Software Cold Wallet — RHODL Crypto Deposit Box

Many hold crypto these days. But what happens to the coins in case of an accident? How to save coins from vanishing in the blockchain limbo? How your loved and cared ones can access the digital treasure that i hodl for so long in such case? Hilarious as it might sound at first, recently this becomes a more and more a nuisance for many involved in the cryptocurrency community. Although there are some early solutions to this problem, such as the so called cold storage devices, in today’s article I’ll try to present a novice approach toward this challenge using a mobile application RHODL.

Imagine having a decentralized notary that can guarantee that in case of any trouble your digital wealth is given to selected people. You, as the sole owner of the digital money, can choose to whom the money is granted in case of any unexpected problems. Moreover, by the time being, you keep full control over the digital assets — no risk of a relative or close one changing her mind and running away with all your digital coins.

This is the key concept powering the new project that i’ll share with crypto community — the mobile application for cold storing digital assets in a “notary-wise” way. The user of the application will have a possibility to create a deposit box on his phone and share it with beneficiary, i.e. the people who may have access to digital assets in case of death or any other disturbance.

So who might be the user of the application? How can i find early adopters for the application. Here is how i define my early users:

  • owns a crypto, preferably a mainstream one (bitcoin, ethereum, litecoin)
  • uses digital wallets to buys/sell/trade crypto
  • is 30–40 years of age
  • is active participant of the crypto community (reddit crypto groups, crypto twitter)
  • uses an android mobile device
  • is interested in new applications for crypto market
  • knows what is a cold wallet
  • preferably runs a full node of any major cryptocurrency
  • has relatives/close ones that she wants to provide for with her digital assets

I would like to start with small scope — the so called Minimum Viable Product version of the app so here are key features of the application:

  • being able to store private key of the digital asset in a digital deposit box — it must be safe and comply with the well known crypto adage — “not your keys not your coins”
  • being able to share the private key but in a such way that full control (security) over the coins is preserved and amount is not disclosed
  • being able to attach a personal note to the beneficiary who eventually unlocks the box — so one can place instruction how to use the private key to access the assets or just say a last farewell word.
  • being able to timelock the box so the beneficiary can’t access the asset in an uncontrolled way
  • being sure that in case of an unexpected situation (illness, accident) the coins will not be lost forever (due to the fact, that nobody else holds private key) — conversely the private key will be revealed to the relatives/beneficiary on such event

Shared But Secure & Timelocked — How It Works

Here is the proper moment to explain general theoretical and mathematical idea that is the foundation of the RHODL deposit box application.

We have three actors participating in the proces of creating and unlocking a crypto notary deposit box:

  • Hodler aka owner of the digital asset. This is a person that has full control over digital coins (holds the private key). The hodler wants to make a crypto notary deposit box to secure his relatives in case he can’t access the coins (severe illness, accident).
  • Beneficiary/relative/close one. This is a person that will eventually gain full access to the digital asset. Until then the person simply knows that there is such an asset but has no control over it nor has any insight into value of the asset.
  • RHODL application. This is a Peer2Peer coordinator, that bounds the hodler and the beneficiary. The application does not have nor store the private key. The application only orchestrates the creation and unlocking process of the crypto notary deposit box. It also enforces timelock constraint on the deposit box.

The hodler uses mobile app to encrypt both his digital coins as well as an optional, personal note.

Encryption is done on his mobile device, not shared to anybody. Encryption uses the Shamir’s Shared Secret Algorithm. The algorithm allows to encrypt a secret (bitcoins and personal note) in multiple parts in such a way that one needs at least k parts to unlock the secret. Knowing only one part of the secret is not sufficient to decode it.

In the MVP version of the application the secret (coins and a note) is shared in two parts. One needs both parts to unlock the crypto notary deposit box.

First part of the lock/unlock key called the Key A will be hold be the Hodler. Second part of the lock/unlock key called the Key B will be sent to the Beneficiary.

The secret (i.e. encrypted coins and note) will be stored in the RHodl application cloud storage for further unlock/decryption. This is safe both from the Hodler and Beneficiary perspective as the RHodl application does not have access to the Key A and Key B. The app only has the encrypted secret which can’t be unlocked unless you provide both keys, A and B.

Security Considerations

Let’s summary why the idea for the RHodl crypto deposit box is safe and fully adheres to the not your keys not your coins principle:

  • Private key that controls coins is not shared. It does not leave the mobile device.
  • Private key that controls coins is encrypted into compound secret (the actual crypto deposit box processed by the application) using the Shamir Secret Sharing algorithm which is proved to be cryptographically secure
  • Only encrypted private key locked in the crypto deposit box is shared between the Holder’s device and RHodl application cloud. Even on a rare occasion of a security breach in RHodl app the attacker will not reveal private keys of Hodlers due to the fact that the app only stores Shamir encrypted versions of the keys.
  • There are two parts of the unlock key generated. The first key (the “A” Key) is presented to the Hodler. The second key ( the “B” key) is presented to the beneficiary. The beneficiary can’t unlock deposit box as the beneficiary holds only one of two required unlock keys.
  • The Hodler can put his “A” key in his last will or in a bank deposit box or in any way convenient to him. He can rest assured that neither the bank nor notary will not gain control over his coins as having only one key is insufficient to unlock crypto deposit box.
  • In a rare occasion when the beneficiary somehow gets unauthorized access to the Hodler’s “A” Key there is a timelock prevention mechanism implemented. As the encrypted deposit box is managed by the RHodl cloud application the deposit box will not be available for unlock until the timelock is elapsed. So one can even image a situation when the Hodler shares his key with the Beneficiary the very moment the crypto deposit box is created. The Hodler can rest assured that timelock prevents from opening the deposit box too early.
  • Having the mobile phone with the application stolen or hacked is not a problem. The private key is safe in the Shamir encrypted way in the cloud. So the mobile phone attacker will not benefit from having full control over the mobile device.

Sort of a Cold Wallet?

So one may say, that this application is a sort of a cold software wallet. There are many hardware cold wallets (Trezor or any other) but they lack the secure sharing capability. When using a hardware cold wallet your coins are secure but at the same moment the owner of the wallet must store somewhere his “unlock phrase” — this is usually a set of words that need to be remembered or stored somewhere in order to access coins stored in the cold wallet. So this can be easily stolen or lost.

Nevertheless in case the owner of the cold wallet suffers an accident the coins may be lost forever also. Storing the “unlock phrase” with notary is similar to disclosing the private key to the notary so not that secure.

The app that I’m making provides similar security scheme as the cold hardware wallet but provides many benefits that are lacking in the hardware cold wallets.

Why don’t you give it a try?

Download the app

NOTICE — sorry, the app is currently in the making. As soon as it is released the link to the crypto notary deposit box app will be shared in this article.

However if you find the app interesting and wish to join the early beta users group then DM me at Twitter@ObserverYenten

More reading

Hope you enjoyed the article. Here is more on the topic.

  • How to — Creating Crypto Deposit Box. More detailed description of the coins encryption experience accompanied by UI diagrams and mockups.
  • How to — Unlocking Crypto Deposit Box. More detailed description of the coins unlocking experience accompanied by UI diagrams and mockups.
  • Hands on coding experience recorded live on video sessions.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Yenten Observer

Cryptocurrency freak. Freedom, ecology and free market above all.