ONLI Security Analysis

Mar 13, 2018 · 6 min read

ONLI tokens are designed to store value, move it around and keep it safe. ONLI is a platform not an asset class like Bitcoin. It is the plumbing not the water. ONLI is not a fork of any other technology. ONLI is not open-sourced. ONLI asset backed tokens are created by licensed developers only.

We began nine years ago working on a completely different approach to value management. At the time we had some philosophical differences with the direction of the then completely unknown “blockchain space”. Today seems like everyone knows about blockchains. We went in a completely different direction then and one of the core reasons is security. In the Open Data Economy, where value is built around aggregating micro-work, security is inimical to economic development. However in the FinTech space security and data integrity is job one because losing money is not quite the same as losing photos.

The ONLI platform does not have wallets in the classic crypto sense. Cryptocurrencies in general, store cryptographic keys that grant access to modify and make an entry on a ledger. ONLI tokens each have their own individually evolving blockchains and thus a transaction is defined as a change in ownership of a individual blockchain rather than a key that allows a modification of an entry in a ledger. This distinction is important to understand to insure you are comparing apples to apples rather than apples to cucumbers.

ONLI tokens are stored in a private encrypted container called a vault, and are kept secure during transmission between vaults. The high level of security and safety provided by ONLI tokens are realized as a result of the core principle, architecture and security implementations. The core differentiation of ONLI is a result of how the architecture functions. The ONLI architecture is the result of the economic theory of actual possession. Specifically, actual possession creates many opportunities to reduce the number of attack surfaces exposed during a financial transaction.

Attack Surface Minimization

When thinking of security there are some fundamental concepts you need to be familiar with.

Attack Surface is defined by Wikipedia as the sum of the different points (the “attack vectors”) where an unauthorized user (the “attacker”) can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure.

Reducing the attack surface is accomplished a number of ways:

1. reduce the amount of code running (turn things off)

2. reduce entry points available (have a single point of entry)

3. eliminate services that are used by relatively few users (specialize, specialize, specialize)

In the context of security, there are two states to Data, Data at Rest and Data in Transit. Data in transit, or data in motion, which is data actively moving from one location to another such as across the internet or through a private network.

Data at rest is data that is not actively moving between devices. If data is truly at rest, and need not be accessed, the best solution would be to literally turn off at least the software, if not the hardware on which the data resides (principle #1 above).

To understand how these first principles relate to ONLI, we must first understand why entire classes of security problems usually associated with crypto. This is a result of the simple fact that ONLI is based on the economic theory of Actual Possession, instead of ledgers in a Custodial Possession philosophy.

Actual Possession

From the Onli blog discussion of actual possession vs custodial possession

The economic theory of Actual Possession predates Custodial Possession and is defined as “what most of us think of as possession — that is, having physical custody or control of an object” (United States v. Nenadich, 689 F.Supp. 285 (S.D.N.Y. 1988). When we are in physical possession there is no custodian that manages or possesses the object on our behalf.

In the ONLI system, actual possession refers to tokens being exclusively stored in a cryptographically secured container called a ‘vault’. This vault is a high-performance, encrypted key-value store, that is accessible by a single user. This vault can be stored on any device the user wishes, from a mobile phone, to a desktop computer, to a usb stick, or any other storage device accessible and authenticateable by the ONLI client device. The user/owner of the vault can literally have physical possession of the device storing the vault and therefore the tokens themselves.

Optionally, exchanges can provide a service to maintain these private vaults for their users on centrally managed and maintained servers.

Data At Rest

Encryption is the first line of defense for data at rest. The ONLI vault is accessible only by it’s owner, and every item stored in the fault is encrypted with it’s own private key. This vault can then be stored on a device that is itself encrypted (recommended).

The first principle of reducing the attack surface is to reduce the amount of code running. With ONLI’s implementation of Actual Possession users have the power to reduce the attack surface of their vault ot zero: Turn off the device (or place the device in a faraday cage) that has the vault containing their tokens.

In the case where users entrust their ONLI Vaults and Tokens to the ONLI Treasury, the attack surface is minimized to a single entry point for the Vault (the treasury service) that is accessible only over a TLS/SSl encrypted connection that uses bi-directional authentication. In traditional TLS handshakes, clients (in this case the ONLI treasury) authenticates the server (here, the ONLI Vault). In the ONLI implementation, the server also authenticates the client, before the client is allowed to proceed, creating in affect a secure, bi-directional, encrypted private tunnel between the treasury and the vault.

Data In Transit

When ONLI tokens must be transferred between Vaults (Buy, Sell, Transfer), this encrypted private tunnel is used for the transmission of the actual ONLI tokens. In the case where these tokens are stored on a remote device, the user/owner of the vault has a private client certificate issued at the time of account creation. This private client certificate is associated with the user and stored on the local device’s key chain. This private client certificate is used to create the same TLS/SSL encrypted connection that uses bi-directional authentication as that used between the ONLI Treasury and ONLI Vault on the server.

Every time the user logs in to the ONLI Service, the client software uses an out -of-band secure channel (using the user’s private certificate) to communicate with the ONLI-U authentication service. The login message delivered to the ONLI-U service is the users single-use blockchain DNA, that evolves every time it is used. Once the user is authenticated over the out-of-band channel, the client application can proceed with creating a private, encrypted connection with the ONLI Treasury and proceed with the transfer of tokens.

The transfer of tokens between users or between the treasury and user always results in a cryptographic re-calculation of each tokens ‘DNA’ or blocks, and the association of a secret hash value with the token. This new private key is held in the token recipient’s vault and will only be exposed the next time that specific token is sold or transferred. The token and its secret hash are transferred over a secure, encrypted channel, and once at rest at the end of the transfer, the DNA again evolves with generation of a new secret hash.

The Third Principle

The third principle of attack surface reduction is to eliminate services that are either used infrequently, or used by relatively few users. The ONLI Marketplace publishes a single service to ONLI applications: that is the ability to Buy/Sell/Transfer tokens. It exposes a single, non-standard port, and the Marketplace address itself is never published on DNS. It can be configured to reprogram it’s IP address, and every client has a unique, private set of certificates used for encryption. The ONLI system therefore has an incredibly small and dynamic attack surface. The ONLI system also has the unique ability because of Actual Possession tokens set the attack surface to zero: the storage device can be turned off, or air-gapped.


ONLI is a stable platform that clients have had up and running for over 6 years. ONLI isn’t just a blockchain, it is a complete suite of tools to build secure blockchain applications. It includes a custom database, a private transfer protocol, ownership management, value management and user identification system. The encryption features of the ONLI Vault (storage), ONLI Treasury (ownership management), and the high-security authentication and encryption features of the ONLI-U system, further minimize the security risk for Fin-tech implementations using ONLI technology. ONLI is an elegant solution for secure value transfer, management, and ownership.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade