Crypto Arbitrage implements industry-leading protection for your cryptoassets whilst performing arbitrage trades
How do we achieve top-tier custodianship of our client's cryptoassets?
1) Deep freeze storage
We store the majority of customer cryptocurrency in “deep freeze” using a multi-signature wallet where the keys are generated and stored entirely offline and offsite. The keys are managed entirely by Bitgo Custody, the world's most secure and compliant digital asset custody solution.
2) Hot wallet - for funds held on exchanges
A multi-signature hot wallet is used to facilitate instant cryptoasset transactions. Backups of the keys are stored offline in geographically dispersed safety deposit boxes. Three keys are required, with one stored by an external custodian to ensure additional security. The external custodian also enforces velocity limits.
3) Air Gaps - for funds held off exchanges
Private keys are stored offline, and offsite, on a machine not connected to the internet or other networks. This significantly reduces the attack surface since physical access is required. The airgap machine is stored in a safe, inside a managed security vault, at an undisclosed off-site location.
4) Two factor authentication
Two-factor Authentication (2FA) is supported to provide another level of authentication and ensure complete peace of mind. With 2FA enabled, you will add an extra layer of protection to your account: a one-time code that can only be generated on your smartphone with Google Authenticator or will an email One Time Pin (OTP)
Passwords are stored in the hashed form: nobody other than yourself ever has access to your password. We make sure that users use a strong password when they sign up with Crypto Arbitrage. We recommend using Lastpass, Keychain, Keepass or another reputable password manager to generate and keep track of a strong password.
Our infrastructure is hosted on Amazon Web Services, which offers a secure environment for Crypto Arbitrage services to ensure the safest possible access control, data encryption, monitoring and isolation.
Our internal networks are protected by firewalls and not exposed to the internet. All internet traffic is also encrypted to the same standard as external services. Our firewall policies are designed to allow minimum permissions for different applications and roles to interact.
All application and database servers are running inside private networks, with isolation between staging and production environments. Public-facing services are made available by dedicated load balancers that only handle HTTPS requests.
All Crypto Arbitrage employees are required to use cryptographically-secure Multi-Factor Authentication such as hardware U2F keys to access internal services. Engineers do not have access to application credentials or production servers. All deployments are performed independently by a deployment server.
- Open an account: Sign up
- Access your account: Sign in
- Speak to an agent: Submit an instruction
- Contact legal: email@example.com