The best way to help financial institutions secure digital assets is not to improve on existing technologies but to actually solve the problem outright, Lior Lamesh said.
Mr. Lamesh is the cofounder and CEO of GK8, a cybersecurity company offering custodian technology for managing and safeguarding digital assets. The best part is the entire process, including sending transactions to the blockchain, can be done without an internet connection.
The idea for GK8 grew from an experience Mr. Lamesh and cofounder Shahar Shamai, both former cybersecurity experts for the Israeli Prime Minister’s Office, had when they encountered what they were told at the time was a secure crypto wallet, one which at the time managed billions of dollars in assets. And they hacked it.
“We were so surprised by that,” Mr. Lamesh recalled. “People thought of it as a state of the art solution.”
“If it’s not secure enough there’s too much incentive,” Mr. Lamesh said. “I can assure you in the upcoming years these kinds of solutions will be compromised for sure because hackers will be incentivized enough to do so.”
GK8’s solution, which includes seven pending patents, includes only outbound unidirectional connectivity to send already signed transactions. Current clients include eToro, Prosegur and INX.
“That’s why it’s impossible to compromise our system because there is no way to reach it,” Mr. Lamesh said. “You can’t hack what you can’t reach.”
GK8 serves clients with a range of familiarity about digital assets. More traditional ones who want to invest in digital assets have some fears because they may not completely understand the technology and wonder how the rules they must function under will adapt in the digital space.
With the end-to-end solution from GK8 they can essentially plug and play. It combines a cold vault which is never connected to the Internet managing a majority of the assets. A second layer multi-party computation process manages the remainder so the hacker doesn’t have enough incentive to go after the smaller sum.
“We never let hackers have enough incentive to even compromise the solution,” Mr. Lamesh said.
Combine that with an API and SDK which is integrated with endpoint applications and it’s all the technology a new entrant needs. After a few days of installation and training the bank is ready to go, with the assurance of $500 million per vault in insurance and systems assessed by industry leader Chainalysis.
“Thanks to our experience with the giants already working with us, we’re very experienced with how should these banks manage these situations, how should they define groups of employees, what should exactly be the policies and how should it all work togethers,” Mr. Lamesh said.
Contributors
