A Wallet in Gear Knows No Fear
An all-inclusive web wallet Swap.Online integrates KeyChain by Array.IO to offer its users extra security in signing transactions and managing private keys. Is your wallet as protected as Swap.Online?
Hacks. Malware. Cyber deterrence. These are not words from shocking news on the TV — unfortunately, these are mundane concepts from everyday reality for us (i.e. people reading blogs like this one, hence interested in tech and actively using it).
How do you keep your money safe?
You use cybersecurity products.
For web wallets the threat is evident — most of them cannot guarantee the security of clients’ private keys, so they add disclaimers that warn users to store their keys somewhere else. One of the reasons for creating KeyChain was to help our fellow developers have a tool that will solve precisely that problem.
One particular group of developers, who are behind the Swap.Online web wallet have decided to integrate KeyChain into their system. With this post, we will uncover the story of this successful (and non-commercial, by the way) merger.
Security begins here
You have probably already read about Array.IO’s KeyChain — a highly secure key management app that allows to sign transactions and store keys in an isolated environment, protected with three layers of security and AES cryptography. While this is an absolutely reliable and solid security vault, its scope is best realized when integrated with a signature-dependent system.
And this is where Swap.Online comes in — a unique web wallet which maintains complete decentralization with the help of atomic swaps, allowing its users to exchange money without a third party involved. Swap.Online is also a very friendly wallet which does not charge any transaction fees nor put a limit on your account. It supports fiat and is licensed to provide services of exchanging a virtual currency against a fiat currency. In addition to this, it maintains real anonymity and unique KYC/AML neutrality. The list of its features goes on and on, and now, with KeyChain, Swap.Online gained new ones.
New features that Swap.Online gained with KeyChain
- Total security of private keys when they are being used or simply stored.
KeyChain can be used not only as an integrated security module for web wallets, but also a separate app for key storage and management. It keeps the keys in an isolated environment, protecting them with cryptographic algorithms, OS-specific enhanced security factors, and a unique architecture. The architecture implies three security layers that protect each process from malicious attacks on every step that they go through.
Here you can find a complete in-depth analysis of KeyChain security features. We have also written about it here in a more relaxed manner, but sticking to the facts. Under those links you will find explanations and diagrams which show the functioning of the system in every detail. - Signing Ethereum and Bitcoin transactions under a protective shield.
Now Swap.Online users can send and receive Ether and Bitcoin knowing that their keys are absolutely safe.
Today, KeyChain is a solution tailored for Ethereum and Bitcoin. In the future, it will engulf other blockchains as well. But in this release, the two most iconic blockchains had our undivided attention. - Key management as a plug-and-play service.
The users can store their keys in KeyChain and use KeyManager to navigate between the keys. The KeyManager allows to create a new key and ascribe a cipher and a password to it.
How Swap.Online integrated KeyChain
The integration could not be easier. The Swap team simply downloaded KeyChain and followed 4 easy steps!
- Install KeyChain for macOS or Windows.
- Check if KeyChain is installed by going to the demo-page.
- Install web3override library from this source and use web3 overridden function with KeyChain.
…And enjoy the result!
As you can see, now Swap.Online has a button “Use KeyChain” which activates the KeyChain shield in all the forthcoming transactions of this session. If KeyChain is not pre-installed, a user gets a link to download and install it. After installation, he/she can return to Swap.Online and activate KeyChain.
To make an Ethereum transaction, a user follows the usual procedure, except that he/she signs the transaction in KeyChain windows that are automatically displayed along the way.
The transaction goes through the KeyChain’s signing module which works simultaneously with the Secured input module that uses an OS-specific security mechanism. The Secured input module protects the passphrase from key grabbers and malware.
And only after these steps are taken (which, by the way, takes only a couple of seconds), the transaction can be broadcasted.
A user can check if it was successful in Etherscan.
KeyChain is a new generation cybersecurity product that has more applications than being a shield for private keys in web wallets. It can be used to protect any signature-dependent system — it can even be integrated into you smart house or your company’s accounting ledger, or even a car. There are so many use cases out there, and we anticipate meeting them with great excitement.
You can find more cool stuff at KeyChain website, wiki or documentation. What kind of stuff? — Well, how would you like a step-by-step guide to signing an Ethereum or a Bitcoin transaction? This is just a teaser, come and see for yourself.
And one more thing…
It was incredibly fun working on KeyChain and integrating with Swap.Online, and we would like to do it again some time. If you feel that you might give it a go with KeyChain, just download it or contact us if you need a tailored solution. That’s what we’re here for — to foster security, develop new products for the better of mankind, and have fun.
Yours,
Array.IO and Swap.Online teams.
