Blockchain Security Startup Fireblocks Emerges From Stealth With $16 Million in Funding
Fireblocks Emerges From Stealth Mode to Protect Digital Assets in Hot Wallets and Transit
Fireblocks, a blockchain security provider, has emerged from stealth after closing a $16 million Series A funding round from Cyberstarts, Tenaya Capital, Eight Roads (the proprietary investment arm of Fidelity International), Swisscom Ventures and MState.
The firm was founded in 2018 by Michael Shaulov (CEO), Pavel Berengoltz (VP, R&D) and Idan Ofrat (CTO); and has offices in New York and Tel Aviv. It provides an enterprise platform for securing digital assets in transit, and is primarily targeted at safeguarding the movement of cryptocurrencies across exchanges, OTCs, brokerages, hot wallets, and cold storage. It is currently integrated with 15 exchanges and supports more than 180 cryptocurrencies, tokens, and stablecoins.
“While Blockchain based assets by themselves are cryptographically secure, moving digital assets is a nightmare,” explains Shaulov. “After interviewing over 100 institutional customers, including hedge funds, broker-dealers, exchanges, and banks, we concluded that the current process is slow and highly susceptible to cyber-attacks and human errors. We built a platform that secures the process and simplifies the movement of funds into one or two steps.”
More than $3 billion in digital assets have been stolen by hackers over the last 18 months through private key theft, spoofing, and compromised credentials. Binance, for example, lost $40 million in bitcoin in May 2019 due to an insecure hot wallet and compromised API credentials.
The Fireblocks platform works by creating a secure perimeter around internal wallets, and a secure transfer environment for currencies. Hot vault keys are sharded across multiple servers, so the full key is never available in a single location.
The secure transfer environment is provided by patent-pending technology for bi-directional transfer via chipset isolated communication. “Fireblocks implements all the communication stack between network participants inside of TrustedExecution enclaves (particularly SGX, software guard extensions),” Shaulov told SecurityWeek. The enclaves are isolated on the chipset level and their data and code are protected from compromise from the underlying OS.
“The Fireblocks’ components that run inside of the enclave,” he continued, “protect the API keys and secrets, and run the whole SSL and REST-API stack inside of the secure enclave. This allows chip-level isolation of not only the API-SECRET data, but also the whole communication between the counterparty, and block malware and MitM attacks from spoofing the communication.”
The cryptocurrency market is already large — currently around $250 billion — and is expected to grow. Nigel Green, CEO of the DeVere financial advisory firm, points out that despite Bitcoin’s current low volatility, it has again this week broken the $8000 value. He believes this period of low volatility is a sign of the market maturing. “”Should Bitcoin experience a new run, we can expect it to deliver a boost to the wider crypto market,” he said, adding, “What we do know for sure, however, is that cryptocurrencies are the future of money.”
In one sense, Fireblocks can be viewed as providing a SWIFT for cryptocurrencies. “That’s probably the closest analogy from the traditional financial sector,” said Shaulov: “a secure messaging network that allows members to transfer value. We provide a solution for the larger, financial related, digital assets market that is looking to utilize blockchain to innovate, improve and disrupt the traditional financial system.”
But the Fireblocks platform goes beyond cryptocurrencies. “The platform as it is can be leveraged across other blockchain use-cases, such as supply-chain-management, healthcare, pharmaceutical, and government,” said Shaulov. The technology can be used in other applications, “like increasing security and preventing MitM attacks in any cloud-to-cloud API communication and other PKI management. We are currently focusing on the blockchain use-case as the combination of the Fireblocks technology with the inherent secure design of blockchains provides an end-to-end secure eco-system, from the end-point to the server and data-storage (blockchain) layer.”
For now, Fireblocks is available as a SaaS platform with mobile endpoints, or a hybrid with on-premise key co-signing components. “The cloud platform,” Shaulov told SecurityWeek, “utilizes SGX (software guard extensions)-based cloud workloads across Azure Confidential Computing and IBM clouds and iPhone based secure enclaves (SEP).”