Wallet Custody Solution Evaluation Report

# Wallet Custody Solution Evaluation Report **Fireblocks Alternative Assessment: Turnkey & Recommendations** **Prepared by:** Giovani Guizzo **Date:** October 17, 2025 **Context:** Fireblocks contract renewal evaluation --- ## Executive Summary As our contract with Fireblocks approaches its end, I've conducted a technical evaluation of Turnkey as a potential alternative custody solution for our crypto exchange platform. While Turnkey demonstrates strong capabilities in core wallet management and security features, my investigation revealed significant integration challenges that could impact our migration timeline and costs. **Key Finding:** Turnkey alone is insufficient for our needs. It requires additional third-party services for balance management and transaction monitoring, introducing complexity and risk. **Recommendation:** We should prioritize **sticking with Fireblocks** or evaluating **Copper and other integrated custodians** before committing to the Turnkey path. The apparent simplicity of Turnkey's solution becomes complex when accounting for the full stack we need to operate our exchange. --- ## Background & Context **Our Current Setup:** - Fireblocks serves as our primary custodian - Operations (OTC) team manages fund transfers between Fireblocks and account providers - Contract expiration needs evaluation of alternatives **Core Requirements for Any Solution:** 1. Enable safe OTC operations with appropriate controls 2. Support multi-wallet architecture with backend integration 3. Facilitate secure automated transfers --- ## Turnkey Technical Assessment ### Requirements Validation I've verified that Turnkey addresses all three core requirements: | Requirement | Turnkey Implementation | Documentation | | -------------------------------------- | ------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------- | | **Safe OTC Operations** | Co-signing with quorum support allows multiple team members to approve transactions | [Co-signing Docs](https://docs.turnkey.com/signing-automation/co-signing-transactions#introduction-to-co-signing) | | **Multi-wallet & Backend Integration** | Delegated access policies enable granular permissions for different backend services | [Delegated Access](https://docs.turnkey.com/concepts/policies/delegated-access-overview) | | **Secure Automated Transfers** | Policy-driven automation with fine-grained configuration for automated agents | [Automation Overview](https://docs.turnkey.com/signing-automation/overview) | ### Key Strengths Identified **1. Robust Security & Access Control** - Configurable quorum policies for transaction approval - Fine-grained policy engine for both human operators and automated systems - This policy engine is highly flexible and powerful, but also complex to configure - it uses JSON-based rules - Separate policies for OTC team vs. automated trading systems **2. Strong Developer Experience** - [TypeScript SDK](https://docs.turnkey.com/sdks/javascript-server) for frontend/backend development - **[Go SDK](https://docs.turnkey.com/sdks/golang) - critical for our main backend language** - Well-documented automation framework **3. Scalable Architecture** - HD Wallet structure: single mnemonic with multiple derivations - We can create one Vault Wallet with individual accounts per exchange user - No architectural changes needed as user base grows **4. Smooth Migration Path** - [Migration guide](https://docs.turnkey.com/getting-started/migration-guide) provides clear procedures - Supports key import from Fireblocks - May eliminate need for asset transfers, just import existing keys --- ## Critical Discovery: The Integration Gap ### The Problem **Turnkey is strictly an account manager, not a complete custody solution.** It handles: - Private key management - Transaction signing - Access policies It does **NOT** handle: - Balance tracking across chains - Transaction history and monitoring - Wallet abstraction layer - Asset management UI/API ### Practical Investigation: OneBalance Integration To fill this gap, I investigated OneBalance, which offers a Turnkey integration. I set up and configured their integration from the [official repository](https://github.com/OneBalance-io/integration-examples/tree/1f6a5f674aaa19d4ef268201a8905aee25f42e3b/turnkey). **Result:** The OneBalance API returned CORS errors, preventing successful integration. This is concerning as it indicates: - Potential immaturity of the integration. Maybe it's just an example after all - Configuration issues on their API side - Additional debugging/support overhead for us - Complexity in setting up and testing with dev environments ### What This Means To use Turnkey, we would need to: ``` KiiEx ↓ OneBalance (or custom solution) ← Build/integrate balance management ↓ Turnkey ← Custody & signing ``` **Best case scenario:** Significant time investment integrating with OneBalance or similar service **Worst case scenario:** Building our own balance management layer ## My Recommendation: Evaluate Full-Service Alternatives ### Primary Recommendation: Stick with Fireblocks I believe we should seriously evaluate sticking with **Fireblocks**. If Fireblocks is not an option, we could investigate **Copper** (or similar full-service custodians). Both solutions are preferred because: 1. **Single Integration Point** - Custody + balance management + operations in one platform - Reduced complexity and vendor management - Faster time-to-production 2. **Lower Implementation Risk** - No custom development for balance management - No need to maintain yet another service - Proven, complete solution - Single vendor accountability 3. **Cost-Effectiveness** - While per-transaction costs may be higher, total cost of ownership (TCO) could be lower when factoring in development time - No migration time - we already use Fireblocks - or small migration effort if switching to Copper ### Alternative Custodians to Consider In addition to Fireblocks and Copper, I recommend we evaluate: - **Anchorage Digital** - Strong regulatory compliance, institutional focus - **BitGo** - Mature platform, excellent API, broad multi-chain support - **Coinbase Custody** - If we need maximum regulatory credibility - **Ledger Enterprise** - Hardware-backed security with software integration ## Conclusion Turnkey is technically sound for **account management**, but incomplete for our operational needs. The integration challenges I encountered with OneBalance validate concerns about choosing a fragmented solution. **My professional opinion:** We should prioritize **sticking with Fireblocks** or evaluating **Copper and other integrated custodians** before committing to the Turnkey path. The apparent simplicity of Turnkey's solution becomes complex when accounting for the full stack we need to operate our exchange.