Threshold Signatures

Its like a having a Fort Knox digital asset vault in your pocket!

digital-wave-dark1500x760.png
 

Digital Asset Security Just Got Better

Digital assets like Bitcoin, Ethereum, Ripple and others promise to revolutionize commerce and financial services globally. While the ultimate dominant digital assets offerings are yet to be determined, the one thing that’s certain is the need for more effective digital asset security.

Conventional single-signature and multi-signature (Multi-Sig) security schemes have proven time and again to be woefully insufficient. Fortunately, a new multiparty transaction security scheme based on threshold cryptography is redefining how digital assets and the wallets which account for them are secured.

Sepior™ ThresholdSig is the industry’s first multiparty approval digital signature technology that uses threshold cryptography with multiparty computation (MPC) to secure digital asset transactions. By securing the transactions, which move assets from one wallet to another, Sepior ThresholdSig secures the wallet and all associated digital assets. And it does so with industry leading security, privacy, and on-chain efficiency to minimize costs and transaction latency.


It’s Simply More Secure, More Private, and More Efficient

For the past decade, Single Signatures were the default transaction security scheme and multiparty approvals using Multi-Signatures (MultiSig) were used for more advanced transaction security. Sepior™ Threshold Signatures (ThresholdSig) with MPC provides the best attributes of each of those technologies and more, while:

* improving security,

The concept of having multiple parties collectively approve a transaction is not new. It's unquestionably more secure than a single signature, single approval model. While MultiSig introduces support for multiple approvers, each approver's signatures is recorded on-chain. And everytime there is a change of approvers, security policies, or a refresh of a key these changes are recorded on-chain for all to see.

This MultiSig attribute effectively broadcasts security policies to potential adversaries, which is never a good security strategy. It also results in substantially increased transaction sizes which make it financially impractical to support more than a 2 out of 3 approval model with MultiSig.

Sepior ThresholdSig changes all of that by moving security policies off-chain and recording a standard single signature with the transaction regardless of if 2, 3, 4 or more approvers actually approved the transaction. The result is increased security that is practical to achieve in the real-world.

* increasing privacy,

By moving the security policies off-chain the public record no provides the electronic breadcrumb trail which aids the reverse engineering of who puchased what.

* increasing scalability with performance,

Moving security policy management and enforcement off-chain improves both scalability and performance. The transaction appears on-chain as a highly efficient single signature regardless of the number of approvers, keeping transactions small. This in turn increases the number of transactions that can be packed into a fixed length block to maximize transaction throughput during peak periods.

Sepior's implementation of threshold signatures allows for asynchronous approvals, with sub-millisecond approval cycles for fast, high-throughput transactions.

* minimizing total lifecycle costs.

Threshold Signatures provide industry leading security with the lowest upfront and recurring costs to minimize total lifecycle costs. Sepior ThresholdSig can be implemented with virtually any digital asset, without requiring the procurement and maintenace of dedicated Hardware Security Modules (HSMs) which are highly recommended to store the private keys used with MultiSig. ThresholdSig is different. A private key is never generated or stored on any device, thus there is no private key to store in an HSM.

ThresholdSig also provides the ability to regenerate lost key shares used by individual approvers, so there's not technical requirement to store key shares for backup either.

Unlike MultiSig, ThresholdSig with multiparty approvals always records just one standard single signature with the transaction. The resulting smaller transaction size results in higher miner willingness to prioritize with lower transaction fees, for lower recurring costs.

And the ability to refresh key shares without requiring a transaction (as is required with MultiSig) means you can refresh key shares without transaction fees.

A comparison of features and benefits of available signature approval technologies illustrates why Threshold Signatures are simply a better approach.

signature-comp-table-v3.png
 
 

MultiSig introduced the first generation of multiple approvers digitally signing to approve each cryptocurrency transaction. Unfortunately, many of the undesirable attributes of MultiSig result from recording the digital signatures of each approver on the transaction record. Threshold Signatures with multiparty computation (MPC) are similar in functionality but fundamentally different in implementation. The result is an equivalent number of multiparty approvers is more secure with ThresholdSig and it’s easy to raise the bar for security by simply increasing the number of approvals to take security to an even higher level.

Introducing ThresholdSig for institutional grade security of cryptocurrency wallets and transactions.

Maximize Your Wallet Security Today

Sepior™ ThresholdSig wallet security is available to cryptocurrency exchange providers and other providers of institutional grade wallet applications and services through technology licensing agreements. Sepior will provide the enabling software, toolkits, and licenses for you to customize your implementation of threshold signature wallet security services with your personalized wallet.

  • Crypto Wallet Client SDKs: Providing Threshold Key Management System (TKMS) libraries used by Java, Android (Java), and iOS (Swift) devices

  • Crypto Wallet Service: providing TKMS service for exchange and custodial service providers

Looking For A Simple Turn-Key ThresholdSig Wallet Solution?

Sepior™ ThresholdSig is highly customizable and can be adapted to virtually any wallet or signature application. But sometimes you simply want a turnkey wallet that is already developed and has all of the features of complete wallet solution that can be rapidly private labeled with your own logo and rolled out to your customers. No problem.

Sepior does not offer a turn-key wallet solution directly to our customers, but we have multiple ThresholdSig technology customers who already have or will soon offer their own white label turn-key ThresholdSig wallets that you can brand and rapidly offer to your customers.

Learn more about ThresholdSig turn-key wallet solutions here: Turn-Key Solutions

Features

  • Flexible m of n multiparty approvals
  • Maximum security - no private key ever exists in a complete form, mitigating the potential for theft
  • Maximum privacy - no electronic bread crumb trail of approvers to associate with transactions
  • Minimum transaction fees, only one on-chain signature regardless of the number of approvers

more...

  • Institutional-grade cryptocurrency secure wallet and transaction technology

    • Maximizing security, privacy, and availability of digital assets.
  • Industry’s first threshold-signature wallet security

    • Security of multiple approvers with the on-chain efficiency of a single-signature.
  • Single-key transaction density yields preferential processing

    • High transaction density is attractive to miners, resulting in lower transaction mining fees.
    • Maximizing transaction density enables more transactions per block, benefitting users, exchanges, and miners.
  • Threshold approvals support – enabling (m of n) approval control for the real world

    • Approve transactions even if a device is unavailable or has been compromised.
  • Flexible off-chain policy changes – add / delete approvers, change policies without on-chain changes

    • Greater agility, providing flexibility on day to day operations, and navigation of future regulations.
    • Key refresh without requiring a transaction
    • Change approvers without creating and dstributing new keys.
    • Static published account numbers while accommodating changes.
  • No on-chain broadcast of policies or changes

    • Increases privacy and reduces hacker knowledge.
  • Uses Threshold Cryptography with secure multiparty computation (MPC) - distributing key shares and computation across multiple devices to securely approve transactions

    • No whole key ever exists on any device, minimizing the potential for key theft.
  • Flexible key share recovery – MPC generation of new replacement shares through threshold computation

    • Addressing real world issues, with operational simplicity.

Sepior™ ThresholdSig offers numerous benefits over MultiSig and single signatures. Contact Sepior today to learn more about how to elevate your security, while reducing cost and complexity.

Ready for a bit more detail? Check out these links:

 
 

Threshold Signatures

Changing Digital Asset Wallet Paradigms!

digital-wave-dark1500x760.png
 

THE Wallet SHUFFLE

Prior to Threshold Signature wallets, conventional thinking consisted of up to three different types of wallets and shuffling digital assets between them:

  • Hot Wallets

    • On-line connected wallets, storing digital assets for near term transactions.

  • Warm Wallets

    • Intermittently on-line and off-line wallets, used to transfer digital assets between hot and cold wallets. Frequently employing white lists to limit transactions to pre-approved wallets only. Off-line (air gapped) when not in the process of moving digital assets between long term and short term storage. Only stores digital assets as the interim step between hot and cold wallet transfers.

  • Cold Wallets

    • Off-line wallets, ranging from paper notes of public and private key addresses to air gapped electronic storage devices which are never connected directly to the internet. Implementations may include physical security of the storage device with rigorous access control policies and delayed access intervals of up to 24 hours or more. Primarily used for long-term storage of digital assets.

Clearly, storing the bulk of your digital assets in long term off-line, physically secured storage is more secure than storing long term assets in a single signature or MultiSig hot wallet. However, the cost, operational complexity, latency of moving digital assets from hot to warm to cold wallets to achieve trusted security is operationally expensive, error prone, and may cost far more in valuation fluctuations when urgent transactions are delayed during volatile market periods.

Sepior ThresholdSig enables the choice to either dramatically increase the security efficacy of the hot-warm-cold wallet shuffle, or the option to eliminate one or potentially even two stages and still enjoy industry leading security.

MINIMIZE THE SHUFFLE WITH MPC

The big vulnerabilities with digital asset storage is the security of the private key(s) used to generate signatures which allow the transfer of assets from one account to another. If the key is stolen or is fraudulently used by a bad actor, the assets are easily stolen and reversal of the fraudulent transaction is effectively impossible. The concept behind cold and warm wallets is to use physical, air gapped isolation as a means of minimizing the potential for key theft. That’s one approach, but Sepior offers a better approach using ThresholdSig with multiparty computation (MPC).

Maximize Your Wallet Security Today

Sepior™ ThresholdSig wallet security is available to cryptocurrency exchange providers and other providers of institutional grade wallet applications and services through technology licensing agreements. Sepior will provide the enabling software, toolkits, and licenses for you to customize your implementation of threshold signature wallet security services with your personalized wallet.

  • Crypto Wallet Client SDKs: Providing Threshold Key Management System (TKMS) libraries used by Java, Android (Java), and iOS (Swift) devices

  • Crypto Wallet Service: providing TKMS service for exchange and custodial service providers

Looking For A Simple Turn-Key ThresholdSig Wallet Solution?

Sepior™ ThresholdSig is highly customizable and can be adapted to virtually any wallet or signature application. But sometimes you simply want a turnkey wallet that is already developed and has all of the features of complete wallet solution that can be rapidly private labeled with your own logo and rolled out to your customers. No problem.

Sepior does not offer a turn-key wallet solution directly to our customers, but we have multiple ThresholdSig technology customers who already have or will soon offer their own white label turn-key ThresholdSig wallets that you can brand and rapidly offer to your customers.

Learn more about ThresholdSig turn-key wallet solutions here: Turn-Key Solutions

Features

  • Flexible m of n multiparty approvals
  • Maximum security - no private key ever exists in a complete form, mitigating the potential for theft
  • Maximum privacy - no electronic bread crumb trail of approvers to associate with transactions
  • Minimum transaction fees, only one on-chain signature regardless of the number of approvers

more...

  • Institutional-grade cryptocurrency secure wallet and transaction technology

    • Maximizing security, privacy, and availability of digital assets.
  • Industry’s first threshold-signature wallet security

    • Security of multiple approvers with the on-chain efficiency of a single-signature.
  • Single-key transaction density yields preferential processing

    • High transaction density is attractive to miners, resulting in lower transaction mining fees.
    • Maximizing transaction density enables more transactions per block, benefitting users, exchanges, and miners.
  • Threshold approvals support – enabling (m of n) approval control for the real world

    • Approve transactions even if a device is unavailable or has been compromised.
  • Flexible off-chain policy changes – add / delete approvers, change policies without on-chain changes

    • Greater agility, providing flexibility on day to day operations, and navigation of future regulations.
    • Key refresh without requiring a transaction
    • Change approvers without creating and dstributing new keys.
    • Static published account numbers while accommodating changes.
  • No on-chain broadcast of policies or changes

    • Increases privacy and reduces hacker knowledge.
  • Uses Threshold Cryptography with secure multiparty computation (MPC) - distributing key shares and computation across multiple devices to securely approve transactions

    • No whole key ever exists on any device, minimizing the potential for key theft.
  • Flexible key share recovery – MPC generation of new replacement shares through threshold computation

    • Addressing real world issues, with operational simplicity.

Sepior™ ThresholdSig offers numerous benefits over MultiSig and single signatures. Contact Sepior today to learn more about how to elevate your security, while reducing cost and complexity.

Ready for a bit more detail? Check out these links: