Casa provides secure storage solutions for digital wealth, namely Bitcoin. Our flagship product is Keymaster, a software + expert service system designed to provide the highest level of cryptographic key security and usability.

Cryptocurrency security is a young domain. As we develop our products, we consider many different possibilities for storage best practices, making reasoned tradeoffs between different risks. Our goal in performing this work analyzing different solutions is to remove the burden of doing so from our customers.

In this document, we record our approach to key management and wealth security, including the tradeoffs and possible alternatives to what we’ve built.

Motivation

The same features that give cryptocurrency its appeal make cryptocurrency storage hard.

Most digital coins feature immutable ledgers and lack a central authority to appeal to in case of theft. Bitcoin is a digital bearer bond, like cash. Once sent, a transaction cannot be cancelled or reversed.

These features make the private keys that control a cryptocurrency wallet into an appealing target for thieves. Stealing cryptocurrency keys offers a much more certain and direct route to profit than other information thefts such as email or credit card credentials. Plausible attacks include phishing and social engineering, malware, fake software libraries and applications, malicious hardware, and network attacks. The rise of cryptocurrency marks a new era in information security for personal computing. Never before have the stakes been so high.

The importance of keeping private key information out of the wrong hands makes cryptocurrency owners cautious about where they store backups. They avoid storing backups on unencrypted clouds or common storage devices. But the precautions that protect against theft can open the door to the risk of loss. A failed disk drive, a lost hardware wallet, or a forgotten password can mean loss of cryptocoins with no possibility of recovery.

The storage of cryptographic keys violates the expectations that users might have developed from handling other pieces of sensitive data. If they forget their email password or lose their credit card, there are authorities to appeal to in order to restore their accounts to normal. If their credentials for a website are compromised, they can contact support to freeze their account and restore it to their control. These fail-safes are not available in the world of cryptocurrency.

Cryptocurrency storage requires new habits of thinking and action. With greater control comes great responsibility.

Risks can be separated into the risk of loss and the risk of theft. Some storage features will reduce one risk while raising the other, while others will reduce both. With Casa’s Key Security Protocol, implemented in Casa Keymaster apps and services, we’ve assembled the best known balance of features available with today’s technology to minimize risk of both loss and theft.