Case Study: StorageTokenIO
StorageTokenIO (fictional) has announced they are launching a project to provide inexpensive data storage by taking advantage of the vast amount of unused hard disk space in corporate and consumer devices. They are launching a new coin, called StorageToken, that will be earned by “miners” providing storage to the market. The company has developed complex algorithms to ensure redundancy of storage and a robust internal market for StorageToken in order to facilitate transactions of storage. All consumers of this service, i.e., those that seek to purchase storage, will use StorageToken to purchase storage. As a result there will be a robust set of USD-StorageToken exchanges to enable consumers of the service to purchase in dollars.
StorageTokenIO requires thousands (if not tens of thousands) of market participants to be successful — both providers of storage and consumers of the storage devices. Each participant must use an on-device crypto wallet in order to transact with the StorageTokenIO system.
- StorageTokenIO quickly realized that this new requirement of on-device crypto wallet adoption was an additional, significant, barrier to adoption on top of the usual challenge of new customer acquisition.
- StorageTokenIO developers realized that the sheer scale of this implementation across so many individual wallets posed a challenge in terms of security and the need to head off “spear-phishing” attacks
- Additionally, the scale would pose potential issues in terms of transaction sequencing, latency of wallets and connection speeds, and blockchain latency and uptime.
- Many providers and consumers of the service would be larger entities, each providing multiple blocks of storage; but there would also be smaller entities and consumers would also be a market.
- Many transactions would be high volume and should be automated based on rules and algorithms vs. requiring individual to individually approve
StorageTokenIO realized that requiring all participants to use on-device crypto wallets would be significant barrier to adoption and would make development of underlying system more insecure, complex and difficult.
StorageTokenIO adopted ChainFront Cloud Service (CCS) to resolve these issues. Using the CCS, StorageTokenIO was able to make the use of crypto technology completely invisible to the entities, as well as algorithmically send high volumes of transactions. Entities will authorize with ChainFront via OAuth 2; entities will approve transactions via multi-factor authentication (MFA).
How it Works
- As part of setup, StorageTokenIO worked with ChainFront to establish a set of security roles and rules for their market participants.
- StorageTokenIO devs are provided API credentials to access the ChainFront APIs. They are also given access to full audit logs to track activity.
- StorageTokenIO devs use the MFA API calls of ChainFront to enable MFA approval for consumers and suppliers of storage.
- Private keys are set up within the secure storage area of Vault using the CCS APIs. The private keys never leave the secure area.
- StorageTokenIO and market participants uses provided APIs to programmatically sign and execute transactions on required by their application. While the public signed transactions are transmitted across the internet, the private keys never leave the secure area.
- ChainFront configures multiple geographically distributed storage areas that will hold the private keys within Vault. Cold storage will also be used as additional security measure.
- ChainFront also automatically queues transactions to the extent the blockchain ever goes down or experiences latency of any sort.
By using ChainFront, StorageTokenIO suppliers can fully participate in the asset tracking project without any exposure to private keys or digital wallets. On-device crypto barriers to adoption have been eliminated. StorageTokenIO did not have to spend cycles on a on-device wallet solution.
Originally published at ChainFront.