{"id":289,"date":"2020-08-09T21:45:50","date_gmt":"2020-08-09T21:45:50","guid":{"rendered":"http:\/\/tonysbit.blog\/?p=289"},"modified":"2020-08-09T21:45:50","modified_gmt":"2020-08-09T21:45:50","slug":"cauth2-0-a-open-security-framework-for-smart-cryptographic-wallets","status":"publish","type":"post","link":"https:\/\/tonysbit.blog\/?p=289","title":{"rendered":"CAUTH2.0: A Open Security Framework for Smart Cryptographic Wallets"},"content":{"rendered":"\n

<\/p>\n\n\n\n

Introduction<\/h2>\n\n\n\n

Although Bitcoin, Ethereum and the general concept of Cryptocurrency is much more widespread then when I got into it, I am still surprised to find how difficult it is for my friends and family to get started. Whether they have to create paper wallets via myetherwallet.com<\/a> and having to save their seed to a password manager (or for the less tech savy to a text file on their desktop) or trying to use Ledger the experience feels alien compared to pretty much every other software ecosystem.<\/p>\n\n\n\n

CAuth2.0 is my proposal to solve this issue. The original goal was to create a user experience as close to what users commonly experience (email, password, 2FA) but with the same “level” of security as hardware wallets. At a high level the solution utilizes client-side encryption similar to secure password managers but combined with 2FA multi-signature workflows to ensure network security.<\/p>\n\n\n\n

You can read the full framework here<\/a>.<\/p>\n\n\n\n

Key access: How does it work?<\/h2>\n\n\n\n

The framework proposes a client encrypted key storage system that ensures that the service-provider never has access to private keys. This methodology results in users having access to their keys using a Email + Password + Master Password. Admittedly the master password is an additional piece of information users must store however it has a added advantage of being disposable and customizable which is not the same as a seed or private key.<\/p>\n\n\n\n

Vault Creation and Key Storage Process <\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

Key Retrieval Process<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

Two-factor Multi-signature: How does it work?<\/h2>\n\n\n\n

By using smart-account functionality and a intermediary security layer, users are able to provide authorization for transactions via a second methodology i.e. Email or SMS.<\/p>\n\n\n\n

Transaction Broadcasting Communication Flow<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

Sample Deployment Architecture<\/p>\n\n\n\n

\"\"<\/figure><\/div>\n\n\n\n

Conclusion<\/h2>\n\n\n\n

By addressing these challenges, users of CAuth2.0 can have a familiar experience for primary authentication\/authorization (OAuth2.0) and transaction broadcasting (two-factor confirmations). The proposed framework is compatible with all Smart Account enabled blockchains and can be implemented in a multi-service provider ecosystem.<\/p>\n","protected":false},"excerpt":{"rendered":"

Combining both an industry accepted authentication\/authorization framework in conjunction with blockchain based on-chain security innovations, CAuth2.0 allows users to retain full ownership of keys whilst protecting their funds from unauthorized transactions.<\/p>\n","protected":false},"author":1,"featured_media":301,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4,12,13],"tags":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/tonysbit.blog\/wp-content\/uploads\/2020\/08\/cauth2.0-sample-architecture-1.png?fit=485%2C417&ssl=1","_links":{"self":[{"href":"https:\/\/tonysbit.blog\/index.php?rest_route=\/wp\/v2\/posts\/289"}],"collection":[{"href":"https:\/\/tonysbit.blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tonysbit.blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tonysbit.blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tonysbit.blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=289"}],"version-history":[{"count":0,"href":"https:\/\/tonysbit.blog\/index.php?rest_route=\/wp\/v2\/posts\/289\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tonysbit.blog\/index.php?rest_route=\/wp\/v2\/media\/301"}],"wp:attachment":[{"href":"https:\/\/tonysbit.blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tonysbit.blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=289"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tonysbit.blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}