Protecting your assets
We protect the daily security of your assets by using secure
online/offline storage systems with multisig protection and multiple backups.
For times when things are out of your control, we have our Bitfetex Risk Shield.
What is Bitfetex Risk Shield?
To safeguard our users' assets, Bitfetex has created an asset
risk reserve fund committed to continually allocating a
percentage of our earnings to guarantee and protect assets
from crypto security risks. Bitfetex Risk Shield now stands
at approximately more than $700 million.
Why do we need this fund?
To create a safe, secure, and accountable crypto trading environment
for all users as crypto adoption becomes widely encouraged.
This fund, in addition to our leading asset security risk control system,
will provide new and existing users with strong protection to safeguard
their assets.
Secure offline storage design
Cryptocurrencies are innovative digital assets. They're a
great way to participate in trustless financial ecosystems.
However, asset security that's based on cryptographic functions
and data protection is one of the major challenges for the industry.
Cryptography leverages extensively tested and widely accepted
encryption standards (SHA-256 hash and ECDSA encryption). But
data security, including private keys and passwords, remains the
weak link. Offline asset storage, also known as cold wallet systems,
(not connected to the internet at all) are designed to counter these concerns.
How does our cold wallet system work?
Our security program encompasses all aspects: platform,
assets, data, and access security. We are transparent and
public with our protocols that guarantee complete protection
of funds on Bitfetex. Multiple backups, bank vaults, and storage
limits are only some of the measures we take. Explore our
approach and see for yourself that your crypto is safe with us.
- 10,000 cold wallet addresses with private keys are generated on an offline computer.
- All private keys are encrypted on the offline computer using Advanced Encryption Standard (AES).
- Original keys are deleted, leaving only the encrypted versions.
- The two AES password owners are prohibited from traveling together or using the same vehicle.
- The addresses and their encrypted private keys on the offline computer are only accessible via QR codes.
- The QR code of an address is scanned using another computer in order to retrieve the corresponding cold wallet address. This address then receives deposits from our hot wallet. Each cold wallet address is used only once.
- The QR code for the encrypted key is printed and stored inside a bank vault. The code remains secure because the bank vault requires in-person access.
- Additional backups of the QR code are created and stored in bank vaults in separate locations: one is in China and another is in a city on the East Coast of the USA.
- Two authorized employees are granted access to vaults with backup QR codes.
- Similar to the AES password owners, authorized employees for bank vaults are prohibited from traveling together or using the same vehicle.
- Employees who own the AES password and those with access to bank vaults are all different people.
Secure online storage design
Offline asset storage — cold wallets — are the safest vaults for cryptocurrency.
But crypto exchanges require ready access to some funds to deposit and withdraw
funds for users. It's possible thanks to online storage known as hot wallets.
Since hot wallet systems are connected to the internet, operating them safely is
a bigger challenge. We created our own semi-offline multi-signature mechanism.
It supports quick, secure, and convenient deposits and withdrawals.