Private key management is challenging for enterprises. Private keys enable users to sign cryptocurrency transactions. Traditionally, a wallet creates and manages a private key and a public key. The private key is saved on a computer’s hard drive and used to authorise transfers of funds. This traditional approach means that enterprises face two main challenges:
- Security vs Availability: Enterprises must keep their private key secure to avoid theft or security compromise and at the same time must have the private keys constantly available to avoid delays in settlements.
- Outsourcing vs Control: Enterprises may outsource the complexity associated with private key management to a custodian. However, by doing so, control over funds is lost since custodial services are in a position to unilaterally transfer clients’ funds.
THRESH0LD provides a superior alternative to traditional key management solutions with zero private keys, and the self-custody of assets.
Zero Private Key
Our solution leverages threshold cryptography and advanced multi party computation (MPC) to offer a keyless infrastructure where no private keys (or portions of private keys) are ever created, stored or shared at any point. This enables our customers to benefit from a highly secure and highly available service.
Self-Custody, Easy to Use
THRESH0LD offers an easy-to-use and intuitive solution which remove the complexity associated with private key management while providing full control to our customers. Only they can create, operate and manage their wallets and the policies which govern them, only they can create and approve transactions made from their wallets. Our cloud-based dedicated infrastructure solution is self-managed placing even more control in the hands of enterprise customers.
Highly Secure, Available and Resilient
To deliver higher security, our MPC solution uniquely involves 3 independent computing parties: the customer, THRESH0LD, and a 3rd party selected from a list of vetted partner companies. Each party runs an MPC node within their own secure network, making security compromise attempts extremely hard.
To deliver higher resilience, our MPC platform is built on a 2-of-3 computation threshold model. In the event one of the 3 MPC nodes becomes unavailable, the remaining 2 nodes continue to provide uninterrupted services.
To deliver higher availability, all 3 MPC nodes run on dedicated servers online 24/7/365. By removing transaction signatures from mobile phones and laptops, we make sure your business and customers can transact anytime both Day & night.
Custody v Non-Custody
Custodial wallet solutions are used by some businesses. But, in doing so, all control of their data assets are delegated to the custodian. In the event of a policy change, the business has no choice but to comply. Unlike custodial solutions, non-custodial wallets give businesses full control so they can minimise:
- losing control of their assets by managing their own wallets
- and eliminate the possibility that a custodian can unilaterally access/spend their funds
- data loss by managing their own data
- loss time by changing wallet policies without waiting for a 3rd party
Full Controls Designed For Self-Custody
Our unique bank-grade policy engine puts all the controls in the hands of our customers and leverages multiple security layers to ensure enforcement.
- Self-managed policies – our clients create and self-manage their wallet policies
- Multi-level transaction approvals – approval by senior management can be triggered for transactions above desired threshold amounts
- M-of-n approvals – approval is only gained when a desired necessary quorum is reached
- Auditor role – all transactions and their metadata can be reviewed by internal or external auditors
- Tamper-resistant policies – Database integrity is verified every time a new transaction is requested
- Out-of-band authentication & authorization – purpose-built mobile app is needed by team members to login and authorize critical wallet operations and many more, all of these above mentioned features are for dedicated infrastructure clients only
Non-custody, better than “bank grade”
We remove the burden of the single atomic private key and split the responsibility between multiple parties. We use threshold cryptography and MPC (Multi-Party Computation) to enable multiple parties to securely and collaboratively sign transactions.
Each of the parties generates its own secret (key share) and uses this secret to partially sign a transaction without revealing the secret to the other parties. The other parties add their own partial signatures. A fully valid signature is created and the transaction is sent to the blockchain network. In this way, we introduce Threshold signatures at the transaction signing level.