The theft of digital assets occurs frequently, and its security has always been a hot topic of discussion. In the ten years since the birth of Bitcoin, there have indeed been many vicious incidents of hacking.
With the continuous growth of the scale of digital assets, it is gradually faced with corresponding problems such as safe storage and safe circulation. According to the statistics of security companies, by the end of 2021, the theft of digital assets has reached more than 2.5 billion US dollars, and online hot wallets store 5%-20% of digital assets of institutions, and require high-frequency operations, which is one of the core security. Since the risk exposure of hot wallets is obvious, how to avoid and prevent the risk of asset theft has become a difficult problem for institutions.
In fact, many users will store their assets in exchanges. This behavior is also well understood, because even if the exchange loses a part of the funds in the hot wallet, its own volume can cover this part of the loss, but it does not It doesn’t mean that all your assets should be stored in it. Here’s a picture but it’s bittersweet:
How to keep assets in your own hands?
The answer is to keep the private key yourself. The private key is the entrance to the digital wallet. Only the private key can prove that you are the owner of the assets in the wallet. No one knows this string of private keys except you. This is an encrypted digital currency. The biggest difference from a bank account.
There are many types of cryptocurrency wallets on the market, and the difference between wallets is whether they are hot or cold wallets.
– A hot wallet can be connected to the internet at any time to log in.
– A cold wallet to store funds offline. Although funds can be received at any time, transfers can only be made through private key verification.
Hot wallets include all online cloud wallets, most mobile wallets, software wallets, and exchanges.
Cold wallets can be hardware wallets, paper wallets stored offline, USB and similar data storage devices, or even physical items.
Most cryptocurrency holders use both cold and hot wallets. Hot wallets are suitable for frequently traded assets, while cold wallets are more suitable for long-term cryptocurrency holdings.
Therefore, users can store some assets that do not need to be used temporarily in the cold wallet, keep the private key of the wallet, and store a small part of the assets in the hot wallet. Even if the assets in the hot wallet are damaged, it will not hurt. bone.
One wallet solves all problems?
In the actual operation process, the user transfers the assets in the cold wallet to the hot wallet, and the time spent in the middle is deducted from the transfer on the chain, and there are other steps for login and operation. Not user-friendly enough, in view of this, HyperPay is committed to one wallet to solve all problems.
HyperPay integrates four independent modules of managed wallet, self-managed wallet, co-managed wallet, and hardware wallet into one APP. Users can switch wallet modes at will in the HyperPay APP to operate, and assets between different wallets can be freely The transfer brings a convenient and efficient management experience and security guarantee for digital asset users.
So far, the HyperPay wallet has more than one million users, the asset management scale has exceeded 1 billion US dollars, and the transfer has exceeded 310 million times.
At the same time, HyperPay self-managed wallet is one of the wallets that supports the most public chain currencies on the market, and supports ETH, TRON, EOS, BSC, HECO, OEC, HSC, Polygon, AVAX, Fantom, Sol and other public chain DApp applications. Users only need to create an identity to easily manage assets on different chains. The user’s private key is stored in the user’s device through local storage, and the security of the user’s private key and assets is ensured by physically isolating important data.
How does HyperPay ensure the security of users’ assets?
HyperPay has a professional blockchain bottom-level R&D team, security team, cryptographic algorithm team and AI intelligent big data risk control team. The team has core technologies and rich industry experience.
The user’s assets are effectively protected by the HSM bank-level security protection and KMS multi-signature mechanism to effectively protect the private key security. At the same time, the unique cold, warm and hot wallet separation storage technology is adopted to dynamically strengthen the security of data assets.
HyperPay wallet has an AI intelligent risk control engine, which provides users with artificial intelligence risk sensing, real-time risk control early warning, and escorts system security through multi-factor recognition technologies such as face recognition and fingerprint recognition. At the same time, it is more secure through hybrid technologies such as obtaining true random numbers and verifiable QR codes. The AI intelligent risk control engine has services such as mid-event risk control and post-event risk control. It extracts behavioral features through offline computing of big data, and dynamically updates the real-time feature engine to conduct risk control for anti-fraud and malicious behaviors, downgrade penalties, and ensure system security.
HyperPay adopts 4 major security technologies to ensure the security of user assets:
MPC: Secure Multiparty Computation
Secure Multi-Party Computation (MPC: Secure Muti-Party Computation) research was proposed by Prof. Yao Qizhi, a Turing Award winner in 1982. Prof. Yao explained secure multi-party computation with the famous millionaire problem. The millionaire problem refers to how, without a trusted third party, two millionaires can compare who is richer without revealing their true financial status. By studying this problem, the challenges and problem solving ideas of secure multi-party computing are vividly illustrated.
Secure multi-party computing is a branch of cryptography that allows multiple data owners to perform collaborative technology without trusting each other, output technical results and ensure that no party can obtain any information other than the results.
MPC has the following advantages in private key storage management:
Eliminate private key single point problem
Participating terminals generate fragmented private keys through MPC technology, and there is no need to disclose private key fragments during the signing process
All asset types supported
At present, the private key algorithm of all public chains is basically ECDSA, so HyperBC supports digital assets of all public chains. The multi-signature scheme of each public chain is different, which makes the operation very difficult. The very standard algorithm of MPC is more general.
Lower fees than multi-signature on-chain
The multi-signature signature and the number of participants continue to interact with the chain multiple times, resulting in very high efficiency and cost. MPC is lower than traditional multi-signature by 30%-40%.
Flexible number of multi-signatures
Compared with blockchain multi-signature, which cannot modify the number of participants, MPC can flexibly increase the number of multi-signature private keys.
TEE: Trusted Environment
Trusted Execution Environment, which isolates and protects operations and operations involving private data at the hardware level. Running secure data in a trusted environment cannot be accessed by anyone, not even server administrators. This ensures the security of the data, and it cannot be analyzed by some memory analysis tools, and it will not be maliciously tampered with private data. Currently using secure hardware Inter SGX.
The SSL protocol is located between the TCP/IP protocol and various application layer protocols, providing security support for data communication. The SSL protocol can be divided into two layers: SSL Record Protocol: It is built on a reliable transmission protocol (such as TCP) and provides support for basic functions such as data encapsulation, compression, and encryption for high-level protocols. SSL Handshake Protocol (SSL Handshake Protocol): It is built on top of the SSL record protocol and is used for authentication, negotiation of encryption algorithms, and exchange of encryption keys before the actual data transmission begins.
In addition to the SSL protocol for interface communication, we also use asymmetric encryption to tamper with the transmission process information and authenticate the sender.
Zero Trust Architecture:
In 2020, the National Institute of Standards and Technology (NITS), which is directly under the U.S. Department of Commerce, released the second draft of the “Zero Trust Architecture” draft, which introduced three key technologies for implementing a zero-trust security architecture: SDP (Software-Defined Perimeter). ) software-defined boundary, IAM (Identity and Access Management) identity rights management, MSG (Micro-Segmentation) micro-isolation, HyperBC is currently built in strict accordance with the zero-trust architecture.
Since the HyperPay wallet was launched in 2017, there have been zero security incidents. In the continuous iteration of version updates, the requirements for general security and narrow security are gradually refined. General security lies in the wallet team’s control of risk exposure, and narrow security lies in the use of users. The risk of funds being damaged during the wallet process, such as wrong transfer address on the chain, participation in DEX or head mining, etc. In response to these situations, HyperPay has also launched transaction secondary confirmation and contract security detection functions to help users better avoid using wallets Common risks in the process.
In terms of policy risks, HyperBC, a HyperPay wallet custodian service provider, has obtained the Lithuanian encrypted asset custody license. HyperPay wallet has become the first digital currency wallet to hold a compliant custody license, providing compliant custody services for digital assets of global users and ensuring the security of digital assets. .
Taking the security of user assets as the original intention, the HyperPay team has been improving the technical protection barriers, and will continue to carry out encrypted asset services under the compliance framework to provide users with more assured services, cross the bulls and bears, and work together for a win-win situation.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/the-theft-of-digital-assets-is-not-uncommon-how-to-ensure-the-security-of-your-own-assets/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.