Wealth Security Protocol
Wealth Security Protocol
Go to Casa Home
Overview
💜Casa vs. Alternatives
Introduction
Option #1: Do-it-yourself
Option #2: Custodial Storage
Option #3: Commercial Systems
🔑System Design Principles
Introduction
Minimal Knowledge
High Security
Usability is Security
Expert Support
Redundancy
Sovereignty
Incentive Alignment
Bitcoin First
🚨Threat Overview
Introduction
Data and Credential Loss
Phishing
SIM Hijacking
Network Attacks
Malware
Supply Chain Attack
Physical Coercion
Child/Pet Attack
Internal Service Provider Attack
Platform / Hosting Provider Attack
Code Dependency Attack
Official Seizure
Inheritance Failure
🔐Chosen Features
Introduction
Hardware Wallet Signing
Multi-signature
Multi-location
Heterogeneous Hardware and Software
Seedless Hardware Wallets
Emergency Recovery Key
PIN or Biometrics for Mobile Key only
PIN for every device
Sovereign Recovery Instructions
Emergency Lockdown Button
Health Check
Identity Verification for Account Recovery
✅Chosen Key Schemes
3-of-5 Key Shield
2-of-3 Basic Multisig
Mobile Key
❌Rejected Key Schemes
Key Sharding (Shamir’s Secret Sharing)
2-of-2
1-of-2
❌Rejected Features
Biometrics General Usage
Seed Phrase Backups
Financial Products and Services Integration
Brain Wallet -- Memory Based Solutions
Web-Based Key Management
Hardened Addresses
🔧Remaining Attack Vectors
Address Spoofing
Malicious Insider Key Theft
Extreme disaster scenarios
Extortion
👨‍🚀Future Improvements
Taproot/MAST
Schnorr Signatures
Powered by GitBook

Option #1: Do-it-yourself

The first alternative to consider is do-it-yourself storage systems, like the Glacier Protocol. These non-commercial options have the distinct advantage of being completely private. There is no need for anyone to know that the user holds cryptocurrency or has set up a storage system at all.

However, the downside comes in usability and support. For example, the Glacier Protocol was designed to serve a similar niche as Casa Keymaster. But in initial testing Glacier took 8 hours to setup and 4 hours to withdraw coins[1]. Even if practice can reduce this time, it still will require time on the order of hours for each transaction. Glacier involves hundreds of dollars worth of equipment, a complicated process that involves modifying laptop hardware, using the command line interface, and installing operating systems, with no reliable support in case something goes wrong.

Casa Keymaster was inspired by the Glacier Protocol. We aim to provide a similar level of high security designed for users with large bitcoin balances. But interacting with the Keymaster system to set up a wallet or to make a transaction takes minutes instead of hours and requires the level of expertise of any normal computer user. If something goes wrong, there is 24/7 dedicated support[2].

We do need to collect some data on the user to take payment, ship products, and contact them for support. But we are careful to collect the smallest amount of data possible to provide our customers with our services, as outlined in our Privacy and Data Protection Policy. For example, we collect shipping information to ship hardware to our customers, but we delete it after the shipment is made. We also silo customer data internally, so that employees only have access to customer data directly related to their function.

It is possible to use Casa pseudonymously[3]. Since we offer a non-custodial service, we are not subject to AML-KYC requirements. In fact, we try to know as little as possible about our customers. That’s because holding more customer data increases the risk of attack on our company directly. Additionally, holding more customer data dramatically increases the size of liability in the event of a direct hack or data leak.

In short, minimizing customer data not only protects our customers, it also protects Casa.

One major difference between Casa and open source solutions like Glacier is that Casa is more strongly incentivized to work in the interest of our users. The financial success of Casa is directly linked to our reputation and our yearly customer revenue fee. We succeed if our users succeed, and we fail if our users fail. If our users lose funds, they have no money to pay our yearly service fee. In contrast, open source projects are developed and maintained by volunteers. The developers don’t have as much skin-in-the-game. If their users make a mistake and lose funds, they suffer no material penalty.

[1] Source: author’s own experience and memory

[2] There are community support forums and channels, but these are strictly voluntary and offer no guaranteed level of service.

[3] Casa collects a small amount of identifying information to verify the authenticity of emergency recovery requests

💜Casa vs. Alternatives - Previous
Introduction
Next - 💜Casa vs. Alternatives
Option #2: Custodial Storage
Last updated 5 months ago