Meet Spatium Hybrid

The situation on the crypto market shows that storage solutions based on the one-point-of-failure concept are not worth a risk to keep funds in them. This statement is fair even for cold storages, which are represented as the most secure and convenient option in the industry: personal devices and hardware on the side of third-parties were compromised not even once. At the same time, exchanges and other companies are looking for ways to get rid of exploits, increase their reputation and quality of services, plus attract more audience, while users are seeking a way to keep their funds as safe as possible and stay connected to the liquidity and promo actions of exchanges to be ready for sudden market changes. With that said, we need a solution in which funds could be kept offline not in one place, yet fund’s owner could have full control over them from his device and have a connection with a crypto service all the time. We are building such a solution — it is called Spatium Hybrid.

How it works

In the core of our system is Spatium Protocol. It’s based on a variety of well-proven algorithms: Secure Multi-Party Computation (SMPC). The combination of these technics with biometry provides us with an ability to offer a secure, flexible, and easy-to-use solution without the private key and backups.

The private key is replaced with the set of secrets that are generated, stored and processed independently and never occur in one place. The secrets are generated directly from the user’s biometry with every single use. Biometric data is not stored anywhere and can’t be extracted from the secrets. Users can store the secrets on N devices on their choice. To perform any action with funds, the transaction must be signed by M-of-N devices (sounds like multisig but it's not). The signing process is off-chain, so it’s faster then on-chain solutions. Each secret has its own permissions and can’t be used to take actions with money without fund’s owner consent.

While, generally, we provide everyone with the opportunity to store secrets on N devices on their choice and be their own custody, we see Spatium Hybrid as a solution for those who want to share the responsibility for the fund’s safety with the professional-level Security Provider and be able to manage their funds very fast. The user can choose the entity he interested in from the list.

Spatium Hybrid uses two secrets:

Secret A is stored on user’s Wallet Device and is used to initiate transactions and manage funds from phone, desktop or watches.

Secret B, used for confirmations, is stored on the side of the Virtual Device (Security Provider). Such an entity can be a custodial service, centralized or decentralized exchange, bank or Spatium itself.

The process of work with Security Provider works as follows:

1. The user installs the Spatium software on his device;
2. Creates a wallet and locally generates Secret A with his biometry;
3. Chooses the Security Provider, which will keep safe Secret B, and sets permissions;
4. The institution receives a request and generates Secret B on its side. From this moment the user can perform actions with the funds;
5. Secret A can be used to sign the transaction, while Secret B on the side of the professional Security Provider will be used to confirm the transaction.

As the Security Provider has only its own secret with the specific set of permissions, no actions can be performed with funds without the user’s consent. If Security Provider will be compromised (hacked or secret will be stolen by employe), attackers still won’t have access to funds, as to gain access to funds they also will need a Secret A, stored on the users’ side.

Our system provides the ability to distinguish the responsibility over funds from the control, giving decentralized and centralized services an opportunity to offer for their clients secure storage solutions, while users will enjoy fast and convenient funds’ management.

Advantages and benefits

Such an architecture provides users and Security Providers with benefits that are unique on the market.

For users:

• No private key. It is eliminated from the system;
• No backups. The secret is in you;
• Instant transactions from users’ wallet. As the user and exchange/bank are connected (if chosen as a Security Provider), he will have access to instant withdrawals/deposits/trades right from the users’ wallet with on-chain confirmations processed afterward;
• Non-custodial solution. Digital assets are not stored in one place, which makes them more secure;
• Institutional-level security under your control. Funds are protected by security professionals and the user retain full control over his money;
• You set permissions. Each secret has its own permissions set by the user and Security Provider or attacker can’t get access to coins without users’ secret;
• Blockchain-agnostic. SMPC technology is blockchain-agnostic and supports any coin or token from the box;
• Universal addresses. Unlike multisig, SMPC-based addresses can be used in DeFi and dApps;
• Responsibility deligation. The user can get the secret’s backup, stored on the Security Provider’s side, by request;
• Conditional authorization. The private key provides full access to funds, and if it will be stolen it can be used to withdraw all funds without limitations. With a set of secrets, this can be solved.
• Legal. Businesses can satisfy legal requirements without centralized custodianship.
• Insurance. If the customer has no full single access to the funds, they can be insured.

We are working on the implementation of additional features for every party, as we believe that only win-win approach is the right one.

How we deal with backups

We use biometry to provide everyone with the most secure and convenient way to manage funds. Also, we believe that:

the best way to keep your data safe — not to store it at all

With that said, we don’t store any biometric data and any images of it anywhere. Instead, when the user has randomly generated Secret A on his device, our app creates a neural network and sets its parameters so that it could convert face data to that secret. Parameters of the neural network, which are not sensitive data, then are bonded to users’ email and stored on the side of the security provider. If the user loses access to his device, he can get a new one, install Spatium Wallet App, enter the email used for registration, and generate from his face Secret A again with the parameters of the neural network.

Sitting on both chairs

Spatium Hybrid solution solves one of the oldest problems of the crypto industry — the choice between high security level of funds and the access to big trading volumes. Now funds can be managed from the cold storage made of hot wallets with convenient and fast access to liquidity, while Security Providers have the opportunity to attract more users and offer them new features, some of which are unique on the market and were missing for a long time.

In the following articles, we will explore in detail Spatium Hybrid implementations for banks and exchanges with benefits for each type of Security Provider.

Spatium develops solutions to store and manage digital assets powered by SMPC and biometry. In our technology, the private key is replaced with the encrypted set of secrets, stored on behalf of funds owner’s devices, individuals and institutions, chosen by him. Even if some of the parties are compromised — funds will stay safe. Such an approach dramatically decreases the risk of theft and provides a previously unavailable level of flexibility and unique benefits for everyone on the market: no single point of failure, easy recovery, no need in backups, blockchain agnostic, access levels differentiation, instant crypto/crypto and crypto/fiat exchange, fully compliant solution, support of dApps and DeFi services, etc.