The easy way to start a company security article is to say: “Your security is our highest priority.” At iTrustCapital, we feel we have to go further than just making broad statements. The post COVID19 world demands it.
Individuals and companies are coming to realize the fragility of existing infrastructure. Everything from the supply chain to how we go to work each day has changed drastically in the last 90 days. We believe financial services need to do more than just keeping bad guys out. At iTrustCapital, we make sure that we keep the good guys in. Our clients maintain direct title to their investments. No matter what happens to the world around us, our decentralized infrastructure ensures uninterrupted access to client assets.
Securing Platform Assets with Curv
Unlike almost all cryptocurrency platforms, iTrustCapital’s service does not allow the sending of cryptocurrencies. Any transaction, a buy, or a sell stays within our network. This unique benefit enables us to set a series of firewalls, ensuring assets remain secure.
Firewall #1 No Private Key
The core of Curv’s security platform is Multi-Party-Computation (MPC) technology that allows us to sign transactions without the single point of failure associated with a private key.
What is a private key?
Usually, cryptocurrency transactions are authenticated by the chain when a user signs it a private key. A private key is a block of text that’s generated with a wallet address. These either exist as a text file on a computer, database, or hardware security device. If a malicious actor gains access to a private key, they’ve stolen the asset.
How do we get rid of the private key?
(MPC) technology replaces the private key by distributing the cryptography across multiple nodes. No single device has enough mathematics to sign a transaction. Furthermore, these nodes periodically change cryptographic packages when they resync on the network. iTrustCapital nodes communicate with Curv’s nodes, which maintain an additional authentication infrastructure. Curv can’t sign transactions without iTrustCapital’s nodes, and we cant sign without Curv’s nodes.
Firewall #2 Destinations Limited to Crypto Exchanges
Curv’s authentication infrastructure allows us to restrict the destination addresses for our institutional wallets. It is, therefore, impossible for our systems or internal staff to transmit cryptocurrencies outside of our network of liquidity providers.
Firewall #3 Multi Authentication
Even though we restrict wallet destinations, we still require any sending transaction to be authenticated by more than one staff member. Our wallet balances are regularly audited to ensure they add up to the penny.
Disaster Recovery Procedures
When we created the iTrustCapital investment platform, we wanted to create a system that ensured our clients have direct access to their assets. We feel this is what sets us apart from traditional investment services. No matter what happens, your assets are yours, and you should have access in any scenario.
The iTrustCapital platform is hosted using 100% cloud-based infrastructure with backup copies distributed on the east and west coasts. Similarly, our digital asset storage secured by Curv is secured by multiple redundant nodes, with no single node having the ability to sign a transaction. In response to the COVID19 crisis, we leveraged our cloud-based infrastructure to enable 100% of employees to work from home.
What if Curv’s infrastructure goes down?
If Curv’s system goes down, we can extract traditional private keys with the backup files created on our nodes. We can’t extract these keys without the backup key, which is stored separately from the backup data. iTrust personnel (including its executives) do not have access to the backup key. The key is only accessible within our disaster recovery procedure, which requires the multiple sign-offs from entities including Sunwest Trust.
What if iTrustCapital’s platform goes down?
Platform assets are held by Sunwest Trust. Sunwest is a state-regulated custodian that’s been in business for 30 years. If iTrust’s platform goes down for any reason, Sunwest has procedures to recover your assets and send them where you need them.