BitcoinRegistry

BitGo Trust Company

BitGo Bank & Trust, National Association (formerly BitGo Trust Company, Inc.)

centralised custody

Risk Rating

3/5

Moderate

Established

2013-01-01

Custody Since

2018-01-01

Assets Under Custody

$81.6B

Regulatory Licenses

NY Trust Charter

New York Department of Financial Services (NYDFS)

active
View Regulator

National Trust Bank Charter (OCC)

Office of the Comptroller of the Currency (OCC)

active
Effective: 2025-12-12
View Regulator

Money Transmitter Licenses (multiple states)

FinCEN / State Regulators

active
View Regulator

Major Payment Institution (MPI) License

Monetary Authority of Singapore (MAS)

active
Effective: 2024-08-07
View Regulator

Risk Assessment

regulatory standing18/25
proof of reserves quality15/25
counterparty concentration20/25
operational historical12/25

Assessment Rationale

BitGo holds NY Trust Charter and OCC National Trust Bank Charter (Dec 2025), providing strong US regulatory foundation. However, WBTC custody arrangement change (Nov 2023) introducing BiT Global joint venture raises concerns: (1) Multi-jurisdictional custody complexity (US, Singapore, Hong Kong), (2) Justin Sun/HTX association controversy, (3) Governance failures with DAO bypassing, (4) Monthly attestations (not full audits) from ChainProof. MiCA classification uncertainty adds regulatory risk. MakerDAO proposed offboarding signals institutional concern.

Historical Incidents

BitGo Announced Joint Venture for WBTC Custody

medium

2023-11-08

BitGo announced a joint venture with BiT Global to diversify WBTC custody arrangements. This raised concerns in the DeFi community about custody centralization. The transition was completed with continued BitGo oversight.

Resolution: Joint venture operational with BitGo maintaining oversight

Zero-Proof Vulnerability in HSM Firmware

high

2022-12-01

FireBlocks discovered a critical vulnerability in BitGo's HSM firmware allowing private key extraction. The vulnerability was in the zero-knowledge proof implementation. Patched February 2023 after coordinated disclosure.

Resolution: Vulnerability patched and disclosed February 2023

Data Breach by INC_RANSOM Threat Actor

medium

2026-02-01

BitGo experienced a data breach attributed to INC_RANSOM threat actor. Impact scope under investigation. Custody operations not affected.

Resolution: Under investigation

Proof of Reserves

Methodology

customer verifiable

Frequency

annual_soc

Auditor

SOC 1 Type 2 and SOC 2 Type 2 (annual); Customer API/Merkle tree verification

Limitations

  • SOC audits are annual, not monthly
  • Attestations are not full financial audits
  • Relies on BitGo's internal security practices
  • Limited transparency on merchant operations

Supported Assets

W

WBTC

Wrapped Bitcoin

Jurisdictions

Available

USEUSGUKJP

Quick Links

Official WebsiteContract Registry

Disclaimer

Risk ratings and regulatory information are for educational purposes only. Always conduct your own due diligence before selecting a custodian. Not financial or legal advice.