Bakkt Warehouse: Security First

Protecting our customers’ assets is a foundational component of everything we do at Bakkt. Bakkt’s infrastructure leverages enterprise security capabilities, including those that protect Intercontinental Exchange’s dozen exchanges around the world, including the New York Stock Exchange. This is complemented by defenses unique to the safeguarding of digital assets.

Bakkt Warehouse

The Bakkt Warehouse is comprised of both online (“warm”) and offline, air-gapped (“cold”) digital asset storage. Bakkt rebalances between warm and cold storage tiers to minimize risks associated with warm storage. To further protect our customers, Bakkt’s warm and cold wallets are covered by a $125,000,000 insurance policy from a leading global carrier. This coverage will be reevaluated from time to time based on risks and updates to operational best practices. In addition, Bakkt is working with one of the largest custody banks in the world, BNY Mellon, as part of its safekeeping process.

Bakkt Dual Warm/Cold Wallet Structure icon

Dual Warm/Cold Wallet Structure

  • Majority of assets stored offline in cold wallets
  • Insurance policies for cold and warm wallets
  • Extensive physical security including bank-grade vaults

Bakkt Secure Wallet Architecture and Storage icon

Secure Wallet Architecture and Storage

  • Multi-signature transaction signing
  • Shamir's Secret Sharing for key sharding
  • Hardware security modules (HSMs) to secure and authenticate keys

Bakkt Comprehensive Cybersecurity Program icon

Comprehensive Cybersecurity Program

  • Mandatory two-factor authentication (2FA)
  • IP address and withdrawal address whitelisting
  • Regular operational and security audits

Warm Wallets

  • Stores a small balance of bitcoin held in the Bakkt Warehouse
  • Private keys are created and stored on FIPS 140–2 level 3 hardware security modules (HSMs) and no individual has access to private key material
  • Network connected, but all withdrawal requests are received, verified, and processed by dedicated staff located in multiple geographies; requests are validated, both manually and systematically, against a policy ruleset that controls for parameters such as amount, destination, and velocity of transactions
  • Additional anti-collusion and insider threat controls require multiple individuals from multiple teams in multiple locations be involved to process a transaction
  • 24x7 on-site, armed security
  • Advanced insider threat and anti-collusion controls

Cold Wallets

  • The majority of bitcoin stored in the Bakkt Warehouse is offline
  • Air-gapped systems stored in bank-grade vaults with sophisticated physical security controls
  • Wallet keys are sharded and encrypted at creation, with multiple key shards needed to sign a single transaction
  • Geographically distributed multi-signature transaction operations
  • Segregation of duties between internal teams
  • 24x7 on-site, armed security

Systems Security

Bakkt stores client private keys on hardened systems in cold storage and on FIPS 140-2 level 3 HSMs in warm storage. Systems are sourced using approved procurement processes addressing supply chain risk. Bakkt-developed applications and those procured from external vendors are required to support multifactor authentication and are centrally controlled by a full-time, 24x7 cybersecurity team. All Bakkt managed devices (i.e. servers, laptops, network devices, mobile devices, etc.) have extensive security controls to prevent unauthorized access, limit authorized access, and safeguard against local and remote attacks.

Regular penetration tests are conducted including external, internal, and physical evaluations of all operations facilities. For the continuous improvement of our security and operational processes, Bakkt proactively seeks input from partners and law enforcement agencies.

Disaster Recovery

At Bakkt, the protection and secure recoverability of private cryptographic keys, used to store digital assets, is a core competency. Bakkt has robust controls for Disaster Recovery (DR) and Business Continuity Planning (BCP) which help prepare for the restoration of normal services as quickly as possible in the event of a service outage due to unforeseen circumstances or a physical disaster. The Bakkt Warehouse is fully supported in both the primary and backup facilities and can operate independently from the location of ICE trading and clearing systems.

Digital Asset Listing Standards

Bakkt uses a principles-based approach to evaluate support of new and existing digital assets. Our framework includes considerations such as security, regulatory compliance, and transparency. Supported assets should be based on work that is well-documented, peer reviewed, and maintained by a team, organization or distributed community. Bakkt assesses each digital asset’s ability to meet compliance obligations and ensure it falls within the standards set by our regulators, partners, and Federal policy. All assets should align with Bakkt’s mission of expanding access to the global economy by building trust in and unlocking the value of digital assets.