Event | Escaping the $2.9B Security Black Hole — Safeheron and GFTN on Building the “Cornerstone of Trust” in Digital Assets
“The strength of asset security is determined by its weakest link. In the blockchain ecosystem, this link is often not the code, but the human element.”
This core insight from Safeheron Partner, Jag Foo, set an alarming tone at the recent inaugural Industry Immersion event of the GFTN 2025 Blockchain Guardians Programme, hosted by Safeheron. He highlighted that in 2024 alone, global digital asset losses from hacks have already reached a staggering $2.9 billion, with at least 80% of these losses stemming from private key leaks and social engineering attacks. From DMM Bitcoin to ByBit, countless devastating incidents all point to the same vulnerable source: the human factor.
This event marked the official launch of the 2025 Blockchain Guardians Programme, where Safeheron was honored to open this in-depth dialogue on trust and security with industry leaders.
Defense-in-Depth: From Technical Innovation to a Zero-Trust Architecture
Faced with hard-to-prevent “human risks” like user negligence, insider fraud, and phishing attacks, traditional single-point defense strategies have become obsolete. Safeheron’s answer is a multi-layered security architecture built on the principles of “Defense-in-Depth” and “Zero Trust,” creating an impenetrable security fortress for institutions such as payment providers, liquidity providers (OTC desks), digital banks, and RWA projects.
Layer 1: MPC-TEE Technology to Eliminate Single Points of Failure at the Source
Through MPC (Secure Multi-Party Computation) protocols, critical operations no longer rely on a single private key but are completed by multiple encrypted key shards in a distributed manner. Combined with an Intel SGX-based TEE (Trusted Execution Environment), the private key is never exposed in plaintext throughout its entire lifecycle, completely eradicating the risk of a single point of failure.
Layer 2: A Flexible Policy Engine for Granular Risk Control
This deeply integrates technical security with business governance, ensuring that technology serves governance. Safeheron’s policy engine supports a multi-person approval mechanism based on a T-of-N model (e.g., requiring approval from at least 2 out of 4 members) and allows institutions to customize detailed transaction limits and operational permissions based on team roles and time periods. This ensures that any asset movement strictly adheres to preset risk control rules, effectively curbing both insider threats and operational errors.
Layer 3: The Overarching Principle of Zero Trust: Never Trust, Always Verify
Every operation must undergo rigorous verification. Through multi-factor authentication (MFA), remote attestation, and “What You See Is What You Sign” (WYSIWYS) technology, it ensures the triple-layered trust of the operator’s identity, the device environment, and the transaction details. Meanwhile, by separating duties among roles like “Team Admin”, “Team Member”, and “Key Shard Backup Holder”, it creates a closed-loop governance system with clear responsibilities and checks and balances.
For Licensed Institutions: A Triple Guarantee of Compliance, Efficiency, and Control
- Compliance Assurance: Integrate leading third-party KYT/AML services to proactively monitor and block high-risk transactions.
- Cost Reduction & Efficiency Gains: Offer services like Tron energy rental, saving clients 50% on transaction costs.
- Absolute Control: Provide a fully open-source offline recovery tool, ensuring clients retain absolute control over their assets even in extreme scenarios.
Since its launch in July 2022, Safeheron has delivered an impressive track record: peak assets under management (AUM) of \$1.5 billion, over \$100 billion in transactions processed, 300,000 MPC wallets created, and has maintained a perfect record of zero security incidents. The company is certified with internationally recognized standards like ISO/IEC 27001:2022 and SOC2. Its code is fully open-source—a testament to both its technical confidence and its commitment to transparency.
“Engineering” Trust to Build a Secure-by-Design Ecosystem
The event’s panel discussion, themed “Building trust with a digital assets ecosystem secure by design”, brought the dialogue to its climax. Centering on key topics such as lessons from past security incidents, resilient design principles, regulatory trends, and customer protection, industry leaders including Angela Ang from TRM Labs, Anu Phanse from Coinbase, and Daniel Lee from Banking Circle, engaged in a brilliant discussion with attendees. The session was moderated by Ryan Ang, founder of Greythorn. In the end, all participants reached a profound consensus: true security is not about reactive fixes but must be deeply integrated from the outset, “engineering” trust through technology and processes.
Building Trust Together for a Promising Future
As Jag Foo concluded, “Clients choose our self-custody services to operate their businesses with peace of mind and to meet regulatory requirements. When the cornerstone of trust is solid, the potential for large-scale institutional adoption of digital assets is limitless.”
Safeheron extends its sincere gratitude to GFTN for their trust and support, as well as to all guest speakers, attendees, and the venue host, OGBC Group. Safeheron will continue to drive security consensus into action through technological innovation and sharing best practices, working alongside GFTN and all industry partners to foster a more trustworthy digital asset ecosystem and contribute to the healthy development of the global digital asset industry.
