Fireblocks - The Real Way to Store Your Crypto Securely
How we implemented fireblocks, why we think it is good, and what parts of it could be interesting
Introduction
Fireblocks (https://www.fireblocks.com/) - positions itself as an enterprise-grade solution for storing digital assets. We agree with that, and are ready to share what we learnt throughout the way of integrating them within several of our projects.
Fireblocks - major benefits
Fireblocks is:
BIG
Secure
Documented
Responsive
What does that generally mean?
BIG
Based on the solutions Fireblocks provide, the processes established within the company, the number and level of customers that can be seen inside the Fireblocks network, and the price - Fireblocks is really big, real established company. Meaning that the deal you make with them is solid.
Secure
MPC and other technologies they utilize, in particular, for cold storage, are impressive and correspond with what we would call secure, by the measure of usual logic and both technological expertise we have. Specific tools and approaches we consider good for security are:
Obligatory 2FA in the Fireblocks console
MPC for transaction signatures
Transaction Authorization Policy - the rules they allow to configure
Communication approach via support - feels like your request is really private, and it will not be shared with unauthorized stakeholders which is particularly important for outsourcing companies
Complex cold storage mobile app configuration with strict limitations on the way to manage your keys from your storage
and some more
Documented
Help Center - https://support.fireblocks.io/hc/en-us
Even though there are some challenges appearing along the way, 95% of what we needed was found in the documentation, and the help center. Everything we couldn't find was successfully handled by our customer representative on their side.
Responsive
Speaking of the customer representative. A responsible person is assigned to each customer, basically an account manager, which helps handle whatever requests we have. We have been added to the chat with support, where we could find out whatever details we needed for the integration.
This was done in parallel with giving us access to creating tickets in their help center, which meant that we could reach more "deep" support levels if necessary for a complex challenge, and we could receive guidance in operational manner in a chat, without waiting for a formal response in accordance to SLAs for several days.
Our integration experience
We have implemented Fireblocks for the products like:
Centralized crypto exchange
Escrow service
Crypto swap
Crypto onramp
Cold wallet
We have also considered Fireblocks for integrating it in tokenization platforms, DeFi aggregators, and more.
Basically, we would divide our experience into several key sections:
Hot wallet
Cold wallet
DeFi
Ready-to-go services
Other
Hot wallet
Basically it is about creating a wallet for customers, for example, on exchange. Having keys stored in Fireblocks, operating them on a daily basis, etc. Nothing special. Refer to Binance for this kind of experience.
Overall, it is a standard API integration, which requires a number of special activities:
Co-signer configuration
Transaction Authorization Policy configuration
Overall console configuration
Those activities are knowledge intensive and will require someone from the team to understand the Fireblocks console on medium level, to make sure the transactions go smoothly, securely and the potential risks are mitigated.
Cold wallet
A little bit special. We needed a secure storage with very limited capability for withdrawals and increased safety.
This is a separate Fireblocks product that requires a separate workspace. It is configured to make sure the corresponding cold storage never has a connection to internet from the moment it was configured (never). It still has transaction authorization policies, enhanced with the cold wallet experience, which makes it really cool.
Refer to trezor or other cold hardware wallets combined with binance for this kind of experience.
Cold wallet integration, overall, is similar to how wallet integration, with a number of exceptions:
Transaction Authorization Policy is a little different from hot wallet
Requires additional cold storage configuration and some dedicated devices for that
Again, that would require someone from the team to understand the Fireblocks system well enough.
DeFi
If you want to build something on DeFi basis - this is for you. We have no much experience with these products from Fireblocks, just a conceptual understanding. Refer to something like Pancakeswap for this.
Ready-to-go services
Fireblocks utilizes synergy of its services and customers, and proposes a range of different ready solutions, like:
and some more
Those seem to be solutions for specific use cases some of the companies really need, even though we didn't have a need to integrated them withing our solutions.
Overall recomendations
We would definitely recommend Fireblocks if you can afford it.
Make sure to take time for:
Establishing the contract with team
Configuring and trying the sandbox
Configuring and testing the production environment
Getting to know the system well
Overall, the integration might take 2-3 months, if you don't have the experience and have a minimal scope. If it is not, aim for 4-6 months.
Other things to know about:
SDK is simple to utilize
⚠️From time to time, fee in webhooks is bad. For example, we receive a webhook with a transaction finished long ago, with a 0.01 ETH fee, while the fee was 0.02 ETH. How to fix: you receive a hook - you make an API request to Fireblocks regarding this transaction.
⚠️When configuring callback API URL for the co-signer, you have to specify the backend URL. The important point is that the co-signer is going to add "/v2/tx_sign_request" and "/v2/config_change_sign_request". Pay attention to this
Need a free technical consultation for your project or ideas?
Book a quick sync up with our CTO if you need a helping hand or visit our website:
Last updated