CertiK and Safeheron, a leading enterprise key self-custody service provider, are joining forces to raise the standard of transparency in private key management.
The result of this collaboration is a new verification mechanism to help users ensure projects have adopted enhanced private key management solutions.
Directly or indirectly, many Web3 projects manage funds through a smart contract or an individual account address. This can create a single point of failure,leaving projects and users highly vulnerable if these addresses become compromised, either due to private key leakage or a malicious exit scam.
Blockchain security firms, like CertiK, call out these centralization risks during security reviews. In addition to warning users of the risks they may be taking on by interacting with a protocol, security reviews also propose remediations that reduce or eliminate the risk. Providers of private key self-custody services, like Safeheron, offer institutional-grade multi-party computation (MPC) solutions to reduce such centralization risks. However, while CertiK and other security auditors can propose remediations, their final implementation is in the hands of the project owners. The adoption rate of these solutions has, until now, remained opaque to the broader public.
In this joint effort, Safeheron now provides interfaces for CertiK and other security companies to verify if a project address is indeed protected by a key custodian solution. This transparency assists security auditors and users in verifying that projects have in fact adopted measures to mitigate centralization risks.
This collaboration between CertiK and Safeheron delivers a powerful new tool to the public, a tool built on the transparency that defines Web3. Together, we urge other stakeholders to join us on our mission to raise the standards of transparency and security across the Web3 world.