On June 10, at the highly anticipated global Web3 and AI summit Proof of Talk 2025, CertiK CTO Dr. Li Kang hosted a roundtable discussion focusing on "Web3 Wallet and Custodial Security". Starting from the underlying perspective of hardware and system software, the forum discussed how to build a more secure and scalable Web3 asset protection mechanism.
Guests included Jean-Yves Girard, head of IBM Digital Asset Infrastructure, Liang Yuning, founder of DeepComputing & MetaComputing, Mark Davis, CEO of Crossbar, and Robert Rogenmoser, CEO of Securosys. They had in-depth discussions on topics such as Web3 user security pain points, advanced hosting architecture, challenges and breakthroughs in the open source ecosystem, etc.
As the host, Dr. Li Kang pointed out in his opening remarks: “Private key custody and Web3 wallet security are highly dependent on the security of devices and hardware, but discussions about the underlying system and hardware security are not common.” He emphasized that current Web3 security discussions are mostly focused on the on-chain protocol and smart contract levels, while the decisive role of the underlying hardware and system architecture is often overlooked.
Jean-Yves Girard from IBM shared his team’s technical architecture in high-security digital asset custody, including EAL5+-based partitioning and cold storage signature processes, and specifically introduced how IBM’s offline signature orchestrator system supports bank-level custody services.
Crossbar CEO Mark Davis started from real problems and pointed out through cases that the existing custody models of "entrusted custody" and "self-custody" both expose systemic risks. He further introduced Crossbar's solution based on "distributed custody" and MPC-TSS technology, emphasizing the application value of flexible and scalable signature structure in enterprises and individual users.
Liang Yuning, founder of DeepComputing, started by talking about the practical challenges of open source technology, shared his team's practical experience in multi-terminal computing and local security isolation, and called on the industry to think more systematically about the openness and credibility of the underlying architecture while ensuring user experience.
Robert Rogenmoser, CEO of Securosys, combined his years of experience in hardware security modules (HSM) and key management to analyze the key bottlenecks and coping strategies in the current hardware hosting solutions. He said that hardware trust boundaries are crucial when building a global digital asset infrastructure.
In the discussion about the future form of Web3 wallets, the guests generally believed that the composable and modular multi-signature architecture will become the mainstream trend, and balancing user experience and security is the core challenge. Dr. Li Kang added: "Financial companies are accustomed to using dedicated hardware (such as HSM) for private key and signature management; related security assessments, such as EAL and FIPS, are also widely accepted by regulators. However, these assessments are not specifically used to verify the security of blockchain signature implementations, so the degree of security protection of digital assets by these systems still needs to be audited by professional blockchain security companies." He pointed out that "custody" is essentially an architectural design issue, not a single technology stack. The ideal custody solution should effectively prevent misoperation through system mechanisms while ensuring users' moderate freedom of operation.
In addition, the guests expressed a cautious and optimistic attitude towards the role of open source software in Web3 hosting. Mark Davis pointed out the legal gaps and market barriers faced by open source chip design, and called on the industry to go further in security transparency. Liang Yuning also discussed how to achieve module-level open source isolation without sacrificing performance, starting from the operating system-level security.
At the end of the forum, Dr. Li Kang concluded: "The underlying technology of private key custody and wallets is still evolving. We look forward to providing provable and user-trusted security solutions through cooperation among all parties in the future . "
As the world's largest Web3 security company, CertiK has always been committed to promoting the establishment and development of Web3 security standards from a systematic and structured perspective. By hosting this Proof of Talk roundtable forum, CertiK hopes to work with global cybersecurity practitioners to provide cross-layer collaborative security solutions for developers, enterprises and regulators as regulations become clearer and technology becomes more complex.
