In a Casa Keymaster setup, Casa retains one of the keys to provide a signature in case of emergency recovery situations. This is useful to protect clients, but creates a vulnerability if an attacker can trick Casa into signing a recovery request that transfers the user’s bitcoin into the attacker’s wallet.
To protect against this Casa verifies the user’s identity on all recovery signature signing requests using a special process detailed to clients during activation. We keep details of this process private, but note that the process includes a significant signing delay and a series of regular user notifications when a recovery request is made. The signing delay and notifications increase the odds that an attack would be caught and reversed before the recovery signature occurs.