Open in app

Sign in

Write

Sign in

How the 4 Levels of Braavos Security can help keep your cryptocurrency secure

Aleksander
5 min readApr 29, 2024

--

If you’ve been in cryptocurrency for at least a few months, you already realize that keeping your crypto assets safe is probably the most important thing in the industry. There are plenty of scammers out there, and they take advantage of the fact that it’s hard to find them and hold them accountable.

So where can you store your cryptocurrency? Let’s take a look at the options.

Online wallets and cryptocurrency exchanges.

This category includes all wallets that can only be accessed through a computer browser. They can be specialized online services for the operation or use of digital assets. In addition, online wallets include all accounts of cryptocurrency exchanges.

It should be taken into account that all user assets stored on an online wallet are under the control of the company that provides this wallet. Therefore, before you start using such a service, you should study it carefully to understand how reliable it is.

Browser Extensions

This is a lightweight software that is created as a browser extension. Such wallets are quite convenient to use. In the cryptocurrency market, there are services that can only be accessed through a browser wallet.

Unlike online wallets, they assume that the user himself must control the security of his device. If the computer is infected with malware, hackers can steal the entire contents of the browser wallet.

In any case, you need to save the private key to a separate media. Then, if necessary, you can restore access to the wallet via another device.

I would include mobile wallets in this category as well.

Hardware wallets

A hardware wallet is a small device that is designed to securely store private keys as well as conduct transactions. They are considered cold because they are not connected to the internet.

To make a transaction, such a wallet must be connected to a PC via a USB connector. Then you need to specify the amount and the recipient’s account. The sending itself is confirmed by pressing the physical button on the device.

A high-quality hardware wallet guarantees that private keys will not be stolen even if it is connected to an infected PC.

I think these are the three main ways that most people choose depending on their capabilities and needs. Well, browser wallets and mobile wallets are chosen by the majority.

Now let’s take a look at security. There are 3 main types of authentication for wallets:

  1. Something you know — a text password, PIN code, pattern, etc.
  2. Something you have — a physical device, such as your mobile phone or a YubiKey
  3. Something you are — a biometric identity, such as your fingerprint, face ID, retina, etc.

Most wallets use only the first method and that’s a problem. Because if you lose your password, seed phrase, you can lose your funds forever. But there are wallets that solve such problems and offer the best protection possible. For example, Braavos wallet.

To address these issues and provide better security and UX, Braavos wallet uses native Starknet account abstraction and low-cost computing.

Braavos wallet can offer 4levels of security. We can call it the Pyramid of account abstraction security. The Account Abstraction Security Pyramid is a hierarchy of security measures that a user can choose to protect their account.

Seed Signer

At the bottom of the hierarchy, we have the Seed Signer, which derives its keys from the 12-word mnemonic seed phrase used to generate all accounts’ keys for a wallet. This is a widely recognized insecure method as it often exposes users to phishing attacks, malicious software attacks, and forgotten phrases, among other things.

Despite being based on the weakest form of security, namely “something you know,” a Seed Signer is still the prevalent method used in self-custodial wallets to secure funds.

Passkey Signer

The Passkey Signer, which is available to Braavos Wallet browser extension users, represents a significant leap in secure digital transactions. Leveraging the highest level of security available on your device, this feature typically utilizes a dedicated security chip along with biometric authentication — such as fingerprint or face ID. However, in situations where biometric ID is not available or feasible, the Passkey Signer can alternatively use your screen-lock password. This flexibility ensures that, regardless of the method, your account gains a substantial boost in security without compromising the ease-of-use.

Hardware Signer

The next level in the pyramid is the Hardware Signer. The Hardware Signer utilizes mobile devices’ built-in security mechanisms in order to generate keys, authenticate the user with biometric ID and sign transactions.

There are 2 classes of security for the Hardware Signer:

  • Protected Signer, also known as Hardware Signer TEE — uses a special secure mode of the mobile processor
  • Hardware Signer — uses a dedicated isolated chip and presents the strongest level of device security mechanism

Both classes enforce 2-factor authentication (2FA), something you have (your mobile device) and something you are (your biometric ID). The Braavos wallet application will automatically choose the highest level of security available on the user’s device.

Multi-Signer

At the top of the pyramid, we have the Multi-Signer. The Multi-Signer combines the protection of the seed phrase on the browser extension and the Hardware Signer or Protected Signer using the mobile device.

Now two signatures from two different keys are needed in order to execute the transaction on chain. We get 3-Factor-authentication:

  1. Something you know — the key derived from your seed phrase on the extension
  2. Something you have — your mobile device
  3. Something you are — your fingerprint or face biometric identification

Note that although we added another Signer, we did not add another mnemonic seed phrase!

You can read more about how it technically works in this article:

Account Abstraction Security Pyramid

Unlock superior crypto security with Braavos Wallet's Account Abstraction on Starknet. Simplified, robust self-custody…

braavos.app

Braavos also ran a “Capture the Flag” campaign where he offered hackers the chance to take $150K from his wallet by telling them the seed phrase. Anyone who could bypass two-factor authentication (2FA) could access the funds and claim them as a prize. But no one succeeded:

Most Secure Crypto Wallet: Thousands of Hackers Failed to Drain $150k After Seed Phrase Revealed

As crazy as it seems, thousands of hackers tried to steal 150,000 USDC from a wallet that revealed its seed phrase and…

braavos.app

This confirmed the reliability of the methods used by the Braavos wallet. As a summary, we can say:

The Account Abstraction Security Pyramid is at the center of the Braavos mission. It sets a new standard for security and user experience because for the first time in cryptography, Braavos introduces true multi-factor authentication, a revolutionary feature that revolutionizes the cryptographic UX and opens the door for a new group of users to embrace crypto with self-storage solutions

Braavos
Braavos Wallet
Account Abstraction
Cryptocurrency
Starknet

--

--

Aleksander

Written by Aleksander

171 Followers

Hello! My name is Aleksander. I am into crypto. Sometimes I write articles about cryptocurrency projects and publish them here.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams