Security Updates

A page dedicated to Gray Digital Security Updates

CertiK Audit

The Gray Digital + Gray Fund have completely finished a comprehensive audit and KYC with CertiK (https://skynet.certik.com/projects/gray-market). Eight members of or backend and executive team have completed their full KYC and the Gray Digital was awarded with their Gold KYC badge. The Certik audit ensures that the smart contracts utilized by Gray Digital are safe and secure for participating members.

Chainalysis On-Chain Monitoring

Chainalysis is a platform that performs AML checks, company wallet monitoring, user wallet monitoring, malicious transaction detection and various other services, to block and detect users who are using the platform with malicious intent. The Chainalysis entity identifications go through a rigorous confirmation process and have been used by law enforcement to investigate and prosecute notable cases. Services provided by Chainanysis:

  • Automated and continuous address, wallet, and transaction screening provide real-time alerts to prevent interactions with illicit actors

  • Chainalysis offers an API to access and monitor this data in real time.

  • Their Reactor product is the industry standard for investigating cryptocurrency transactions. This product would allow us to trace transactions with advanced analytical capabilities, such as automatic peel chain detection and cross-chain graphing, in order to identify and prosecute any potential bad actors.

  • Crypto forensics tools and visual analytics for investigating and tracing the movement of funds when evaluating suspicious activity

This partnership is essential to protecting participating members as well as the Gray Digital company. You can read more about the services on their website at: https://www.chainalysis.com/

Fireblocks: Digital Asset Custodial Services

Fireblocks is a leading digital asset custody, settlement, and issuance platform, serving over 1,800 organizations globally. It ensures secure management of digital assets for various financial institutions, including exchanges, custodians, and banks. The platform combines advanced technologies to offer services like Treasury Management, Wallets-as-a-Service, and Tokenization. Notably, Fireblocks has secured over $4 trillion in transactions, demonstrating its reliability in the digital asset space.

Gray Fund's strategic partnership with Fireblocks marks a significant step in enhancing its digital asset management services. This collaboration is particularly noteworthy due to two primary reasons: the increasing demand for smart contract related integration, and the requirement set by Coincover, Gray Fund's new Digital Asset Protection partner, to use one of their approved custodians.

Key Services Offered by Fireblocks:

  • Secure Asset Transfer and Storage: Fireblocks offers an end-to-end secure environment for digital asset transactions and storage. This is crucial for managing the risks associated with digital asset transfers

  • API Integration: The platform allows direct API integration with various external services. This integration is critical for Gray Fund, as it enables seamless connection with the insurance provider, security team, chainalysis, and compliance departments. Such connectivity ensures the highest level of security for user funds

  • Compliance and Security: Fireblocks is highly compliant with industry standards, providing top-notch security features. This includes advanced measures to protect against unauthorized access and cyber threats, ensuring the safety of digital assets

  • Transaction Volume and Experience: Fireblocks has secured over $4 trillion in transactions, a testament to its reliability and efficiency. This experience is invaluable, especially when dealing with high-volume transactions

  • Versatility in Services: The platform is utilized by some of the largest cryptocurrency and national banks. Its services encompass everything from secure transactions and wallet management to comprehensive security of assets

You can read more about Fireblocks on their website: https://www.fireblocks.com/

Coincover: Blockchain Protection Comapny

Gray Digital has secured a partnership with Coincover, offering an extra layer of security for the platform. Coincover offers comprehensive crypto and blockchain protection technology that is warranty backed to provide complete protection to innovative companies operating in the web3 space.

Outline of the Protection Coverage Details from the Contract with Gray Digital:

  • The protection extends to the Gray Fund balance custodied within the Fireblocks platform.

  • Each wallet registered with the Gray Fund is protected with a soft insurance limit of $100k USD per transaction, and a high limit of $500k USD per transaction. This is in addition to the overall fund coverage. Total fund coverage can be amended in the agreement as the Gray Fund grows.

The covered risks include, but are not limited to:

  • Account Takeover: Unauthorized access to digital asset accounts and transactions to alternate wallets.

  • Address Poisoning: Misleading transactions due to closely matched wallet addresses.

  • Biometric Security Failure: Loss of funds due to biometric authentication breaches.

  • Brute Force Attack: Unauthorized access through repeated trial-and-error.

  • Damaged/Stolen Device: Loss of access to crypto assets due to hardware issues.

  • Exit Scams: Theft of deposits in cryptocurrency projects under specific conditions.

  • Insolvency Crypto Asset Access: Recovery of funds if the company ceases trading.

  • Internal Bad Actors: Misuse of credentials by permanent employees to steal assets.

  • Lost Seed Phrase: Loss of the sequence of words required to access crypto wallets.

  • Man-in-the-Middle Attacks: Compromised communication resulting in asset theft.

  • Multi-factor Security Failure: Losses due to compromised multi-factor authentication.

  • Ransomware: Inaccessibility of digital assets due to ransomware attacks.

  • Sim Swap: Cell phone-based two-factor authentication breaches.

  • Social Engineering: Deception of employees leading to asset theft.

  • Spear Phishing: Targeted email attacks leading to unauthorized access.

  • Supply Chain Hacks: Exploitation of third-party software to steal digital assets.

  • Whaling: High-level impersonation attacks leading to asset theft.

For a more detailed overview of the protections now being offered to our users, we encourage you to review our completed insurance agreement. These documents are available in the Gray Digital Discord.

You can read more about Coincover on their website: https://www.coincover.com/

Fireblocks & AML Solutions by Coincover and Chainalysis

Fireblocks & AML Solutions: Security and compliance are paramount, and with our established partnership with Fireblocks, advanced AML (Anti-Money Laundering) solutions provided by Chainalysis and transaction protection technology provided by Coincover that is insured, all transactions on the platform are not just faster but also more secure. Fireblocks is now fully deployed for all services and products, including Pro subscriptions, trading services, and the Gray Fund. These integrations help in monitoring and protecting transactions from any fraudulent activities, ensuring peace of mind. Fireblocks is used as the middle between our traditional finance side, and the digital asset side (and provides that middle custodial level). Fireblocks is utilized for all transactions of funds flowing in and out of the Gray Fund (and all future products, including Pro subscriptions). Integrated within Fireblocks is transaction protection technology provided by Coincover that is insured, and Chainalysis AML checks - which all work in sync to ensure our platform maintains a level of financial compliance, and security for our users.


Gray Fund 2-Factor Authentication

Gray Fund Participating Members will have the option to enable 2-Factor Authentication (2-FA) on their Gray Fund account. This allows users increased security measures to prevent unauthorized access to user accounts. Although this feature is not required, it is highly suggested. When combined with the use of a cryptocurrency hardware wallet, Participating Members have a formidable defense against loss of funds.

Gray Fund Interaction Signatures

Another addition to our security protocol within the Gray Fund is the addition of signatures on all Gray Fund interactions. This means that if you are doing any sort of function within the Gray Fund (Deposit, withdrawal, change settings, etc.,) you will be required to sign a signature which just tells us that you are the one making the request and not someone spoofing your wallet address. If users are using 2-factor authentication they will instead be asked for their 2FA code when making Gray Fund interactions.

All contracts, partnerships and documentation can be located in the Gray Digital Discord

Last updated