VESwallet is a recently released Ethereum wallet based on the MyEtherWallet / MyCrypto open source code and integrated with VESvault.com end-to-end encryption APIs.
A NEW PARADIGM
VESwallet is now available as a Chrome extension, mitigating the risk of phishing attacks. With phishing removed, the unique benefits of VESwallet put it on par with hard wallets in terms of safety and security, and in some ways make it superior.
Hard wallets have always claimed superiority over soft wallets because of reduced risk of phishing and malware. With phishing removed, malware remains the last bastion of superiority. However, the malware vulnerability can also be addressed by running the browser version of the wallet on an offline computer, especially with a standalone secure operating system such as Tails.
With phishing removed from the equation, the comparison between hard and soft becomes a different discussion in light of the unique attributes of VESwallet.
We define safety as minimizing wallet loss due to key, PIN, password, hardware or Seed loss. Security is defined as minimizing the risk your wallet is accessed without your consent.
PROBLEMS WITH HARD WALLETS
In particular, there are three areas of hard wallets to consider: two single point vulnerabilities that are security disadvantages and a very low level of backup redundancy that creates a safety disadvantage.
There is only one hard wallet. If it is lost, the Seed is usually the only means of recovery. If the PIN to the hard wallet is lost, the hard wallet is useless and the Seed is once again the only means of recovery.
This makes the Seed the only redundancy; the only backup if either the PIN or the hard wallet is lost, broken or stolen.
The solution would be to have many copies of the Seed in many separate locations to ensure at least one copy survives flood, fire, theft or loss. The problem with this, however, is that the Seed is a single point vulnerability. It contains all the information needed to access the wallet. As such, it must be protected to an extreme level and the fewer copies, the better.
So, there’s a paradox with the Seed with the answer being to only have as many copies that can be stored in extremely secure personal safes or bank safe deposit boxes. Not many people have access to multiple super secure locations. It’s reasonable to assume that most Seeds are underprotected, or there are very few copies and hence redundancies.
The second single point vulnerability is based on the probable co-location of the hard wallet and the PIN that unlocks it. If the PIN isn’t committed to memory, it is probably written down somewhere close to the computer or possibly stored in the computer itself.
THE VESwallet ADVANTAGE
In contrast, the proper use of VESwallet and VESvault has no single point vulnerabilities and allows for a much higher level of redundancy without creating security issues.
The wallet password is indirectly encrypted by the user’s VESkey and stored in the cloud. The wallet private key, which is encrypted by the wallet password, is stored locally. Neither is a single point vulnerability.
Since the encrypted private key is stored locally, multiple copies can be made and stored in various locations without the requirement of being in a safe or safe deposit box. If a nefarious actor were to gain access to a copy, it is useless without the wallet password to decrypt it.
The wallet password, on the other hand, is encrypted by the user’s VESkey and stored in the cloud with user’s VES network as a means of recovery. Even if a hacker were to brute force decrypt the wallet password, it is useless without a copy of the locally stored encrypted private key.
If the VESkey becomes lost, the user’s properly set up VES network of friends can enable VES recovery with an extremely high reliability.
For example, even with a small VES network of just 5 friends who each have 5 more unique friends, the odds that the user will lose their VESvault items, including the wallet password, are be about 1 in 3.4 billion — based on the probability that any single person loses their VESkey being 25% and 2 of 5 friends are required to recover any single user’s lost VESkey.¹
In summary, the VESwallet configuration allows for a much higher level of redundancy than a hard wallet without creating a single point vulnerability or security issues. Depending on how much risk is assigned to malware and how it is dealt with, VESwallet can be both significantly safer and more secure than a hard wallet.
¹ Go to https://www.vesvault.com/fun-math to use the interactive VES recovery probability calculator. VESvault Corp cannot recover any keys or encrypted content. It is entirely, 100%, up to the individual user to setup and rely upon their individual VES networks to enable VES recovery.