――――――
This article has thus far outlined seven key pointers asset managers should consider in order to expand their investment offerings with DeFi.
​
Aside from selecting a secure multi-signature wallet to secure their digital assets under management, asset managers must also ensure that it is reinforced with a highly customizable policy engine and a comprehensive portfolio monitoring system.
The solution must also enforce a user-first principle in its design to ensure that asset managers are able to independently manage their clients’ digital assets without requiring the intervention of the custody provider.
​
Custody aside, it is also crucial for asset managers to establish stringent measures to combat resource drainage and other risks that are inherent to DeFi.
​
Levain’s solution meticulously accounts for the specific needs of asset managers, offering a multi-signature wallet that not only secures digital assets, but is also augmented with a robust policy engine and portfolio monitoring capabilities.
​
Find out more about how Levain enables your asset management firm to securely and autonomously add digital assets to its investment mandate. Get in touch at levain.tech.