Balancing security with the day-to-day operational reality:
HARDWARE WALLETS, KEY MANAGEMENT AND CUSTODY
In 2020, we saw numerous renowned institutional investors and companies, including PayPal, Guggenheim Investments and BlackRock, diving into the lucrative opportunities of digital asset investments. And as the ecosystem continues to mature and enhanced regulatory frameworks are put in place, the number of investors exposing their portfolios to this emerging asset class is increasing. A report published by HashKey Group, a leader in digital asset management solutions, predicts that 2021 will be a tipping point, where institutional and professional investors “go from evaluating the opportunity to acting”.
However, the issuing, securing, trading and regulation of digital assets, especially on an institutional level, requires not only new technologies but also an interoperability between various components as well as legal frameworks and industry-grade certifications of the underlying software and hardware. In other words, it requires trust and a holistic approach comprising the technological, regulatory and business perspectives. And this approach calls for robust infrastructure.
RIDDLE&CODE’s Token Management Platform (TMP) is a cloud-based platform that manages all aspects of key generation, custody, regulatory compliance and token management with unmatched versatility and security in the energy, finance, material and mobility sectors. Among other components, the platform consists of robust hardware devices and provides institutional-grade key management and custody services.
Hardware wallets for professional trading in the financial markets need to go beyond the “normal” consumer wallets. The institutional-grade hardware wallets need to:
- enable flexible and future-proof crypto module design
- rely on hardened protocols
- harmonise the need for security with the practical day-to-day reality that needs flexible processes (e.g. independent from location, time or a single person signing off transactions)
- have a set-up that is not limited to transaction processing but serves as a key element to establish policies, drive governance and enforce audit trail requirements.
In order to guarantee that the client has full control over the transaction authorisation and signing process, RIDDLE&CODE developed hardware-based Approval Devices that serve as wallets. These hardware devices are used for authentication and access to the web interface, to identify users and their roles in operations and for providing secure transaction approval capabilities.
Each Approval Device is secured by its own cryptographic identity, with the capability to limit the access and management of operations, settings and policies. All communication channels between the devices and the core components of the TMP are hardened and encrypted.
The devices are held by the client on-premises and by the authorised personnel of the organisation. With the number of institutional investors increasing and the volatility of the market, Approval Devices allow clients to automate and co-sign transactions in real time as well as control their assets without compromising security.
KEY MANAGEMENT — COVERING ALL ASPECTS OF GENERATING, SECURING, EXCHANGING AND REVOKING KEYS
Since keys, public and private, act as a representation of indisputable identities, ownership of assets and proof-of-origin, the TMP provides all aspects to:
- create keys in a secure and auditable way
- manage keys and related processes within a trusted and confidential environment
- perform value or metadata transactions in a manner that meets the throughput and frequency requirements of mature industries
- enable revocation/withdrawal and re-creation of keys in the framework of key restoring and disaster management.
There are various ways to perform a key ceremony. RIDDLE&CODE’s choice is to use the crypto chips within Approval Devices to securely produce the randomness used to generate the seed and eventually the keys to controlling the digital assets. After a key is generated, it is split into shares and distributed among an authorised quorum of the key ceremony participants using Shamir’s Secret Sharing scheme.
Shamir’s Secret Sharing (SSS) is an algorithm formulated by a renowned Israeli cryptographer, Adi Shamir, in 1979. SSS allows multiple parties who don’t know or trust one another to store and safeguard private and sensitive information, making them resistant to accidental data loss and malicious attacks (both internal and external).
Every Shamir sharing scheme has a total number of shares and a threshold. Each share represents a sequence of 33 English words. The threshold is the minimum number of shares necessary to reconstruct the secret. For instance, with five shares and a threshold of three, you need three of the five shares to reconstruct the original secret. The order of shares is not important; however, if there is anything less than the defined threshold, the key can’t be reconstructed. Shareholders never know how many other encrypted shares are in a secret. If a shareholder dies or loses their share, the other members can still reconstruct the key.
In addition, the Token Management Platform ensures that the entire process, from key generation and backup to key recovery, is entirely managed by the client. All key management-related operations are secured within the Trusted Execution Environment (TEE).
The Token Management Platform combines hardware and software with a set of innovative features and functionalities to enable regulatory-compliant and secure custody services.
Three fundamental components underpin the platform:
- Security by design, with the implementation of leading security techniques, such as secure multiparty computational technology, role-based approval schemes, the Trusted Execution Environment and ISO 27001 certification.
- Built-in APIs for interoperability with legacy systems and third-party services in order to achieve and maintain regulatory compliance.
- Technical and operational flexibility to keep pace with the ever-evolving market.
Here at RIDDLE&CODE, we constantly strive to improve our software and hardware architecture to meet even higher security standards and provide superior usability to our clients.
The next stage of development will focus on building features such as:
- next-gen secure multiparty computation and implementation of post-quantum algorithms for transaction signing
- integrating extensive trading interfaces
- connecting the platform to brokerage and exchange systems
- integrating third-party products and protocols to enable DeFi lending and access to decentralised exchanges directly from RIDDLE&CODE’s wallets
- implementing new cryptographic elements and primitives to extend the number of supported algorithms (e.g. NIST-P256K1, Schnorr signatures and Ed-25519)
- integrating third-party staking providers and enabling staking directly from RIDDLE&CODE’s wallets
- combining main and side chains to reduce transaction fees
- developing an end-to-end tokenization process for non-bankable assets and physical objects
- standardising existing tokenization capabilities and developing a self-tokenization portal for customers
- enabling confidential transactions for OTC trades or brokered trades (e.g. for high-net-worth individuals and funds).
Finally, we hope that the TMP will help custodians with outlining their path to secure and regulatory-compliant digital asset management and open the gates towards the tokenization of non-bankable assets and micro-investments.