New iPhone-Controlled Crypto Vault Promises ‘Bank-Grade’ Security
Trustology, founded by technologists who previously worked at such banks as BNY Mellon, RBS and Barclays, has launched an iPhone-controlled crypto vault it claims is secure enough for financial institutions.
Announced Wednesday, the first version of TrustVault is available for download at the Apple UK App Store, and initially can be used to store ether, the cryptocurrency native to the ethereum public blockchain. Bitcoin and ERC-20 tokens that run on top of ethereum are to follow soon after.
Trustology closed an $8 million seed round late last year led by ethereum design studio ConsenSys and Two Sigma Ventures, a VC arm of tech-focused hedge fund Two Sigma Investments.
At first blush, TrustVault might look like another crypto wallet phone app. But there’s a lot going on behind the screen: a clever combination of hardware security modules (HSMs) operated by Trustology with verification processes distributed among individuals at secure data centers.
Spelling this out, Alex Batlin, Trustology’s founder and CEO told CoinDesk,
“It allows you the ease of a mobile phone, but really what we always talk about is a TrustVault account. If you mention the phone, people think it’s just a phone app. But that’s a bit like saying my bank account is just the mobile bank app. It looks like a simple app, but the real power is in the service behind that.”
Indeed, like a bank, Trustology identifies its customers upfront, and if the phone is lost, the account can be recovered with the company since the private keys to the crypto wallet are not stored on the device.
Yet involvement of humans in certain parts of the setup process doesn’t mean this is a typical cold storage solution, which can take up to 48 hours to get assets out, Batlin said.
Once the user is on-boarded, TrustVault is almost entirely automated and takes a fraction of a second to move funds, he said, adding,
“The problem with the person scenario is you absolutely reduce cyberattack, but you now increase the physical attack. Because in the end, an individual is just a very slow network connection.”
HODL the phone
A slew of blockchain phones has hit the market of late, such as the Samsung Galaxy S10 or the HTC’s EXODUS 1 and Sirin Labs’ Finney – and they all offer some method of storing keys.
For example, Samsung’s S10 touts what it calls “defense-grade Samsung Knox,” as well as storage backed by hardware and so on. But one suspects the goal for Samsung is ultimately the possibility of connecting to Samsung Pay in the future.
For now, TrustVault is only compatible with iPhone because historically it’s the only phone with an enclave secure enough for this type of custody service, Batlin said.
However, Android compatibility is coming soon, he said, in the form of the recently released Google Pixel 3 phone.
“It has something called a Titan M chip which is very secure, more secure than the iPhone. So we will be working on an Android version, but it won’t be for every device; it will only be for the more secure ones,” said Batlin.
The nuts and bolts
Trustology has tried to put everything in hardware. “We took the tried and tested HSMs, which is what banks have been using for SWIFT network and many other very highly secure systems, but we customized the firmware,” said Batlin.
When the app is launched, a cryptographic private key is created in the iPhone enclave, followed by bank-grade know-your-customer (KYC) process which ties the non-extractable key to the user’s identity. Note that this is not the same key that directly controls the user’s funds.
The next step is to create a key account with TrustVault, a request which is signed by the private phone key. A private key is then created inside the HSM and a “policy file,” which associates the key inside the phone with the one inside the HSM.
From there, the user’s public address becomes the equivalent of a bank account, said Batlin.
“To move money you have to be able to sign the transaction with the key inside your phone and send it to us. We then load the appropriate policy file and then only if that key is mapped to the key inside the HSM do we re-sign that transaction with the real key inside the HSM.”
In addition to the minimum viable product (MVP) being launched today, TrustVault is also being offered to financial institutions as a white-label service they can provide to their customers. Batlin said there is demand from top-tier and mid-tier banks.
There will be a range of business models going forward (the early adopter MVP comes at a simple flat £4.99 a month subscription) depending in part on insurance, which Trustology is in the process of arranging, he said.
Joseph Lubin, ConsenSys founder, described Trustology in a statement as “industrial grade security, but available to anyone” and added,
“When it comes to crypto wallets, hot is the new cold.”
Data center image via Shutterstock