Abra is based on a non-custodial wallet architecture, which makes Abra wallets more secure than most other alternatives.
As we have written about before: “A non-custodial wallet fully leverages the power of permissionless blockchain technology, which enables peer-to-peer transactions without the need for an intermediary.”
Non-custodial wallets are more secure because they create a less focused attack surface, while wallets that are custodial — meaning users funds are stored in a big, centralized database — are creating massive targets for hackers.
Hacking a centralized exchange or wallet is like trawling the ocean for fish with a net versus a wallet like Abra, which is like fishing with a rod in the bathtub inside a locked house inside a locked compound with security guards on every corner.
The structural vulnerabilities are often revealed after massive structural failures happen — like the recent $40 million hack of the Binance exchange — when hackers are able to lift a massive amount of funds with one fraudulent operation.
“People don’t really think about the difference between a custodial and non-custodial wallet until they have been hacked,” says Abra founder and CEO Bill Barhydt. “Once you’ve been hacked, you get it. But by then, it’s too late.”
In the statement put out by Binance acknowledging the hack of one and theft of 7,000 bitcoin from of their hot wallets, the company said:
The hackers had the patience to wait, and execute well-orchestrated actions through multiple seemingly independent accounts at the most opportune time. The transaction is structured in a way that passed our existing security checks. It was unfortunate that we were not able to block this withdrawal before it was executed.
What this means is that Binance — and other centralized exchanges for that matter — hold their users’ assets in what amounts to little more than an internet-connected database. This structure lends itself to a wide range of security vulnerabilities, including social engineering, phishing, malware deployment, and others.
Centralized exchanges and wallets often use SMS for two-factor authentication which makes those accounts vulnerable to SMS hacks. With a non-custodial wallet like Abra this style of attack is not possible.
The alternative to hack-prone centralized exchanges is the kind of non-custodial model used by Abra.
Bitcoin was designed so that people could use the internet to perform transactions without the need to involve a trusted third-party. The whole point of blockchain technology is to provide the infrastructure to allow for secure transactions to take place without having to trust centralized databases or financial service providers.
“We built Abra as a non-custodial wallet because we want all Abra users’ assets to be as secure as possible,” Barhydt says. “The full value of cryptocurrencies like bitcoin isn’t realized if people are still trusting centralized exchanges to custody and control their funds.”
Rather than use a vulnerable, centralized database for accounting and settlement, Abra uses the Bitcoin blockchain.
There are some tradeoffs involved in this arrangement.
A non-custodial wallet requires users to take more responsibility. Abra users have to document and safeguard a private key, which is the only way to access their blockchain-based assets.
If an Abra user loses their recovery phrase, there is no way for Abra to regain access to their funds. This can obviously lead to frustration and disappointment if an Abra user loses their recovery phrase and wasn’t fully aware of the implications of using a non-custodial wallet.
But by following a few best practices (which users are prompted to do when they are first creating a wallet) to secure their recovery phrase, Abra users can then take full advantage of having a safe and secure wallet.
Non-custodial wallet as a fundamental right
Abra is built this way because we believe that a non-custodial wallet is a cornerstone to a new decentralized financial system.
Decentralized alternatives to the traditional financial system hold the promise of universal access to financial services and products (like the ability for anyone, anywhere to have the same public market investing opportunities).
Decentralized finance also replaces middlemen with blockchain. By replacing corporate and bureaucratic layers that cost time and money with blockchain as an accounting and settlement layer, decentralized finance will be easier and more cost effective.
“We will only be able to realize the full potential of decentralized finance through non-custodial services that fully secure and protect users from large-scale hacks,” Barhydt says.