Ternoa’s Fortress

At Ternoa, keeping things safe and secure is our main goal. We work hard on security, but we know it can be a bit tricky to understand. So, we’ve made it simpler. We call it ‘Ternoa’s Fortress’. This idea helps everyone get what we do to keep things safe, without needing to be a security expert.

Let’s explore this Fortress, level by level, to understand the different security measures we’ve implemented.

Level-by-level Breakdown

Level 1: The Foundation — Intel SGX

• What It Does: Think of Intel SGX as a super-secure room in a computer where important data is kept safe. It makes sure no one can tamper with the data, and only authorized programs can access it.

Level 2: Key Splitting — Shamir Secret Sharing

• What It Does: Imagine a key that opens a treasure chest, but it’s split into several pieces. Only when enough pieces are brought together, can the chest be opened. This is how we protect access to crucial data.

Level 3: Proof of Key Receipt — Built-in Oracle

• What It Does: Every time a key is sent to the secure room (Intel SGX), a proof that it was received properly is sent to the Blockchain where it can be publicly verified. This ensures that the key transfer is successful and secure.

Level 4: Ownership Checks — Chain-Controlled Authorization

• What It Does: This is like having a security guard who checks if you’re the owner of an account before letting you make changes. It ensures that only the rightful owner can access their assets.

Level 5: Secure Enclave Communication

• What It Does: Different secure rooms (enclaves) can talk to each other securely to perform tasks, ensuring that information stays protected during these interactions.

Level 6: In-House Key Creation

• What It Does: Each secure room creates its unique key, preventing anyone from pretending to be someone they’re not.

Level 7: Extra Secure Communication — TLS Certificates

• What It Does: This adds an extra layer of security to the communication between secure rooms, like having a secret handshake that only they know.

Level 8: Blocking Replay Attacks

• What It Does: We prevent attackers from intercepting and reusing communication data to gain unauthorized access.

Level 9: Guard Against Malicious Code — Auth Token with Block Expiry

• What It Does: When secure rooms communicate, they include information that changes over time, preventing attackers from using old data to break in.

Level 10: Trust Verification — Provable Deployment

• What It Does: We constantly check to make sure that the code running in the secure rooms is the code that we trust and haven’t been tampered with.

Level 11: Accountability — CAPS Bonding & Rewards

• What It Does: There’s a system to punish the secure rooms if they try to cheat, making sure everyone plays by the rules.

Level 12: Continuous Monitoring — Metrics Server

• What It Does: We continuously monitor the performance and behavior of our security system, rewarding those who maintain it properly.

Level 13: Open, Transparent, and Verified — Open Source Code & Audits

• What It Does: Our code isn’t just open for everyone to see; it’s also thoroughly checked by multiple companies. This auditing process ensures that experts have scrutinized our system for any possible vulnerabilities, making our blockchain not only transparent but also highly secure and trustworthy.

Conclusion

By climbing the Ternoa’s fortress, you’ve seen the various layers that keep our private key management protocol secure.