Keyless Security Model

Managing private keys is difficult and risky. We’ve eliminated the private key flaw in blockchains and created a keyless wallet.

keyless-security_2

A typical crypto wallet stores your private keys. Without your private keys, you cannot access your bitcoin and other cryptocurrencies, no matter how much you try. This simply means that if you lose of your private key, you’ve lost your coins. 

A keyless wallet that uses Multi-party Computing and Threshold Signatures

We’ve built a wallet that does not use private keys. You don’t need to worry about remembering or storing a private key, because you don’t have one. We have replaced the traditional private key using an advanced cryptography protocol, Multi-party Computation (MCP). The basic idea is that two or more non-trusting parties work jointly to compute a key, each using its own unique input, while keeping these inputs private from each other. With MPC we compute private keys, which are used to sign cryptocurrency transactions. At no point are the computed private keys stored on a device.

We create two secrets using a distributed key generation protocol. One secret is stored on the user’s mobile device and the other on our servers. When the user initiates a transaction, a distributed signing protocol starts and uses the share on the user’s device with the one on our servers to compute a key and sign the transaction.

The transaction gets signed without any of the parties revealing their secret to each other. With no single point of failure, even if something happens, for example if we were hacked, your assets are always safe. If you lose your wallet, because your phone was stolen, lost or because by mistake you deleted our app, your assets are always safe. Your assets are always safe no matter what happens.

signed-transaction

Simple Wallet Backup and Restore

We have developed an easy backup and recovery process that guarantees the user can access their funds. Using advanced facial recognition technology we authenticates the user, quickly and securely, and restore the user’s wallet on their mobile phone. It’s that simple.

When the user creates a wallet, we do a couple of things. First, we encrypt and store the secret from the user’s mobile phone to their personal cloud (Google Drive for Android devices). Second, the user scans their face, taking a selfie, from which we generate mathematical representation of the user’s face, 3D biometric face map. The 3D biometric face map, along with the decryption key, that was used to encrypt the user’s device secret, are stored on Kryptonio’s servers. The user is the only one that can access the decryption key, by scanning their face. The encrypted device secret is on stored on the user’s personal cloud and the decryption key used to encrypt it, is stored separately on our servers.

When the user needs to restore their wallet, all they need to do is take a selfie. We generate 3D biometric face map and compare it to the one that was created when the user registered. If there is a match, we send to the user’s mobile phone the decryption key, the mobile app retrieves from the user’s personal cloud the encrypted device share and the user’s wallet is restored. 

backup-share

No passwords to remember

When a user creates a wallet, they do not need to set or remember any passwords. We require the user to use the device-based authentication, including fingerprint and facial recognition to access their wallet and authorize transactions. 

Key takeaway about Kryptonio’s security model

Kryptonio approaches security on multiple levels. Firstly, we share security responsibilities between the user’s mobile phone and our own servers. Secondly, facial recognition is only one of the three security factors we is use for authentication. The others are email verification and the user’s access to his personal cloud. All three are required to gain access to an account.

Kryptonio

#kryptoniowallet