Fireblocks launches the Agentic Payments Suite, powering agent-initiated payments for PSPs and Fintechs. Learn more.

Talk to sales

Expert Commentary, Research & Security

Why Crypto Security Is Workflow Design, Not Just Storage

11 min. read

Storage gets all the attention. But moving assets securely is the real challenge. 

Before Clapp integrated Fireblocks, we faced a familiar choice: build our own digital asset infrastructure from scratch, or partner with a provider that had already addressed many of the underlying challenges.

Building in-house would have meant designing many things from the ground up. This includes wallet infrastructure, private key management, transaction approval workflows, blockchain integrations, monitoring systems, and internal control mechanisms. In practice, this spans everything from signing logic to transaction handling across multiple chains. 

We chose a different path.

Here’s what Clapp learned about crypto security, operational risk, and why “just use cold storage” is an oversimplification.

TL;DR

  • Security is not just storage. It’s how transactions get approved and executed.
  • MPC technology reduces reliance on single-key control by distributing signing responsibility across multiple parties.
  • Rule-based approvals act as a control layer before transactions are executed.
  • Internal access controls protect against unauthorized transactions, whether intentional or otherwise.
  • Scalability matters — adding new blockchains should take days, not months.
  • Compliance readiness (SOC 2, DORA) starts with the right infrastructure foundation.

The in-house security nightmare we avoided

Before Fireblocks, building secure digital asset infrastructure in-house would have required a massive investment of engineering time, security expertise, operational controls, and ongoing maintenance.

Here’s what we would have needed to build from scratch:

  • Secure wallet infrastructure for multiple blockchains
  • Private key generation, storage, and rotation systems
  • Transaction signing and broadcasting mechanisms
  • Approval workflows with role-based access
  • Blockchain integration for each asset we wanted to support
  • Real-time monitoring and alerting
  • Internal control frameworks and audit trails

This is an entire operational layer that needs to be designed, secured, and continuously maintained. Beyond the engineering effort, it’s an ongoing responsibility. 

By using Fireblocks, we avoided managing private keys directly and reduced part of the operational and security surface area we would otherwise need to maintain internally. That let us focus on product logic instead of rebuilding custody infrastructure.

Building a secure digital asset infrastructure from scratch vs what Fireblocks can offer as a solution.

Why “hot vs. cold wallets” is an oversimplification

Most people think crypto security is binary: hot wallets for convenience, cold wallets for safety.

In practice, production systems implement hybrid setups comprised of tiered liquidity and risk segmentation where:

  • Hot environments handle high-frequency, low-value flows
  • Warm tiers enforce additional approval latency and policy checks
  • Cold or semi-offline tiers minimize signing surface exposure

Some funds need to move instantly, while others can sit behind stricter controls. Some transactions are routine, and some require extra scrutiny. The primary control surface is not storage location alone, but transaction authorization logic.

The more relevant question becomes: “who can approve what, under what conditions?”

That’s where workflow design becomes more important than storage location.

The Fireblocks difference: Shared signatures and MPC

Traditional private key management has a fundamental problem: one person or system controls the key. If that key gets compromised, the assets are gone.

Fireblocks uses MPC (Multi-Party Computation) technology to split key shares across multiple parties. No single device ever holds a complete private key. Transactions require collaboration between multiple signing parties.

What this means for us:

  • Reduced reliance on any single key or environment
  • No “one person can drain the wallet”
  • Shared signature models that distribute trust

This shifts security from “protect one thing perfectly” to requiring multiple independent controls to fail simultaneously. For a financial platform, this meaningfully reduces both external attack risk and internal misuse scenarios. It helps mitigate external attack vectors and insider risk, while maintaining operational efficiency.

Fireblocks offers MPC and shared signature advantages.

The tech underneath: why MPC-CMP matters

Fireblocks built its own MPC-CMP protocol. Compared to older standards like GG18, it significantly reduces communication overhead during signing.

The old way required multiple rounds of interaction between key holders to sign a transaction. MPC-CMP reduces this to a single round in many cases, improving latency and making the system more predictable under load.

That difference shows up in practice when you’re processing transactions continuously. Latency and reliability matter just as much as security.

You don’t have to choose between security and speed

Some regulators require offline key storage. Traditional cold wallets solve this but create new problems across manual processes, slow sign-offs, and operational friction.

MPC-CMP cold wallets offer an alternative that minimizes tradeoffs. One key share lives offline in an air-gapped device. The others stay online. This can help satisfy certain regulatory expectations around key isolation while preserving operational efficiency.

Transactions keep flowing. Approvals stay fast. Operational bottlenecks are reduced without sacrificing security posture.

The code is open for a reason

Fireblocks has made its MPC-CMP approach publicly available for external review under a controlled license. Cryptographers and auditors can examine the design, test assumptions, and validate its properties.

The protocol also runs inside secure hardware environments like Intel SGX and AWS Nitro. Combined with external review, this supports transparency and a defense-in-depth security architecture approach, both of which are important in institutional custody infrastructure.

Three threats, one solution

MPC’s distributed design helps mitigate three common attack paths:

Outside attackers

Key shares live in different places. Compromising a single component is not sufficient to access funds.

Insiders with bad intentions

No single employee holds all the pieces. Collusion would be required to bypass controls.

Operational mistakes

Even if someone attempts to initiate an invalid transaction, policy checks and signing requirements add enforcement layers before execution.

This shifts the risk model from single-point failure to coordinated compromise, raising the bar for successful attacks.

You can train your team. You can’t eliminate risk entirely.

Your developers need access to infrastructure to do their jobs. But every person with access introduces some level of inherent human risk (not necessarily malicious).

We take this seriously. At Clapp, we’ve built internal security protocols from the ground up: training, separation of duties, multi-step approvals, and continuous monitoring.

Even with strong internal processes, residual risk remains. Human error, compromised devices, or sophisticated phishing attempts are always possible.

That’s where Fireblocks comes in.

It introduced a layer of protection that does not rely solely on human behavior: structured access controls, hardware-backed enforcement, and transaction policies that require multiple conditions to be met.

Importantly, this does not replace internal security controls, but complements and reinforces them.

What actually happens when a user deposits or withdraws crypto

From a user perspective, transactions appear simple. Operationally, they are not.

Every transaction involves several layers working in sequence:

  • An orchestration layer that routes the request through Fireblocks’ API gateways and event queues 
  • Policy engine checks that evaluate whether this transaction is allowed based on predefined rules — amount limits, source/destination wallets, required approvers 
  • Signature collection where key shares are assembled from multiple parties using MPC-CMP technology, completing in a single communication round rather than nine 
  • Blockchain-specific logic including gas estimation, fee calculation, and address validation for the specific asset being transferred 
  • Confirmation monitoring via webhooks that track the transaction through every status update until final settlement 
What happens when a user deposits or withdraws crypto within Fireblocks' workflow.

For example, a transaction above a defined threshold may require multiple approvals depending on role and risk level.

In practice, this maps directly to how we operate at Clapp. For instance, routine user withdrawals follow pre-approved policy paths, while higher-value or non-standard transactions trigger additional approval steps based on role and context. Internal treasury movements are handled under separate policies with stricter controls. This allows us to keep day-to-day operations efficient without applying the same level of friction to every transaction.

The policy engine deserves special attention. It’s not just a yes/no gate. It’s fully configurable and enables you to define granular rules based on:

  • Who initiates
  • How much is being moved
  • Which wallets are involved
  • How many approvals are required

Every transaction is evaluated before execution.

Once approved, signing occurs via MPC-CMP in a single communication round.

Fireblocks handles much of this orchestration layer for us, reducing the need to build and maintain blockchain-specific transaction pipelines internally. Meanwhile, we retain control over policy and approvals.

Beyond simple transfers: Staking, internal flows, and treasury management

Crypto infrastructure isn’t just about user deposits and withdrawals.

We do much more than move assets from A to B.

  • Internal treasury flows: Moving funds between operational wallets, paying vendors, managing liquidity.
  • Staking infrastructure: Earning yield on idle assets without compromising security.
  • Internal controls for non-standard transactions: Approvals for large transfers, time-based locks, daily limits.

Across all of these, the requirement is the same: transactions need to be controlled, auditable, and consistently enforced.

Scalability: Adding new blockchains shouldn’t take months

One hidden cost of building in-house is blockchain integration.

Each new asset requires:

  • Protocol understanding
  • Wallet implementation
  • Testing and monitoring

This can slow product development if handled internally.

Fireblocks helps streamline this process by providing a single platform solution that scales alongside our business and use cases, rather than stitching together individual point solutions.

Instead of building integrations from scratch, we configure and extend existing infrastructure. This allows us to expand asset support while continuing to prioritize product development.

In Clapp’s case, this reduced integration effort from a potentially multi-week process to a significantly shorter configuration and testing cycle.

Operationally, this changes how we allocate engineering time. As we expand our product suite from savings and credit lines to upcoming features like staking and cards, supporting new assets no longer requires reworking core infrastructure.

That means less time spent on blockchain-specific implementation, and more time spent on product logic and user-facing features.

Today, Clapp already supports a diverse range of assets across multiple products: Flexible and Fixed Savings for stablecoins and fiat, multi-collateral credit lines, exchange capabilities, and portfolio tools.

But we’re not stopping there. Our product roadmap includes staking support, in-app margin trading, a crypto card, and more assets across all categories.

Because the underlying infrastructure is already in place, expanding that roadmap becomes a matter of configuration and testing rather than rebuilding core systems.

In practice, this leads to faster iteration cycles and a more predictable path from idea to launch.

Compliance readiness: SOC 2, DORA, and beyond

For a financial platform, security is mandatory.

We need strong access controls, approval workflows, auditability, and institutional-grade custody infrastructure. That’s what regulators and auditors expect to see.

Fireblocks provides a foundation that supports our ongoing readiness for:

Preparing for a SOC 2 Type II audit isn’t a one-time event. It’s an ongoing process of documenting every control, every access log, every approval. 

We don’t have to build audit trails from scratch or invent our own approval logic. The platform provides these capabilities natively: transaction histories, signature logs, and policy rule changes are all time-stamped and tamper-evident.

From an operational standpoint, this also simplifies internal reviews. When investigating a transaction or preparing for an audit, we can trace who initiated it, which policies were applied, and how approvals were granted without stitching together logs from multiple internal systems. That level of visibility is essential as both transaction volume and regulatory expectations grow.

Regulatory standards are only getting stricter

DORA, the EU’s Digital Operational Resilience Act, is a good example. It requires financial firms to prove they can withstand, respond to, and recover from all types of ICT disruptions. That includes third-party providers. 

When a regulator asks about our infrastructure resilience, we can point to Fireblocks’ security practices, certifications, and operating track record.

The alternative is years of work and a massive compliance risk. Convincing auditors to trust custom-built audit logging, approval workflows, and key management is a challenge. Instead, we rely on infrastructure already audited, certified, and used by a broad set of financial institutions. We still do our own work across policies, training, and internal reviews, but we don’t start from zero.

For any crypto platform, compliance isn’t a checkbox. It’s a continuous process. Fireblocks helps us stay ahead of it without drowning in it.

Infrastructure is a means, not a mission

When we started Clapp, we had a choice: build everything ourselves, or partner with someone who already solved the hard problems.

Building in-house would have meant years of infrastructure work before launching a single feature. Fireblocks enabled us to move from idea to product significantly faster.

What we gained:

  • Reduced development complexity
  • Accelerated time-to-market
  • Strong security foundations from day one
  • Scalable infrastructure that grows with us
  • Compliance readiness built-in
  • Focus on product, not private keys

Crypto security isn’t just about storage. It’s about workflow design, internal controls, and operational discipline. Get those right, and everything else gets easier.

Trust and responsibility remain internal, but they can be extended thoughtfully to partners with proven infrastructure. The goal is to build on infrastructure that helps you manage workflows more effectively while staying focused on what differentiates your business.

See how Clapp leverages Fireblocks to build secure, scalable, and operationally resilient digital asset infrastructure, and read Fireblocks’ 2026 security whitepaper for a deeper dive.

Table of Contents

TL;DRThe in-house security nightmare we avoidedWhy “hot vs. cold wallets” is an oversimplificationThe Fireblocks difference: Shared signatures and MPCYou don’t have to choose between security and speedThe code is open for a reasonThree threats, one solutionYou can train your team. You can’t eliminate risk entirely.What actually happens when a user deposits or withdraws cryptoBeyond simple transfers: Staking, internal flows, and treasury managementScalability: Adding new blockchains shouldn’t take monthsCompliance readiness: SOC 2, DORA, and beyondInfrastructure is a means, not a mission

About us

Fireblocks is the world’s most trusted digital asset infrastructure company, empowering organizations of all sizes to build, manage and grow their business on the blockchain. With the industry’s most scalable and secure platform, we streamline stablecoin payments, settlement, custody, tokenization, and trading operations enabling – everything from institutional finance to consumer-facing digital experiences across the largest ecosystem of banks, payment providers, stablecoin issuers, exchanges and custodians. Thousands of organizations – including Worldpay, BNY, Galaxy, and Revolut – trust Fireblocks to secure more than $10 trillion in digital asset transactions across 120+ blockchains. Learn more at fireblocks.com.

Topics