Tokenize partners with BitGo to provide the best-in-class digital wallet security to our users. BitGo specializes in providing high-security wallet solutions to corporations and businesses. All our wallets use industry standards of multi-signature (P2SH) for security and hierarchical deterministic “HD” (BIP32) for financial privacy. Multi-signature wallet is a more secure setup where more than one private keys are needed to sign a transaction. The primary advantage is that it enables multiple machines and people to work together to approve a given transaction rather than depending on a single person or machine, which the latter could be compromised more easily.
Hot – Warm – Cold Wallets
A hot wallet is a digital (Bitcoin) wallet that is online and connected to the Internet. A cold wallet is simply the counterpart that is not connected to the Internet and is safe keep in a secured location. A warm wallet refers to the intermediaries, usually used by an exchange or business, to transfer fund between hot and cold wallets.
We set up 2 hot wallets for Tokenize – Receive Wallet with multiple addresses to deposit cryptocurrency and Send Wallet for withdrawals from a single address. The wallet system is configured as follows to isolate risks:
- Receive Wallet is restricted to only send to Warm Wallet or Cold Wallet.
- Warm Wallet is restricted to only send to Cold Wallet or Send Wallet.
- Policy for multiple approvals is set for all transactions from Warm Wallet to Send Wallet.
- Velocity and spending limit policy is added to Send Wallet
On top of the wallet configuration, we have set IP restrictions in which our Send Wallet could send out the fund from authorized whitelist IP addresses. This is also applicable on the receiving end. The Send Wallet can only send the fund to the whitelist of external IP addresses. Each whitelist IP address (at customer end) is also enforced with a spending limit to minimize the impact of theft due to other factors (e.g. scamming to get access to the user account).
Protect Your Assets with the Killer Switch
In an event where a hacker manages to penetrate our system by any means, we will activate the Kill Switch in an emergency. The wallets will be frozen and all the coins cannot be removed until we have resolved the issue and do a out-of-band authentication.
You are part of the Security
On top of all the mentioned security measures on our system, you play an important part in ensuring your account is secured at all time. We recommend you to complete the 2FA authentication steps on our platform, keep your account password safe, and do not share any sensitive information with anyone, even from Tokenize admin (as we will never ask for your password).