This is the story of CryptoLabs. We are building Case, the world’s most secure and easy-to-use Bitcoin wallet; but before we get into the nitty-gritty of what it does and how it works, it’s important to make brief mention of why we embarked on this journey in the first place.
Why We Exist
Needless to say, we are huge fans of Bitcoin. We believe it holds the promise of a reimagined finance industry so our ultimate mission is the mainstream adoption of Bitcoin. Unfortunately, the existing ecosystem of bitcoin wallets fails to address the difficulty of using and securing bitcoin. Software wallets fall prey to viruses, malware, hackers, and physical theft or loss. Anyone who thinks that we can educate general consumers about the importance of backing up their private keys or the diligence required to avoid installing some kind of malware is sadly mistaken. The first cloud wallets were also insecure because they are still accessed from a general purpose computing device that can download stuff from the Internet, so no matter how secure those servers are, there’s still a single point of failure and a pretty weak one at that.
To fix “the security problem” cloud wallets began to add two-factor authentication, which greatly reduced the odds of your wallet being compromised but think about the sequence of steps required to buy a cup of coffee – unlock your phone, launch the wallet app, click Send BTC, scan a QR code, minimize the app, launch Google Authenticator, copy the 2FA code, switch back to the wallet app, paste the 2FA code, and hit send. That’s ten steps! The pursuit of security has created complexity and led to an extremely cumbersome experience relative to existing payment options like credit cards, destroying any incentive for the average user to adopt Bitcoin.
Security and ease-of-use can’t exist on a spectrum where you get one or the other, or a compromise of the two. The promise of Bitcoin is too great to settle or make a compromise and that’s why we are building Case. We like to say that we’re building the world’s first grandma-proof bitcoin wallet and while that’s a cheesy marketing line, it really does speak to the ethos of what we’re doing. A wallet doesn’t just need to be hacker-proof. It has to be user-proof. It has to be easier to use than a credit card and more secure than a bank vault or the mainstream adoption of Bitcoin will remain but a dream.
How Case Works
When you press the ฿ button, the device turns on and jumps right into the “Send bitcoin sequence”. The ฿ button also cycles through the other features of the wallet but we wanted “Send” to be one click away since that’s the primary purpose of a payment device. After a quick view of the spiffy splash screen you see in the picture above, the camera turns on so you can scan the payment info QR code. The screen shows what the camera sees so you can use it as viewfinder to make scanning the QR code easier. Once Case detects and reads the QR code, the screen shows you the amount and address, asking you to swipe your finger to confirm the transaction. That’s it – click, scan, swipe; three easy steps that take less time than swiping a credit card, printing the signature receipt, and putting your John Hancock down on that piece of paper.
Under the Hood
It sounds great, but the cool part is actually what happens under the hood. In order to create a wallet that is not only easy-to-use but also super secure, we designed an architecture that marries a multi-signature wallet with a multi-factor authentication model whereby each key lives in a different place and is secured with a different authentication factor so there is no single point of failure. That’s a mouthful – let’s tear it apart.
A 2-of-3 multisig wallet has three keys and two of them are needed to authorize a transaction. Having one key is no different than having zero keys so if a single key gets compromised your bitcoins are still safe. Multi-factor authentication entails using multiple authentication factors in a security model. There are three kinds of authentication factors: knowledge factors (“things only the user knows”) such as passwords, possession factors (“things only the user has”) such as ATM cards, and inherence factors (“things only the user is”) such as biometrics.
The first key of a Case wallet is embedded in the device itself so it is protected by the possession factor. Without having possession of the device, there is no way to get that key. When you swipe your finger to confirm a transaction, the device signs the transaction with its embedded private key and sends the partially signed transaction along with the fingerprint scan to our servers. The second key is stored server-side and if the fingerprint scan is a match, the server countersigns the transaction with its key and broadcasts it to the Bitcoin network.
We don’t actually store your fingerprints on our servers. We store a geometric template of the relative locations of unique elements of your fingerprint like bifurcations, lakes, and deltas (more on fingerprints in a later post) and this template is used to validate the fingerprint scan. That template, along with all your other sensitive user data, like the server-side wallet key are encrypted with what we call the User Data Encryption Key (UDEK). Each user has a unique UDEK and that UDEK does not live on our servers, it actually lives on the device. The device grants the server temporary access to your user data in order for the server to validate the fingerprint scan and sign the transaction with the server key.
The device doesn’t piggy back off your phone for Internet access. It has a dedicated GSM chip and a multi-IMSI embedded SIM card that allows us to hop from carrier to carrier without roaming fees. Bitcoin is a global currency so it seemed silly to have a wallet that didn’t work globally as well. At launch, Case will work in over 60 countries without any monthly fees so you can use it to execute unlimited transactions around the world for the life of the device. One of the goals of our design has been network connectivity without risk, and the result is a perfect blend of convenience and security. Case is different from your cell phone or computer in that all connections are initiated from the device to the server and never the other way around. Would-be thieves need physical possession of your device, and even then they would fail to possess the inherence factor because they don’t have your fingerprint.
The server stack that the device communicates with over its dedicated link has multiple layers of security. The device speaks to an API Server that just routes traffic. The API server can’t access the encrypted data that the device is sending and only knows how to pass it to a User Account Server (UAS). The UAS is connected to the encrypted User Database. The UAS is not directly accessible from the Internet and it can only speak to the API server via a very limited set of commands to ensure security. We also do all the standard stuff like certificate-validated HTTPS along with a second layer of encryption using a device specific symmetric AES encryption key before messages go over the wire.
But what if I lose my Case?!? Fear not – that’s where the third key of the multisig wallet comes into play. The third private key and a copy of the UDEK are stored offline (likely in a bank vault but we’re still working out the procedure) and they are only used in the event that you lose your device. The vault key plus the server key create the 2-of-3 signature that’s needed for you to recover your bitcoins if the device is lost or stolen. Since the device key is secured by a possession factor and the server key is secured by an inherence factor, you may have already guessed that the vault key is secured by a knowledge factor.
The ultimate goal is to create a system with no single point of failure that’s grandma-proof from both a security and usability standpoint. If your card is lost or stolen, only one key is lost. Even if our entire server infrastructure is compromised, only one (highly encrypted) key is compromised. And if our bank vault gets robbed, well you get the idea…
The last point we want to make is about transparency. Most cloud wallets pool your bitcoin with other users so while their website says that they are holding X bitcoins for you, there’s no way to know for sure. With Case, your bitcoins are stored on the blockchain in wallet addresses that only you control so it is easy to validate that the bitcoins are actually there.
We’re excited to bring Case to market and we’re even more excited to get community feedback on our architecture along with ideas on how to improve it. You can reach us at firstname.lastname@example.org