Wealth Security Protocol
Wealth Security Protocol
Go to Casa Home
Overview
💜Casa vs. Alternatives
Introduction
Option #1: Do-it-yourself
Option #2: Custodial Storage
Option #3: Commercial Systems
🔑System Design Principles
Introduction
Minimal Knowledge
High Security
Usability is Security
Expert Support
Redundancy
Sovereignty
Incentive Alignment
Bitcoin First
🚨Threat Overview
Introduction
Data and Credential Loss
Phishing
SIM Hijacking
Network Attacks
Malware
Supply Chain Attack
Physical Coercion
Child/Pet Attack
Internal Service Provider Attack
Platform / Hosting Provider Attack
Code Dependency Attack
Official Seizure
Inheritance Failure
🔐Chosen Features
Introduction
Hardware Wallet Signing
Multi-signature
Multi-location
Heterogeneous Hardware and Software
Seedless Hardware Wallets
Emergency Recovery Key
PIN or Biometrics for Mobile Key only
PIN for every device
Sovereign Recovery Instructions
Emergency Lockdown Button
Health Check
Identity Verification for Account Recovery
✅Chosen Key Schemes
3-of-5 Key Shield
2-of-3 Basic Multisig
Single-Key Wallet
❌Rejected Key Schemes
Key Sharding (Shamir’s Secret Sharing)
2-of-2
1-of-2
❌Rejected Features
Biometrics General Usage
Seed Phrase Backups
Financial Products and Services Integration
Brain Wallet -- Memory Based Solutions
Web-Based Key Management
Hardened Addresses
🔧Remaining Attack Vectors
Address Spoofing
Malicious Insider Key Theft
Extreme disaster scenarios
Extortion
👨‍🚀Future Improvements
Taproot/MAST
Schnorr Signatures
Powered by GitBook

Multi-signature

An ordinary single-signature bitcoin key is a single point of failure. If you’re securing a large amount of funds, this represents an unacceptably large risk of theft and loss.

No key storage method is perfect. All users of cryptocurrency must assume that they might lose a key to accident or disaster, or that an attacker will attempt and possibly succeed in stealing a key. You might have a sturdy safe at home guarded by a security system, but what happens if your house burns down, or if a close relative that knows your security system decides to steal it?

You could keep backups to make single signature bitcoin keys more robust to loss. But every backup increases the risk of theft, since any one copy is enough to steal the funds held by those keys. Multi-signature adds resiliency to the system because losing a single key to accident, disaster, or theft does not compromise your entire security. A disaster must wipe out multiple keys, or an attacker must compromise multiple keys, and all at the same time.

A 3-of-5 multi-signature (multisig) system is much harder to compromise than a 1-of-1 single key system. Multi-signature raises the cost of a successful attack by orders of magnitude, since the attacker must gain access to multiple private keys (in our case three), and not just one.

🔐Chosen Features - Previous
Hardware Wallet Signing
Next - 🔐Chosen Features
Multi-location
Last updated 9 months ago