How Braavos improves the security of your crypto assets.

Recently, Vitalik Buterin, co-founder of the Ethereum project, expressed the following thoughts on security in DeFi. He wrote the following:

Your job as a DeFi specialist is not to give people 5% profit instead of 3% profit. Your job as a DeFi specialist is to minimize the likelihood that your users will get a negative 100% profit

Indeed, this is a problem. For example, in the second quarter of 2023, digital assets worth more than $300 million fell victim to cryptocurrency hacks and exploits, according to CertiK, a blockchain security company. $11.5 billion in various cryptocurrencies were lost by their owners in 2022 as a result of hacks and fraudulent schemes. In early June of this year, the largest hack of the year occurred — an attacker stole more than $100 million from users of the Atomic Wallet crypto wallet. These figures are impressive.

If we return to the security of crypto wallets, there are currently the following ways to protect accounts:

Seed phrases

A seed phrase is a 12- or 24-word code that users are supposed to store in a safe place.
It is a notorious UX problem because it is subject to phishing attacks and is often lost, causing users to lose money.

Hardware wallet

A hardware wallet provides strong security, but is very difficult for ordinary users because it is another physical device that needs to be ordered specially, it is expensive, and users need to learn how to use it.

Are there other options? Yes — Hardware Signer

The Hardware Signer presents the first step in our journey to improve crypto user experience and make it much more accessible and secure for everyday users, while not compromising on decentralization and self custody.

So what is the Hardware Signer?
The Hardware Signer consists of two parts:

• The secure sub-system in users’ mobile device
• The account smart contract which can run arbitrary logic
  (a.k.a Account Abstraction)

The Hardware Signer utilizes the secure subsystem built-in in users’ device — iPhone’s Secure Enclave or Android Phone’s Titan HSM — to protect the account.

The Secure Enclave / Titan chip is a dedicated and isolated sub-system, totally separated from the application processor, that can generate private keys and sign messages. It generates the keys using an internal True Random Number Generator (TRNG) and signs messages over the NIST-P256 elliptic curve (secp256r1) via its internal Public Key Accelerator (PKA). The private keys never leave the secure system and are unknown and inaccessible to anyone, not even to the user, or to the application itself.

This means that even if the device application processor kernel becomes compromised, user keys stay safe!

How it works in Braavos

Braavos uses an account abstraction. It has two components:

• The client side (e.g. the application) that allows the user to review/sign transactions and send them to the chain.
• The chain side — an account smart contract that can run arbitrary logic; and in our case, run arbitrary signature verification logic.

The application signs the transaction using the mobile device security module and then sends it to the account contract on-chain that can verify it.

As mentioned above, the security module on iPhones and Android phones uses a cryptography called NIST-P256 (secp256r1), which is not compatible with any major blockchain cryptographic scheme, including StarkNet.
This is why having a smart contract account on-chain that all transactions go through and can run arbitrary logic is crucial in utilizing these hardware secure modules on iPhones and Android phones.

How does the user approve the transaction?
Can a malicious application auto-sign a transaction without the user’s consent?

No, that’s impossible.

The cool thing about the built-in security module in mobile devices, such as the Secure Enclave, is that it supports, intrinsically biometric authentication of the user identity.

This means that even the actual approval to sign a transaction is done directly versus the Secure Enclave. This means that the transaction approval, which is done via the user fingerprint or face identification, does not go through the application.

If no one knows the private key, what happens if the device gets lost or becomes bricked? How can the user gain back control of the account?

In Braavos, when the user has enabled the Hardware Signer feature, an account will have 2 public keys:

1. The Hardware Signer key that will be used to sign all transactions
2. The key derived from the seed phrase that can only sign one transaction — a “Request to remove Hardware Signer”

This request to remove the Hardware Signer won’t be executed immediately, but rather will have a time delay of 4 days (configurable). This delay allows the user to use the Hardware Signer to cancel such a request.
This means that if the device gets stolen, lost or bricked, users will still be able to recover their account once the 4 days delay period ends.
However, if their Seed Phrase gets stolen and an attacker issues a request to remove the Hardware Signer, the user will automatically (and repeatedly) get notified and will be able to cancel the request and keep all of the assets safe.

It should be noted that all this works in the mobile version of the wallet. This is where you can apply the account abstraction.

Conclusions.

The Hardware Signer feature offers both state-of-the-art security level for crypto users and the experience users are used to from web2 solutions. In this sense, signing a transaction is as smooth and worry free as paying with Apple/Google pay.

This is just one, yet prominent, example of the power of smart contract based wallet (a.k.a Account Abstraction) and the new design space it enables.

If you want to learn more about Braavos, visit https://braavos.app/ and the blog https://braavos.app/blog/

The article was written by — Aleksander100