Digital asset thefts are common. How to ensure the safety of your own assets?

Digital asset thefts have occurred frequently, and its security has always been a hotly debated topic. In the decade since the birth of Bitcoin, many malicious hacker attacks have indeed occurred.

As the scale of digital assets continues to grow, they are gradually facing corresponding problems such as safe storage and safe circulation. According to statistics from security companies, by the end of 2021, the theft of digital assets has reached more than US$2.5 billion. Online hot wallets store 5%-20% of the digital assets of institutions and require high-frequency operations, which is one of the core security issues. Since hot wallets have obvious risk exposure, how to avoid and prevent the risk of asset theft has become a difficult problem facing institutions.

In fact, many users will store their assets in exchanges. This behavior is easy to understand, because even if the exchange loses part of the funds in the hot wallet, its own volume can cover this part of the loss. However, it does not mean that all your assets should be stored in it. The following picture tells the bitterness:

How to take control of your assets?

The answer is to keep the private key yourself. The private key is the entrance to the digital wallet. Only the private key can prove that you are the owner of the assets in the wallet. No one knows this private key except you. This is the biggest difference between encrypted digital currency and bank accounts.

There are many types of cryptocurrency wallets on the market, and the difference between wallets is whether they are hot wallets or cold wallets.

- A hot wallet is always accessible via the internet.

- A cold wallet stores funds offline. Although funds can be received at any time, transfers can only be made through private key verification.

Hot wallets include all online cloud wallets, most mobile wallets, software wallets, and exchanges.

Cold wallets can be hardware wallets, paper wallets stored offline, USB and similar data storage devices, or even physical objects.

Most cryptocurrency holders use both cold wallets and hot wallets. Hot wallets are suitable for frequently traded assets, while cold wallets are more suitable for long-term holding of cryptocurrency assets.

Therefore, users can store some of the assets that are not needed temporarily in a cold wallet, keep the private key of the wallet safe, and store a small amount of assets in a hot wallet. Even if the assets in the hot wallet are damaged, it will not be a serious loss.

One wallet solves all problems?

In actual operations, users transfer assets from cold wallets to hot wallets. In addition to the time required for on-chain transfers, there are also other steps required for logging in and operating. In the face of sudden market conditions, this is somewhat inhumane. In view of this, HyperPay is committed to solving all problems with one wallet.

HyperPay cleverly integrates four independent modules, namely, custodial wallet, self-managed wallet, co-managed wallet and hardware wallet, into one APP. Users can switch wallet modes at will in the HyperPay APP, and assets between different wallets can be transferred freely, bringing convenient and efficient management experience and security protection to digital asset users.

To date, HyperPay wallets have over one million users, with an asset management scale of over US$1 billion and over 310 million transfers. The custodial wallet supports 51+ public chains, the self-managed wallet supports 30+ public chains, and the HyperMate hardware wallet supports 17+ public chains.

At the same time, HyperPay's self-managed wallet is one of the wallets on the market that supports the most public chain currencies, and supports public chain DApp applications such as ETH, TRON, EOS, BSC, HECO, OEC, HSC, Polygon, AVAX, Fantom, Sol, etc. Users only need to create an identity to easily manage assets on different chains. The user's private key is stored in the user's device through local storage, and the security of the user's private key and assets is ensured by physically isolating important data.

How does HyperPay ensure the security of users’ assets?

HyperPay has a professional blockchain underlying R&D team, security team, cryptographic algorithm team and AI intelligent big data risk control team, etc. The team has core technologies and rich industry experience.

The user's assets are effectively protected by HSM bank-level security protection and KMS multi-signature mechanism, which effectively protects the private key security. At the same time, it adopts unique cold, warm and hot wallet separation storage technology to dynamically strengthen the security of data assets.

HyperPay wallet has an AI intelligent risk control engine, which provides users with artificial intelligence risk sensing, real-time risk control warning, and escorts system security through multi-factor recognition technology such as face recognition and fingerprint recognition. At the same time, it is more secure by obtaining hybrid technologies such as true random numbers and verifiable QR codes. The AI ​​intelligent risk control engine has services such as in-process risk control and post-event risk control. Through offline calculation of big data, it extracts behavioral features and dynamically updates the real-time feature engine to conduct risk control on anti-fraud and malicious behaviors, downgrade penalties, and ensure system security.

HyperPay uses four major security technologies to ensure the safety of user assets:

MPC: Secure Multi-Party Computation

The research on secure multi-party computing (MPC) was proposed by Professor Yao Qizhi, a Turing Award winner, in 1982. Professor Yao used the famous millionaire problem to illustrate secure multi-party computing. The millionaire problem refers to how two millionaires can compare who is richer without revealing their true wealth status in the absence of a trusted third party. By studying this problem, the challenges and problem-solving ideas faced by secure multi-party computing are vividly illustrated.

Secure multi-party computation is a branch of cryptography that allows multiple data owners to collaborate without mutual trust, output technical results and ensure that no party can obtain any information other than the results.

MPC has the following advantages in private key storage management:

Eliminate the single point of private key problem

Through MPC technology, each participating terminal generates a shard private key, and the private key shard does not need to be disclosed during the signing process

Supports all asset types

Currently, the private key algorithms of all public chains are basically ECDSA, so HyperBC supports digital assets of all public chains. The multi-signature schemes of each public chain are different, which makes the operation very difficult. MPC's very standard algorithm is more universal.

Lower transaction fees than multi-signature on-chain

Multi-signature signatures interact with the chain multiple times with the number of participants, resulting in very high efficiency and cost. MPC is 30%-40% lower than traditional multi-signature.

Flexible number of multi-signatures

Compared with blockchain multi-signature, which cannot modify the number of participants, MPC can flexibly increase the number of multi-signature private keys.

TEE: Trusted Environment

Trusted Execution Environment isolates and protects the calculations and operations involving private data at the hardware level. The secure data running in the trusted environment cannot be accessed by anyone, including the server administrator. This ensures the security of the data, and some memory analysis tools cannot analyze it, and the private data will not be maliciously tampered with. Currently, the security hardware Inter SGX is used.

Secure Communications:

The SSL protocol is located between the TCP/IP protocol and various application layer protocols, providing security support for data communication. The SSL protocol can be divided into two layers: SSL Record Protocol: It is built on a reliable transmission protocol (such as TCP) and provides support for basic functions such as data encapsulation, compression, and encryption for high-level protocols. SSL Handshake Protocol: It is built on the SSL Record Protocol and is used for the communication parties to authenticate their identities, negotiate encryption algorithms, and exchange encryption keys before the actual data transmission begins.

In addition to the SSL protocol, we also use asymmetric encryption to prevent information tampering during transmission and sender identity authentication.

Zero Trust Architecture:

In 2020, the National Institute of Standards and Technology (NITS), which is directly under the U.S. Department of Commerce, released the second draft of the "Zero Trust Architecture", which introduced three key technologies for implementing the zero trust security architecture: SDP (Software-Defined Perimeter) software-defined boundaries, IAM (Identity and Access Management) identity authority management, and MSG (Micro-Segmentation) micro-isolation. HyperBC is currently built strictly in accordance with the zero trust architecture.

Since the HyperPay wallet was launched in 2017, there have been zero security incidents. In the continuous version updates and iterations, the requirements for broad security and narrow security have been gradually refined. Broad security lies in the wallet team's control over risk exposure, and narrow security lies in the risk of financial loss faced by users when using the wallet, such as incorrect on-chain transfer addresses, participation in DEX or first mining, etc. To deal with these situations, HyperPay has also launched transaction secondary confirmation and contract security detection functions to help users better avoid common risks in the use of wallets.

In terms of policy risks, HyperBC, the custody service provider of HyperPay wallet, has obtained the Lithuanian crypto asset custody license. HyperPay wallet has become the first digital currency wallet to hold a compliant custody license, providing compliant custody services for the digital assets of global users and ensuring the security of digital assets.

Summarize

With the security of user assets as its original intention, the HyperPay team has been improving its technical protection barriers and will continue to provide encrypted asset services under a compliance framework to provide users with more reassuring services, so as to achieve win-win results through bull and bear markets.