On October 28th, 2015, BitGo, a digital asset security platform, is set to launch the first-of-its kind automated, open source Key Recovery Service (KRS) software for provisioning cold backup keys. BitGo has stated that this new KRS offering is part of their commitment to providing the most secure digital asset vault in the world while also ensuring wallet users maintain control of their digital assets.
Before BitGo’s launch of their KRS, the options for creating and storing backup keys were limited. BitGo wallets have employed a 2-of-3 multi-signature model, in which one of the keys was generated on BitGo’s server and the remaining two keys were created by the user. The advantages to this have been that users hold 2 keys themselves, giving them full control over their funds. This has traditionally put the burden of secure key storage on the user. In the event that the user loses a key or forgets their password, they would lose access to their wallet. BitGo’s new KRS solution offers the option to choose from a list of secure third party Key Recovery Service providers to instantly generate and secure new backup keys.
Key Recovery Services specialize in the secure generation, storage, protection, and backup of private keys for use with Bitcoin wallets. Highly desirable to large enterprises due to the appealing security benefits, Key Recovery Services have been around for several years and are seeing increasing demand. Many companies and individuals considered them to be premium products due to the high costs associated with their services. BitGo responded by creating automated, open-source Key Recovery Service software which will reduce the cost to users and make KRS more attainable and prolific. This next generation 2-of-3 key model is configured to eliminate any single point of failure and create a trustless ecosystem by providing the user with one key, BitGo with the second key and the third party KRS with the backup key.
Keytern.al, a service that provides backup bitcoin holding keys, will be the first to incorporate BitGo’s new KRS software in their secure key management offering and are currently in discussions with the vault storage company, Elliptic. BitGo also plans to bring on additional KRS providers in the coming months. BitGo is encouraging other KRS providers to run their new software, vet the KRS code and begin integrations. You can access their fully functional KRS reference implementation guide on Github today.
Jeffrey Paul, Co-founder of Keytern.al, had this to say about BitGo’s new KRS:
As longtime advocates for accessible and practical techniques to improve safety and privacy for end users, we are thrilled about the opportunity to work with BitGo to deliver these important services to customers of their multi-sig wallet. Our experience over many years of cryptography engineering as well as working with most of the world’s leading bitcoin exchanges showed unambiguously that multi-sig is the single best way to avoid many risks associated with using bitcoin, and expert, safe, and convenient key handling is key to the success of multi-sig deployments.
BitGo’s new KRS is truly an important innovation to cryptocurrency security. As private keys are the tool by which people are connected to their money and therefore the ability to spend it. Therefore, proper key recovery and storage is integral to anyone maintaining any part of their savings with bitcoin. If a malicious agent were to get ahold of a private key they would be able to gain direct control of their savings and cause a lot of personal damage. Simply losing private keys can be disastrous, as well, because usually there is no way to recover a lost key. BitGo’s new KRS employs a unique variation of the 2-of-3 key model that is meant to disperse key storage among 3 different people. This decreases the chance of both malicious agents gaining the ability to spend other people’s money, or losing 2-of-3 keys simultaneously.
BitGo is a Bitcoin security company founded in 2013 by Mike Belshe, Will O’Brien and Ben Davenport, and headquartered in San Francisco, California. The company offers a multi-signature wallet service, and in June 2015, the company launched their ‘Verified by BitGo’ , a “proof of reserve” service for bitcoin companies. In 2014, the company obtained $12 million in venture capital funding by RedPoint Ventures, and in 2015 the company bought an insurance policy from XL Catlin against theft from its wallets
.What do you think of BitGo’s new key recovery system? Let us know in the comments below!
Source: Press Release