Why confidential computing is key to securing cryptocurrencies

As cryptocurrency adoption grows, so does the need to secure the technology.

In the words of Adrien Treccani, CEO of digital asset management company Metaco, “dealing with cryptocurrencies has been a disaster.”

“Every year you have a new hacking, [with] companies losing their coins or an employee of the company stealing part of it,” Treccani told VentureBeat’s European correspondent Chris O’Brien at the Transform 2021 conference. “You realize that managing cryptographic secrets is not trivial at all when they potentially represent millions or billions of dollars.”

Trecanni elaborated on the challenges of securing cryptocurrencies and the role of confidential computing.

Why it’s hard to keep cryptocurrencies secure

Metaco provides security infrastructure to financial institutions that want to offer cryptocurrency-related services to their clients. In a nutshell, cryptocurrencies rely on cryptography — like a very long password — for security. If a bank wants to secure cryptocurrencies and use them on a daily basis, it needs the appropriate infrastructure.

The challenge lies in having to not just protect cryptographic secrets, but also manage access within a large corporation, Treccani explained.

He said a successful security framework ensures that even when hundreds of employees are interacting with the infrastructure, there’s no point of failure in the chain. “You can be confident that 10 years later, even if you have not actively maintained your platform, you don’t have holes in it that could be exploited by either insiders or outsiders.”

Confidential computing secures cryptocurrencies

Simply put, confidential computing is a way to secure access to a vault.

“At Metaco, we started working exclusively with hardware security modules, and we had great solutions to manage the keys,” Trecanni said. “But then we realized having an HSM is a bit like having a secure vault. How do you secure the key to the vault?”

The rules are defined by what comes into play. Certain people and employees can access the vault and do only what they’re tasked to do.

Security and access represent ongoing tradeoffs, Trecanni said.

“You have to position yourself on a scale where you want maximum security, but subject to use cases that you need to satisfy,” he explained.

To do this, Metaco combines the use of HSM and confidential computing. While “confidential computing” is a relatively new term, Trecanni said the concept has been around for years. And the technology has undergone multiple stages of evolution before reaching its current stage of maturity, he added.

“The ability to leverage a platform which is by design secure, by design confidential, is a game-changer,” Trecanni said.