Bitcoin Global News (BGN)
April 4, 2019 -- ADVFN Crypto NewsWire -- Just one year ago,
you would be hard pressed to find more than a handful of cold
storage solutions for your cryptocurrencies. Bitcoin launched in
2008 and it wasn’t until 2014 that two hardware wallets were
launched that are still leading the pack today - Trezor and Ledger.
At the same time as the launch of the Trezor, another option which
was designed more like an early Nokia style “brick” mobile phone
with a low quality screen called Hardbit came out.
“When it comes to crypto wallets,
hot is the new cold.” - Joseph Lubin, ConsenSys founder and
Ethereum Co-founder
Not only were the options extremely
limited for a method of secure cold storage, but the featureset on
these products was not nearly as diverse as it is now. They were
primarily for Bitcoin (BTC) storage only. However, in the past year
novel forms of cold storage seem to come out more than once per
month. And at this point, it looks like the Hardbit device was on
to what the customers truly wants - everything available on a
smartphone, but the same one the user already
owns.
TrustVault Institutional
Mobile App
Trustology has been at work on
their newest development since closing up their initial seed round
last year for a modest $8 million led by ConsenSys and Two Sigma
Ventures. Yet, the company has already collaborated on projects
with major banks such as BNY Mellon, RBS and Barclays.“It allows
you the ease of a mobile phone, but really what we always talk
about is a TrustVault account. If you mention the phone, people
think it’s just a phone app. But that’s a bit like saying my bank
account is just the mobile bank app. It looks like a simple app,
but the real power is in the service behind that.”
- Alex Batlin, Trustology’s founder and CEO
This first version of TrustVault is
available only in the Apple UK App Store at this time. The company
has designated the Google Pixel 3 phone as the next target for
operating their app.In addition, it is only compatible with storing
BTC and ETH, however the company expressed that it will soon have
the ability to handle any ERC-20 tokens. The app leverages a
combination of hardware security modules (HSMs) operated by
Trustology with verification processes distributed among secure
data centers.
“To move money you have to be able
to sign the transaction with the key inside your phone and send it
to us. We then load the appropriate policy file and then only if
that key is mapped to the key inside the HSM do we re-sign that
transaction with the real key inside the HSM.” - Alex
Batlin
Because of this, transactions can
take up to 48 hours. However, the company claims this to be the
price for having the utmost secure cryptocurrency storage with a
user-friendly app. But within the next six months, it’s likely
there will be numerous launches to compete with
the
Indeed, like a bank, Trustology
identifies its customers upfront, and if the phone is lost, the
account can be recovered with the company since the private keys to
the crypto wallet are not stored on the device.
Yet involvement of humans in
certain parts of the setup process doesn’t mean this is a typical
cold storage solution, which can take up to 48 hours to get assets
out. Once the user is on-boarded, TrustVault is almost entirely
automated and takes a fraction of a second to move funds
“The problem with the person
scenario is you absolutely reduce cyberattack, but you now increase
the physical attack. Because in the end, an individual is just a
very slow network connection.” - Alex
Batlin
HODL the
phone
A slew of blockchain phones has hit
the market of late, such as the Samsung Galaxy S10 or the HTC’s
EXODUS 1 and Sirin Labs’ Finney – and they all offer some method of
storing keys.
For example, Samsung’s S10 touts
what it calls “defense-grade Samsung Knox,” as well as storage
backed by hardware and so on. But one suspects the goal for Samsung
is ultimately the possibility of connecting to Samsung Pay in the
future.
For now, TrustVault is only
compatible with iPhone because historically it’s the only phone
with an enclave secure enough for this type of custody service,
Batlin said.
However, Android compatibility is
coming soon, he said, in the form of the recently released Google
Pixel 3 phone.
“It has something called a Titan M
chip which is very secure, more secure than the iPhone. So we will
be working on an Android version, but it won’t be for every device;
it will only be for the more secure ones” -
Alex Batlin
The nuts and
bolts
Trustology has tried to put
everything in hardware. “We took the tried and tested HSMs, which
is what banks have been using for SWIFT network and many other very
highly secure systems, but we customized the firmware,” said
Batlin.
When the app is launched, a
cryptographic private key is created in the iPhone enclave,
followed by bank-grade know-your-customer (KYC) process which ties
the non-extractable key to the user’s identity. Note that this is
not the same key that directly controls the user’s
funds.
The next step is to create a key
account with TrustVault, a request which is signed by the private
phone key. A private key is then created inside the HSM and a
“policy file,” which associates the key inside the phone with the
one inside the HSM.
From there, the user’s public
address becomes the equivalent of a bank account, said
Batlin.
In addition to the minimum viable
product (MVP) being launched today, TrustVault is also being
offered to financial institutions as a white-label service they can
provide to their customers. Batlin said there is demand from
top-tier and mid-tier banks.
There will be a range of business
models going forward (the early adopter MVP comes at a simple flat
£4.99 a month subscription) depending in part on insurance, which
Trustology is in the process of arranging, he said, described
Trustology in a statement as “industrial grade security, but
available to anyone” and added,
By: BGN Editorial Staff