!css

Securing crypto-assets: the ledger example

27/06/2019

Blockchains are distributed data bases that keep up-to-date records linking digital assets to their owners.

Cryptographic secrets called “private keys” enable individuals to control such digital assets stored on the blockchain. Private keys comprise random data (see example below), giving control (and therefore practical ownership) over digital assets to individuals or organisations.

The private keys at the core of the security set

Private keys contain highly sensitive information, which should remain private (as their name implies) because they give full control over the crypto-assets contained in a given crypto-currency wallet (e.g. Ether, Bitcoin or other crypto-assets) and are the only way to access the crypto­assets and cannot be recovered in case of loss. In addition, if private keys are stolen (i.e. if a private key is uncovered by a third party), the thief will be able to take control of the crypto-assets related to such private keys. De facto, it is absolutely critical for crypto assets’ owners to avoid having their private keys lost or stolen, as they are the only way to access digital assets recorded on a blockchain.

Traditionally, one tends to consider that there are currently two types of solutions to store private keys:

  1. hot storage (or hot wallet): the private key is stored online, usually on a website offering wallet services (such as crypto-exchanges) or on the owner’s computer or cell phone (using wallet software)
  2. cold storage (or cold wallet): the private key is stored offline, usually on a piece of paper (called a “paper wallet”).

Although the first category (hot storage) is considered more user-friendly (and is generally used by the average public), it is not recommended to store significant amounts of crypto-assets in hot storage. Indeed, hot wallets put crypto­assets at risk because private keys are hosted on a device connected to the Internet that can be targeted by hackers to uncover these keys. While cold storage in a paper wallet is much more secure than hot storage solutions, it is also very inconvenient and prone to operational mistakes, which can lead to the loss of crypto-assets1. Indeed, if done properly, the process of creating a paper wallet is more complicated than simply copying the private key onto a piece of paper, as it involves a risky operation to ensure that no digital trace of the private key is left on a computer or other electronic devices. This process is impractical and certainly not suitable for the average individual, companies or other organisations. To address this issue while keeping private keys offline, a few companies, such as Ledger, have introduced the concept of hardware wallets.

Why hardware wallets are the solution

Hardware wallets are devices dedicated to the storage of private keys, allowing their users to keep their private keys safe with what would most resemble cold storage in a much less risky and more convenient manner than setting up a paper wallet. As with pure cold storage solutions, private keys are never exposed to the Internet even when the hardware wallet is connected.

As mentioned above, a few companies are currently producing and selling hardware wallets, but what makes Ledger’s devices (the Nano S and the Nano X) technically more secure than those of its competitors is that they are built around a secure element: an isolated chip designed to resist even the most sophisticated software and hardware attacks. The private keys protected by the secure element are therefore never exposed to such attacks, even when the device is connected to a computer or other device connected to the Internet (for example when the user checks their portfolio balance or makes a transfer). To allow a secure element (like the chip used in credit cards) to sign crypto-assets transactions with private keys stored in its hardware wallets, Ledger has developed its own unique operating system (BOLOS), which is designed for maximum security.

This operating system is the only OS fully compatible with blockchain applications designed with security as a top priority. Indeed, we believe that it would be extremely difficult to reproduce this OS, as it would require a long process and rare expertise in the field of secure elements (which is the Ledger’s founders’ area of expertise). Ledger is continuously improving the security of its devices by relentlessly simulating attacks against them from each and every angle and by listening to feedback from a large community of cryptographers and other security experts with whom Ledger has been in touch over the years. To this end, Ledger has developed in-house attack and security expertise with a dedicated laboratory.

From retail to enterprise

To take such a security level from retail to enterprise, Ledger has built the Ledger Vault solution. The Ledger Vault is a made-to-measure enterprise-level solution that helps companies, institutional investors and other financial institutions gain full control of and safeguard their crypto-assets. It is based on an end-to-end secure channel between (i) a server-based Hardware Security Module (HSM) orchestrating the governance and (ii) operators’ Ledger Blue devices (equivalent to the Ledger Nano S) to enable customers to maintain control of their private keys through the use of secure hardware, offering multi­signature authorisation on multiple accounts for a broad range of crypto-assets.

This solution, which provides the same level of security as its hardware devices, was designed for hedge funds, family offices, HNWI2 and banks looking to secure their crypto-assets and comply with the financial industry’s highest security standards and best practices. Indeed, when dealing with crypto-assets, organisations are in dire need of a secure multi-signature private key management system enabling them to program a set of authorisations and sub-authorisations that can be tailored to fit their structure. Ledger Vault’s features, such as the time lock, which allows transactions to be put on hold for a predetermined period of time, or the whitelisting, which allows outbound transactions to be limited, serve the need of institutions when dealing with crypto-assets, specifically on behalf of third parties.

Last but not least, Ledger Vault’s technology offers a multi­signature system that is not dependent on one blockchain/ crypto-asset (unlike the Ethereum blockchain smart contracts). This multi-signature system (which requires more than one person to initiate a transaction) is particularly suited to large companies having substantial crypto-assets under management. The Vault is also appropriate to safeguard crypto-assets raised during an ICO or an STO. It gives those who decide to use the Ledger Vault solution the ability to exercise better governance to control the funds in their custody on behalf of their clients.

ERIC LARCHEVÊQUE

Serial entrepreneur sinœ 1996, Eric has founded several companies in various sectors across Europe. In 2013, he discovered Bitcoin and the blockchain technology that struck him as the fourth industrial revolution. He then opened La Maison du Bitcoin (reœntly rebranded Coinhouse) before co-founding Ledger with the ambition of building the next technological giant and becoming the benchmark in securing blockchain applications.

(1) Only expert users can properly set up paper wallets, as the process is complicated and painstaking. Many (including experts) have lost significant amounts of crypto-assets by making mistakes going through this process.

 

Did you like this article ?
+1
0