Ethos Cryptocurrency Wallet Smart Keys

How the Universal Cryptocurrency Wallet Smart Keys Enables Consumers to Protect and Own Their Money

Introduction

Cryptocurrencies, such as Bitcoin and Ethereum, bring unique benefits to the world of personal finance by pairing the ability to own and store your digital assets in a cryptocurrency wallet, with the ability to cheaply, securely and almost instantly transfer them to others.

A blockchain, simply put, is an open record keeping system that’s maintained by a peer-to-peer network where everyone has access to read and potentially write data. Because of the open nature of blockchain, it’s absolutely necessary that all the data on the chain is verifiable as authentic and can’t be manipulated after the fact. To guarantee that all of our transactions are authentic, we turn to cryptography which gives us the ability to generate digital signatures and fingerprints.

The Ethos Cryptocurrency Wallet Smart Key is a unique digital signature that is used to verify the authenticity of transactions originating from your wallet. Any time a digital asset is transferred out of your Ethos Universal Multi Cryptocurrency Wallet, your Smart Keys will provide the authorization needed to execute the transaction. Ethos Keys are “Smart” because your one key represents all of your funds, regardless of what form of cryptocurrency you are using. This allows you to backup and restore all of your wallets with a single key phrase.

How safe is it?

Ethos leverages well-tested cryptographic standards and methods to ensure that your Universal Wallet uses an extremely high degree of security. The passphrase is 24 words (vs the 12 word standard used in many wallets) and the keys themselves are 256 bit, meaning uncrackable.

As discussed in the next few sections, the bulk of the security offered by the Ethos Universal Cryptocurrency Wallet and Smart Keys comes from modern cryptographic techniques, such as public-key and elliptic-curve cryptography, and their ability to generate secure and verifiable digital signatures and fingerprints. Let’s first consider some background to fully understand the mathematical magnitude of the protection.

Ciphers, Hashes, and Digital Fingerprints

The concept of a cipher is fundamental to cryptography. The roots of cryptographic hashing go back to 50 BC, during the reign of Julius Caesar and the Roman Empire. At that time, the official means of communication was a courier service that was highly vulnerable to espionage and interception. To throw off their enemies, the emperor and his consul would communicate by scrambling the letters of their messages before sending them. Upon receipt of a message, the letters would have to be unscrambled to reveal the original message.

One method of doing this was to shift every letter over by one, so that every instance of the letter ‘a’ would be replaced by ‘b’, ‘b’ would be replaced by ‘c’, and so on. This now commonly referred to as a Caesar Cipher, or a Shift Cipher, because the method to conceal the message is simply shifting each letter over one.

In this case the message ‘hello’ would become ‘ifmmp’ and the courier tasked with delivering it would ideally not be aware of the method used to scramble the message. Anyone who intercepted this message would also not know what to make of the seemingly nonsensical message. The “key” in this example is the method of encoding the message.

Over the next two thousand years, this idea of a cipher was further developed into that of a cryptographic hash, which in simple terms is a more sophisticated way of scrambling a message so that it’s very difficult to reverse. Hashes also have the property of, given some data, being able to reliably create a unique digital fingerprint of that data.

Everytime you submit a transaction to the blockchain, a fingerprint of your transaction is created and used to link the blocks in the blockchain, ensuring that the data in each block hasn’t been manipulated. For example, if you spend one bitcoin and someone tries to go back and manipulate the record to say you spent 10 bitcoin, it would invalidate all of the fingerprints in the blockchain leading back to that transaction.

Digital Signatures

Public Key Cryptography

Equally fundamental to the field of modern cryptography is the concept of Public Key Cryptography. In Public Key Cryptography there is the notion of a shared public-key that can be used by anyone to encrypt a message; then only you, with the corresponding private-key can decrypt to read the original message.

One of the most important properties of Public Key Cryptography is that, given a key-pair, its possible to generate a signature, digital proof of ownership of addresses that derive from your key. So whenever you send a transaction to the blockchain, it includes a signature proving that you are the owner of that address and therefore authorized to make that transaction. If the signature doesn’t match the public wallet address, the transaction is deemed to be unauthorized and is rejected by the network.

Elliptic Curve Cryptography

Elliptic Curve Cryptography is a type of Public Key Cryptography that makes private and public key generation even more secure due to the mathematical properties of elliptic curves that make it extremely difficult to reverse engineer the private key from the public keys.

Ethos Smart Keys are created from a cryptographically random number known as a seed. Sometimes seeds are created by a random number generator. However, this isn’t 100 percent secure because sometimes a hacker can re-generate a random number by knowing when it was generated and using a timestamp.

To ensure a higher degree of randomness, you generate your seed with a combination of a random number and another random number created by shaking your phone the first time you open the app. The unique signal from this process ensures that no one will be able to guess a non-random seed like your birthday, phone number, or a timestamp.

This seed is then used to generate private and public key-pairs on a secp256k1 Elliptic Curve, the results of which are hashed several times and encoded to reveal your public wallet addresses. By creating your Smart Keys this way, you can safely share your public keys and rest assured that only you have access to spend the funds in those wallets with your private key.

A Brave New World

Now that you know a little bit about the technology we use to secure your Universal Cryptocurrency Wallet, you might want to know exactly what we’re protecting you against. The follow are the most common exploits that are used by “bad actors” to gain control of your funds.

Jailbreaking and Mobile Security

Jailbreaking is a popular method of unlocking non-standard features on your mobile device. While this can be an easy and fun way to personalize your phone, doing so goes around some very important security features of your phone, and can give unauthorized apps the ability to snoop around your phone and potentially sniff out your keys.

While the Ethos Universal Cryptocurrency Wallet does everything it can to secure your keys on your phone, it’s very important that you never jailbreak your phone or install apps that aren’t approved by the app store. We can’t emphasize enough how important it is that you never use the Ethos Universal Wallet on a jailbroken phone.

Dictionary Attacks: Cracking Passwords

Someone who wants to gain unauthorized access to your cryptocurrency funds is going to be most interested in finding out your private key. To crack a password, or in this case a key, a hacker would typically use a “brute force” method and employ what is commonly known as a “Dictionary Attack.” This method involves a linear search through a dictionary of common words, comparing passwords systematically against each word until a match is found. While this may sound like a lot of work, remember that an average computer alone can execute billions of operations per second.

Hypothetically, say someone were to chose the very insecure password “castle”. A dictionary attack on this password would take about 3 seconds, which is the time it would take a computer to try all of the words in the dictionary before “castle” is found as a possible password.

Let’s add a little bit more complexity to this password by adding a random number to the end of it, for example, “castle123”. This seemingly more complex password still takes only 27 seconds to hack.

Stringing together dictionary words, ie, “castleone” would take considerably more time to hack (11 days, 8 hours) but still within the realm of possibility for a properly motivated hacker with the right equipment.

 

 

Good News: There’s Safety in Numbers

As demonstrated, adding just one additional word to a password provides an exponential increase in its security. If we take this idea to the next level, we can quickly generate a password that would take an unimaginable amount of time and energy to guess, with even the most sophisticated computers available.

 

 

Even considering that every 18-months, new computers with twice the computational power are released at half the price, a 12-word password will still be secure for generations to come. And to be extra secure, Ethos uses 24-word passwords.

Introducing the Ethos Cryptocurrency Wallet Smart Keys

An Ethos SmartKey is a unique 256-bit key signature that is yours and yours only. It is generated and secured on your mobile device, and should also be written down on a piece of paper, aka “paper wallet”, and stored in a safe place or memorized.

 

 

When you open the Ethos Universal Multi Cryptocurrency Wallet App for the first time, you are asked to shake your phone to create your first wallet. The shaking motion generates a random number that is impossible to recreate, and your key is generated on your phone based on that random number.

Your key is then automatically mapped to a 24 word phrase that gives you the convenience of backing up and restoring your wallets with an easy to read mnemonic. It’s very important that you physically write this phrase down and keep it in a safe place in case you lose your phone. When you get a new phone you can restore all of your wallets easily by entering the backup-phrase.

 

Important SmartKey Safety Tips

  • Write your backup phrase down in a private place away from any cameras or windows.
  • Never copy / paste your private key, always type it in.
  • Do not store private keys on services like Google Drive or Dropbox
  • Never share your private keys.
  • Reputable firms will never ask for your private keys via email, phone or chat.

How many SmartKeys are there?

SmartKeys are generated with a unique 256-bit signature. There are over 340 trillion trillion trillion different possible SmartKey combinations. To put this number in perspective, that’s more than the number grains of sand on Earth. That’s even more than the number of known stars in our universe. That’s over forty-five octillion possible SmartKeys for every man, woman and child on planet earth; So there are plenty to go around.

SmartKeys and Hierarchical Deterministic Wallets

Under the hood, the Ethos Universal Wallet is built on the BIP-32: Hierarchical Deterministic Wallet specification developed by the Bitcoin developer community. While many Bitcoin exchanges have been hacked, generally with phishing or database hacks, no one has yet to mathematically break or reverse engineer a BIP-32 wallet despite hundreds of billions of dollar equivalent as bait. The underlying algorithms have been battle-tested with trillions of dollars of transactions. In other words, its among the most secure cryptographic standards on earth.

Features

Ethos Universal Cryptocurrency Wallet and Smart Keys:

  • Generates an astronomically complex, and cryptographically secure key that prevents anyone from spending from your wallet.
  • Maps this key to a set of 24 words enabling you to restore your wallet easily.
  • Stores multiple types of digital assets including Bitcoin, Ethereum and ERC20 Tokens.

Conclusion

The Ethos Universal Cryptocurrency Wallet is designed for you to store and secure a wide variety of coins/tokens with a single Smart Key and backup-phrase. We leverage decades of cryptographic research in addition to widely used industry standards that enable the self-custody of your assets, as well as their safe transmission and backwards compatibility with popular devices such as the Ledger Nano S and Trezor hardware wallets.