How many hacks have you observed throughout your experience in crypto?
You see the news every week and big hacks are roughly made every month or two. Remember Mt.Gox (2014, $487mln), BitFinex (2016, $72 mln), CoinHeck (2018, whopping $534mln). The numbers are cosmic and the reason is the same. Internet!
Crypto despite being created as a technology generate the needed privacy and security of your assets ensured by the Consensus algorithm. But, in order to connect each participant of the blockchain network of any cryptocurrency you will be using classic Internet protocols. This is the place where it all fails and this is the reason of all major hacks and attacks on the personal wallets.
But, crypto has been designed to increase the security levels as far as you can because you possessions are simply a pair of keys and in order to execute transactions you just need to sign transaction with your private key and push it into the network.
Inspired by all the hacks made throughout the cryptocurrency history, the community has came up with the cold wallet concept. In simple terms it is a storage of your keys which is not connected to the Internet. It could be paper, hardware, PC software and so on.
They all have their drawbacks and benefits. And we hope that we have found the golden mean and it is turning ANY mobile phone into a cold wallet with a very broad functions. We are glad to present Ducatur ColdCrypto wallet! Here’s the description:
1. Module structure
The program will be split in two main interfaces: web and mobile. The mobile part will be used as a key storage and generator so your keys won’t go anywhere from your personal device. The web part of it will be directing the transactions to sign to the mobile part through secure protocols that will be described in the second part.
Main functions on the web will be:
- View and send transactions
- Create new wallet
- Swap assets
- Interact with the contracts
- Check transaction status
- Broadcast transaction (pushing to the network)
All the transactions created on the web will be signed by the smartphone app and managed by the web part. Your funds are safe because once the transaction is signed it is impossible to extract the private key out of it, so anything web part can do with it is broadcast it to the network or decline, no more.
We are planning to include much more than just Ethereum or Bitcoin blockchains. The first goal is creating a cold wallet for BTC, ETH(+tokens), EOS(+tokens) and NEO(+tokens) and more chains which are being discussed right now.
Let’s dig deeper into some of the functions. One function that we are the most excited about is interaction with the contracts. We are going to create an ability to call any possible function from any possible Ethereum contract. Moreover, we are going to include:
- Deploying contracts for different networks
- EOS voting and RAM trading
- Interaction with the NEO contracts
By swapping assets we mean including exchange functions into the wallet to one of the most secure ways to trade your crypto.
2. Signature algorithms
WebRTC connection
All transactions are generated in the web part. Web part supports connection with blockchain nodes and updates states when new transactions/events are made on the chains.
Then there are two types of connections that can be made with your smartphone.
1. Handshake server
This connection is performed through the mediator handshake-server which serves as a WebRTC secure P2P connection provider between the web part that generates transactions and mobile part which provides signatures. The scheme provided is read top down.
2. Connection through the camera
This algorithm is based on the exchange of QR codes with different identifiers to establish a secure P2P connection.
Signature process for the WebRTC connection
Once two devices are securely connected to each other, we can start signing the transactions which is again done with the QR-codes.
Basically this is how it all works. We have two more connection algorithms to announce and it will be done on Ducatur Twitter.
Since the whole cryptocurrency sphere is completely new to the community, there are lots of hackers who want to make profit out of this technological puberty. But, the technology is developing and more ways of securing yourself are emerging.
