ChainFront was founded in May 2018 by Alan Warms and Darryl Anderson to create software to enable blockchain-based applications. During a blockchain consulting engagement for a top 10 ecommerce company, Warms and Anderson realized that mainstream end-users and corporations would never accept the notion of unrecoverable private keys. End users, including companies, accredited investors, and consumers, do not want to manage their own bank and security; and do not want to be responsible for the backup of a 36 character hexadecimal key or the storage of long pass-phrase mnemonics. Sponsors of permissioned blockchain networks do not want the extra burden of ensuring private key security across hundreds or thousands of participating organizations. As a result, crypto wallets simply will not work for the company or consumer participating in a blockchain network application. Eliminating the wallet allows blockchain network participants to work with familiar means of authentication and recovery: user names, passwords, various forms of multi-factor authentication, and implicit (service to service) where appropriate. Today ChainFront supports Bitcoin, Ethereum, Ripple, and Stellar.
The ChainFront API-as-a-Service product was created to solve this problem for any type of blockchain application:
- Consumer applications
- Asset tracking and provenance
- Supply chain management
- Cross-border payments
- Loyalty points
- Asset tokenization
- Cryptocurrency exchanges
- Non-fungible tokens for consumers (NFTs)
- And any other application that requires a private key to sign a transaction
For companies who want to offer their partners and customers access to blockchain solutions without requiring them to manage private keys, ChainFront is a RESTful API as a Service product that enables easy integration to permissioned and public blockchain networks. Unlike other blockchain integration services, ChainFront eliminates the need for end-users to secure and manage their own private keys, using simple MFA flows via Authy or TOTP to identify transaction signers. ChainFront’s simple yet robust API allows participants in blockchain networks to focus on business logic vs. the complex transaction syntax and elliptical curve math that is prevalent in various blockchains. Network participants can easily create applications to connect to the ChainFront endpoint without a) understanding the particulars of given blockchain protocol and b) worrying about private key storage and management. ChainFront is designed to be extensible to private blockchains such as Hyperledger Fabric and R3 Corda.
ChainFront uses a code-loading, cloud-based virtual Hardware Security Module built upon Vault by Hashicorp to provide secure centralized key storage and multisig transaction signing in the cloud. Private keys are created within a secure-enclave in the cloud and are never transmitted outside of this enclave. The ChainFront API also includes easy to use integrations with different types of multi-factor authentication techniques. Today ChainFront works with Bitcoin, Ethereum, Stellar, and Ripple.
In addition to securely storing private keys and enabling transaction signing with MFA integration, the ChainFront API also makes it easy to execute transactions by doing the heavy lifting required to, in Bitcoin as one example, estimate likely fees and submit a transaction. ChainFront also provides advanced analytics and queuing, mitigating the risk of various blockchain outages while enabling developers to abstract their code development away from any particular blockchain.
- Create accounts and transactions on Hyperledger Fabric, R3 Corda, Stellar, Ripple, Ethereum, and Bitcoin blockchain networks
- Support complex multi-party approval workflows, or simple implicit approvals
- Transaction approvals via MFA push approvals (Authy), TOTP codes, or implicit
- Rapid integration via robust REST APIs and SDKs. ChainFront handles queuing, fee estimation, monitoring
- Execute blockchain transactions via simple REST API calls
- All cryptographic operations and private key material generated and used only inside secure enclave, no ability to export externally
- For additional security, typically all transactions also require signature from private keys residing in additional secure enclave owned by ChainFront
- Scalable, reliable, secure, and performant microservices architecture hosted in AWS
- Multi-regional backup of secure enclave that houses private keys
- Optional direct private subnet-to-subnet connectivity available via AWS PrivateLink
- Support account recoverability via username, password, and phone number (no need to remember private keys)
ChainFront is comprised of a REST API layer, a self-service developer portal, a secure enclave for all cryptographic storage and operations, and a collection of flexible microservices.
The primary programming languages and runtimes include Java, Kotlin, Go, and React.
The following table outlines each of the major components in the platform:
Each component of ChainFront is architected with minimal coupling. This allows for future flexibility in switching implementations. For example, customers with security policies requiring the use of HSMs for private keys may wish to replace the ChainFront HashiCorp Vault plugins with a code-loading HSM (eg. Gemalto or Thales) or Intel SGX. Customers with RSA SecurID deployments may wish to replace the ChainFront TOTP implementation with hardware tokens. Each of these are designed to be straightforward and pluggable.
For more information about ChainFront, visit chainfront.io or email us at email@example.com.
Originally published at chainfront.io